September 22, 2008 at 6:45 am
have a problem with repeated LOGIN/LOGOUT security event records. I have heard that
this is something that can not be fixed. I have a s-service account that is used to logon
to SQL server and a Sharepoint server.
When I go into my event logs (security) I only have a few hours of records mostly filled up
with logon/logoff of a service account. I know the account has the right priveledge I have
many service accounts with local access to machines. This scenario of repeated attempts
works on the production machine as well as a test machine. So I know that this is not a
just one server problem anomaly. Attached is screen shot of the event log and continues
login/logout every second.
They say that this can not be fixed. But the SECURITY LEVEL on the event security logs can
be changed not to keep this all these records. Something along the line of modify the registry.
I just see it talking about, on goggling.
I honestly don't know where to go with this, If I can not fix this the problem. I'd rather at least
not have these things recorded, so it stops filling up the log every 2 hours. Not fixing the
problem is not as important as just not filling up my security event log.
Thanks
September 23, 2008 at 2:24 am
Not sure if this may help
In SSMS, R-click the SQL Server node, bring up properties, and select the security tab. You should see options to control login auditing, which is probably set to record both failed and successful attempts. If you change to (say) failed logins only you may be OK (if I've understood your post correctly).
You will have to re-start SQL server, though.
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply