Information Technology Reference
In-Depth Information
Using the Registry
There are a large number of RAS-specific protocols, services, and events whose logging can be
enabled or disabled in the Registry. You can view a list of these keys beneath the following
Registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\
Once you select the desired item to log, enable it by navigating to the appropriate key and
modifying the
EnableConsoleTracing
and
EnableFileTracing
values. Each subkey has an iden-
tical structure.
For example, you can enable verbose logging of PPP events by modifying this key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PPP\]
"EnableConsoleTracing"=dword:1
"EnableFileTracing"=dword:1
Or you can enable verbose logging of EAP events by modifying this key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\RASEAP\]
"EnableConsoleTracing"=dword:1
"EnableFileTracing"=dword:1
How It Works
Under normal operating conditions, you really only need to record error and warning events.
However, two conditions mandate a higher level of logging:
Debugging:
You are experiencing configuration or connection problems and need to
view the details of connection events as a step in the troubleshooting process.
Security:
You suspect that unauthorized users are attempting to access your system; you
want to record all details as a means to record and block these connections.
If you enable verbose logging, pay close attention to the size of the log files on the disk.
They can quickly grow to fill the disk! Also, make certain to save log files in a format that you are
able to parse and put into a readable form, since log files can be extremely long and difficult
to follow.
See Also
Microsoft TechNet: “Log Parser 2.2” (
http://www.microsoft.com/technet/scriptcenter/
tools/logparser
). The Log Parser utility is designed to query text-based log files and generate
easy-to-read reports and tables.
4-9. Creating Remote Access Policies
Problem
You want to create a remote access policy to apply to users or security groups.
