Configure log access This policy setting specifies to use the security descriptor for the log using the Security Descriptor Definition Language (SDDL) string. You cannot configure write permissions for this log. If you enable this policy setting, only those users whose security descriptor matches the configured specified value can access the log. If you disable or do not configure this policy setting, only system software and administrators can read or clear this log. (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Event Log Service\Security!Configure log access (2) WMI: ###