2.2.3 Event Log Policies
There are three types of event log policies:
System log
Security log
Application log
The ABNF for each of them MUST be as follows.
-
Header = "[" HeaderValue "]" LineBreak HeaderValue = "System Log" / "Security Log" / "Application Log" Settings = Setting / Setting Settings Setting = Key Wsp "=" Wsp Value LineBreak Key = "MaximumLogSize" / "AuditLogRetentionPeriod" / "RetentionDays" / "RestrictGuestAccess" Value = 1*8DIGIT
The following table provides an explanation for each of the valid key values.
Note All numerical values are decimal unless explicitly specified otherwise, or unless preceded by 0x.
|
Setting key |
Explanation |
|---|---|
|
MaximumLogSize |
The log size, in kilobytes, MUST be less than or equal to this value. The value MUST be between 64 and 4194240. |
|
AuditLogRetentionPeriod |
Specifies the type of retention period to be applied to the specific log. The retention method MUST be one of the following:
Any other value is invalid. |
|
RetentionDays |
The number of days that System, Security, and Application log events MUST be retained before being overwritten by new events. Only valid if option AuditLogRetentionPeriod = 1. The value MUST be between 1 and 365. |
|
RestrictGuestAccess |
A flag that indicates whether or not users with Guest privileges can have access to System, Security, and Application logs.<3>
|