Description
User account used for reading domain controller(s)’ event logs, should be a member of the domain administrator or of “Event log Readers” groups.
This article explains how to grant the user Event Log access permissions on Windows Server
Solution
1) Open up a groups policy management and start an administrative tools.
2) Expand the forest tree to locate default domain controllers policy.
3) Right-click on default domain controllers policy and select 'edit' to open up the editor window.
4) Under default domain controllers policy, expand the following tree: Computer Configuration à Policies à Windows Settings à Security Settings à Local Policies à User Rights Assignment
5) In the right part of the Window, locate and double-click 'manage auditing' and 'security log'.
6) In the new window, select the 'Add User' or 'Group' button and select 'Browse'.
7) Enter in the User name in to the lower box and select 'Check Names'. Select 'OK'.
8) Select 'OK' twice.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.