Backing up event logs
Windows Vista now lets you use Group Policy to configure event logs so they get backed up when they become full. To configure this using local Group Policy do the following:
1. Type gpedit.msc in the Start Search box and hit Enter.
2. Click Continue when the UAC prompt appears.
3. Navigate to the following policy location:
Computer Configuration\Administrative Templates\Windows Components\Event Log Service
4. Look under Application, Security, Setup or System to configure settings for the log desired.
5. Enable the following policy setting:
Back up log automatically when full
Note that you should also disable the following policy if you are going to configure the above setting:
Retain old events
If you do this, then when the event log becomes full, the event log file is closed by Vista, renamed, and a new event log file is created.
Mitch Tulloch, MVP