Home
Topics
Windows desktop operating systems
Windows legacy operating systems
Will turning on Registry Auditing affect performance?

Ask the Expert

Will turning on Registry Auditing affect performance?

Would there be a big performance "hit" on Windows NT CPU processing, or the use of lots of disk space for creating audit records, if we turn on Registry Auditing for the following keys on DC's with numerous users:

HKEY_LOCAL_MACHINESystemCurrentControlSetControlLsa

HKEY_LOCAL_MACHINESystemCurentControl
SetControlSecurityProviders

HKEY_LOCAL_MACHINESoftwareMicrosoft
WindowsNTCurrentVersionWinlogon

Audit success and failure for Group
Everyone.

Audit access types:
Set Value
Create Subkey
Create Link
Delete
Write DAC

Turning auditing on the Registry is a great idea -- it allows you to record the activity on the various areas in the Registry. However, extensive logging can definitely show down the system. This is because it takes some of the computer resources to write the information to the registry files. I knew someone who turned all auditing for the Registry, including when Windows ran in normal operation. This pretty much locking him out of doing any work (a weird Denial of Service!).

In your case, you are looking at only certain activity on the Registry -- mainly to see if anyone has changed the value. Based on the keys you are auditing, I would not suspect a lot of activity.

More News and Tutorials

Articles

Related glossary terms

Terms for Whatis.com - the technology online dictionary

This was first published in November 2001

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

Back to top

More from Related TechTarget Sites

Virtual Desktop
Windows Server
Windows IT
Exchange

Virtual Desktop
- Taking advantage of VM snapshots in a virtual desktop environment
  
  With VM snapshots, you can make one desktop VM into many. Just watch out for performance when snapshotting in a virtual desktop environment.
- Planning and managing virtual desktop pools
  
  Virtual desktop pools make management easier, but you have to plan for them and remember that the way you create pools depends on your VDI platform.
- Bromium vSentry 2.0 focuses on collaboration and mobility
  
  Bromium's vSentry for desktop security now adds more secure connections over untrusted Wi-Fi and better collaboration capabilities.
Windows Server
- Office, 32-bit Windows fixes included in Patch Tuesday update
  
  Microsoft offered five bulletins in June's Patch Tuesday updates, with 19-vulnerability critical Internet Explorer patch and Windows Server 2008 fixes.
- Q&A: Anderson talks BYOD management in Windows Server 2012 R2
  
  Microsoft's Brad Anderson talks about changes to expect in Windows Server 2012 R2 features, including some to security and enterprise mobility.
- Q&A: Microsoft's Brad Anderson talks Windows Server 2012 R2
  
  Microsoft's Brad Anderson discusses new features in Windows Server 2012, including a faster update cycle and cross-platform integration.
Windows IT
- SharePoint 2013 features: what's new, what's changed and what's gone
  
  Some existing SharePoint features were replaced or dropped in SharePoint 2013. Here's how to work through the changes.
- Prevent hacking in your enterprise with these nine easy steps
  
  There are no foolproof ways to completely stop hacking in an enterprise, but follow these proven and common sense methods to reduce your risk.
- How to advance your cloud skills and get ahead of the gap
  
  There may be a growing shortage of IT pros with cloud skills, but you can take action now and become a valuable asset with the right skills.
Exchange
- Spotlight on top new Exchange 2013 features
  
  There are several new Exchange 2013 features that should interest those debating an upgrade. We examine several standouts and how to work with them.
- How to modify OWA 2013 to support Microsoft Lync
  
  Properly modifying OWA 2013 is necessary to allow users Lync functionality such as instant messaging and presence. We offer the necessary steps here.
- Block badly behaving Exchange ActiveSync devices in Exchange 2013
  
  Misbehaving Exchange ActiveSync devices can put a serious strain on your environment. Take control with new auto-block thresholds in Exchange 2013.

All Rights Reserved,Copyright 2008 - 2013, TechTarget