By default, everyone can read the eventlog, except the Security
eventlog. To read the Security
eventlog the user must be a member of the administrator group. Access to different event logs are controlled by this registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog
You can edit the permissions of this registry key to limit or grant access to the remote eventlog.