![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 83%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPA%3C/text%3E%3C/svg%3E)
28,661 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hello,
Thank you for posting in Microsoft Q&A.
Based on the description, I understand your question is related to event log.
AuditLogRetentionPeriod:
0: Overwrite events as needed. This means that when the log reaches its maximum size, the oldest events will be overwritten by new events.
1: Overwrite events as specified by the RetentionDays entry. This means that events will be retained for a specific number of days before being overwritten.
2: Never overwrite events. This means that events will not be overwritten, and the log must be cleared manually when it reaches its maximum size.
RetentionDays: the number of days that events in the System, Security, and Application logs must be retained before being overwritten.
Have a nice day.
Best Regards,
Molly
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it