For audit reasons we have to save our domain controller security logs for yearly reviews. Obviously, the servers can't hold a year's worth of security logs. Even with the size set to the what MS considers the maximum safe size, we can't hold even a month's worth of log entries. Does anybody have any recommendations for a system that can pull log entries from the DCs for permanent storage and maybe even has a method to ease discovery during audits?
[link] [11 comments]