[ActiveDir] How large are your security logs on your DC's?

[David Adner]

We have auditing enabled on all our servers, with the Security log set to 
5MB on member servers.  We upped that number to 25MB on DC's because the 
log was filling so fast, then again to 50MB, but it's still only 
maintaining about 3-4 days worth of logs (we have it configured to prune as 
needed).  We have plenty of disk space, but I know the more we track, the 
harder it is to even open the log, especially remotely.  I'm curious how 
others have their logs setup.

We need to be able to track when users have logged on or off and when 
changes are made to policies and accounts.

The audit settings are (I'm doing this from memory; I'm not at work):

Account logon events    success/failure
Account management      success/failure
Logons          success/failure
Object access           none
Policy changes  success/failure
Privilege use           failure
Process tracking        none
System events           success/failure
List info   : http://www.activedir.org/mail_list.htm
List FAQ    : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/