Audit system events This security setting determines whether to audit when a user restarts or shuts down the computer or when an event occurs that affects either the system security or the security log. If you define this policy setting, you can specify whether to audit successes, audit failures, or not audit the event type at all. Success audits generate an audit entry when a system event is executed successfully. Failure audits generate an audit entry when a system event is attempted unsuccessfully. To set this value to No auditing, in the Properties dialog box for this policy setting, select the Define these policy settings check box and clear the Success and Failure check boxes. Default: Success on domain controllers. No auditing on member servers.
Audit Policy Change: New Policy: Success Failure %3 %4 Logon/Logoff %5 %6 Object Access %7 %8 Privilege Use %13 %14 Account ...
Audit privilege use This security setting determines whether to audit each instance of a user exercising a user right. If ...
Audit process tracking This security setting determines whether to audit detailed tracking information for events such as ...
Audit Security Object changed: Primary User Name: %1 Primary Domain: %2 Primary Logon ID: %3 Client User Name: %4 Client ...
Audit system events This security setting determines whether to audit when a user restarts or shuts down the computer or ...
Audit: Audit the access of global system objects This security setting determines whether to audit the access of global system ...
Audit: Audit the use of Backup and Restore privilege This security setting determines whether to audit the use of all user ...
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings. Windows ...
Audit: Shut down system immediately if unable to log security audits This security setting determines whether the system ...