Windows Server 2012 EventViewer Powershell Script error

windows powershell

This feels like a workaround, its too complicated for a simple and obvious security monitoring request but it works on w2012:

  • as an admin run regedit
  • nav to KEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog
  • right click on 'Security'
  • click Permissions
  • add a group (like 'Event Log Readers')
  • select the group you added
  • check Read under Allow
  • exit regedit and add this group to users who need access
  • these users will need to log out and back in to activate

Yes others have found this before me http://powerkb.se/?p=614

Related

Pointing Custom Domain to Server on Nginx
fastcgi_cache_path keys_zone=WPCACHE:2048m inactive=480m; disk size
Why my local DNS is not used?
why "php -i|grep php.ini" is not finding the correct path to php.ini?
The Transactional Log is Full
What changes with Kerberos authentication in IPv6 when everyone has a public IPv6 Address?
How to setup 2 URLs pointing to same location in Apache for Rails
Problem with cgi-bin directory
Using Nginx how do I redirect single URIs from http to https?
UFW Forwarding on Port 80 to port 3000 on Single VPS [duplicate]
HTTP proxy - expect 100 and authentication
postfix remote received header