deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-23 02:37:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/device-security/auditing/basic-security-audit-policy-settings.md
Brian Lich 33c3fb2e74 New TOC for docs.microsoft.com
2017-04-19 14:12:47 -07:00

2.5 KiB
Raw Blame History

title, description, ms.assetid, ms.prod, ms.mktglfcycl, ms.sitesec, ms.pagetype, author
title description ms.assetid ms.prod ms.mktglfcycl ms.sitesec ms.pagetype author
Basic security audit policy settings (Windows 10) Basic security audit policy settings are found under Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy. 31C2C453-2CFC-4D9E-BC88-8CE1C1A8F900 w10 deploy library security brianlic-msft

Basic security audit policy settings

Applies to

  • Windows 10

Basic security audit policy settings are found under Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy.

In this section

Topic Description
Audit account logon events Determines whether to audit each instance of a user logging on to or logging off from another device in which this device is used to validate the account.
Audit account management Determines whether to audit each event of account management on a device.
Audit directory service access Determines whether to audit the event of a user accessing an Active Directory object that has its own system access control list (SACL) specified.
Audit logon events Determines whether to audit each instance of a user logging on to or logging off from a device.
Audit object access Determines whether to audit the event of a user accessing an object--for example, a file, folder, registry key, printer, and so forth--that has its own system access control list (SACL) specified.
Audit policy change Determines whether to audit every incident of a change to user rights assignment policies, audit policies, or trust policies.
Audit privilege use Determines whether to audit each instance of a user exercising a user right.
Audit process tracking Determines whether to audit detailed tracking information for events such as program activation, process exit, handle duplication, and indirect object access.
Audit system events Determines whether to audit when a user restarts or shuts down the computer or when an event occurs that affects either the system security or the security log.
 

Related topics