|
|
|
|
By default, everyone can read the eventlog, except the Security eventlog. To read the Security eventlog the user must be a member of the administrator group. Access to different event logs are controlled by this registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog
You can edit the permissions of this registry key to limit or grant access to the remote eventlog.