Moving Windows event log file locations
We were running out of space on the system drive on a server, so I decided to move the Event Logs to a different drive.
Originally, they’re located in the %SystemRoot%\System32\Config\ folder.
I made a new folder (d:\EventLog\) to put them in, then changed the registry keys for all of the event logs. The registry key for moving the event logs is:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog
Inside this key are folders for each event log (Application, etc…) and you’re looking for the File key. Change that to the new filename (d:\EventLog\app.evt). You’ll have to do this for each of the event log types. I had six, your mileage may vary. If you don’t know how to open the registry, you probably shouldn’t be doing this. Consider yourself warned.
