Share via

The security log is now full (Windows 11 Only)

Anonymous
2022-12-20T07:02:25+00:00

Hi all,

Need your help, all devices that i monitor using windows 11 will hit the error (The security log is now full - Event ID 1104.) Need your advise for solve this problem

Temporary solution

  • I clear log and overwrite in event viewer but still happen back on the next day.

Thanks.

Windows for home | Windows 11 | Accounts, profiles, and login

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

64 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2022-12-20T07:59:32+00:00

    Hi Muhammad,

    Good day! I’m Jhakesong and I'll try to help you today.

    Give this Event Viewer settings a try and see if it helps. This should avoid the Security log cache being full.

    1. Launch Event Viewer
    2. Expand Windows Logs
    3. Click Security
    4. Look under Actions (Right side portion of the window)
    5. Click Properties
    6. At the very bottom, Under "when maximum event log size is reached", Select Overwrite events as needed (oldest events first)
    7. Click Apply and click Okay.
    8. Check if the issue still persists

    Let me know how it goes. Have a great day!

    30+ people found this answer helpful.
    0 comments
  2. Anonymous
    2023-01-19T13:42:56+00:00

    I agree; this is STILL an issue. I have implemented 50 Brand New Lenovo P360 PC's with Windows 11 after running ALL updates i get the same exact issue here...Event ID 1104 and I have to reset the darn overwrite EVERYDAY!!! What is the fix Microsoft???

    10+ people found this answer helpful.
    0 comments
  3. Anonymous
    2023-02-20T11:46:48+00:00

    Hi, All,

    From what I can tell, the chrome team thinks this is a microsoft issue and the microsoft team thinks this is a chrome issue. aka 'going to take a long time to resolve'. This dynamic means that Microsoft & Google together are creating an alley with no security logging on our company windows machines.

    I have been slowly deriving what logging I have to turn off in order to keep our company laptops' security logs from filling up.

    Originally: 40MB log files would fill up on computer startup, and then we'd have no security logging at all...unacceptable.

    1. I turned off Group Policy to 'audit privilege use'. After this change, logs took 4 hours to fill up.
    2. I turned off Group Policy to 'audit policy changes'. After this change, logs look like they will fill up in about 10 days.

    Logging these two items is required to achieve DoD security certification, so we're taking a hit here. But having no security logging is worse than incomplete ones.

    Our standard is 365 days of logs, so I'll probably keep experimenting with a combination of reducing logging, increasing the log file size, and I may have to introduce a log shipping solution (the latter would be good for our security architecture anyway...)

    6 people found this answer helpful.
    0 comments
  4. Anonymous
    2022-12-20T11:08:06+00:00

    Thanks for the Respond Mr. JhakeSong.

    For this solution, I'm already trying to do this solution but after the next day, it happens again . Is it have any solution to fix this issue?

    Thanks.

    6 people found this answer helpful.
    0 comments
  5. Anonymous
    2023-01-18T14:44:36+00:00

    I've had this start happening since early December. It has now touched 14 clients. a Permanant solution would be nice. The last solution doesn't save any changes (Overwrite events as needed), and a complete new install doesn't fix the issue either.

    5 people found this answer helpful.
    0 comments