Archiving Windows Event logs

WE have been troubleshooting issues with DRM, and had a need to view the event logs. We found that our event logs were overwriting themselves every hour, which didn’t help us when we needed to identify an issue that happened 4 hours before the errors started. So our solution was to set the Windows event logs to export and archive after they get to a certain size. Do the following to enable archiving of your event logs:


Start Event Viewer (Start -> Administrative Tools)

Right click on the log you want to archive and choose properties.

Select “archive the event log when full, do not overwrite events” and click OK.


The archived logs will now be stored in C:\Windows\System32\winevt\Logs. Just remember to periodically clean up this directory to avoid any disk space issues.

Good luck!


Add a Comment

Your email address will not be published. Required fields are marked *