Archiving a Log File and Clearing Events

Since today's disk drives take up so little space and there are many different types of removable media, from floppy discs to CD-R recordable disks, you may never need to clear the events in a log file without first archiving the log file. Once you have archived a log file, you can then copy the archived file to removable media or include it in your normal backup schedule so that it is saved for a long period of time. Keep in mind that viruses and Trojan horses may take many months to either start causing problems or to draw attention! If you keep your log files archived, you may be able to use them (talk to your lawyers) to provide an audit trail that can help you identify how the system became infiltrated ...

Get Microsoft® Windows® XP Unleashed now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.