I've just spent about 2 hours messing about figuring out how to give non-admin users access over the network to the Event Logs on a Windows Server 2003 SP2 server. What fun hours they were too! Since I might never find this again, I thought I would report it...
This will allow Authenticated Users to read the Application and System logs - it is possible to put an AD SID instead of 'AU' to make it a lot more tied down.
Just enter the text '(A;;0x1;;;AU)' to the end of the string value 'CustomSD' in the following keys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System
Labels: Event Viewer, Server 2003