Audit process tracking This security setting determines whether to audit detailed tracking information for events such as program activation, process exit, handle duplication, and indirect object access. If you define this policy setting, you can specify whether to audit successes, audit failures, or not audit the event type at all. Success audits generate an audit entry when the process being tracked succeeds. Failure audits generate an audit entry when the process being tracked fails. To set this value to No auditing, in the Properties dialog box for this policy setting, select the Define these policy settings check box and clear the Success and Failure check boxes. Default: No auditing
Audit object access This security setting determines whether to audit the event of a user accessing an object for example, ...
Audit policy change This security setting determines whether to audit every incident of a change to user rights assignment ...
Audit Policy Change: New Policy: Success Failure %3 %4 Logon/Logoff %5 %6 Object Access %7 %8 Privilege Use %13 %14 Account ...
Audit privilege use This security setting determines whether to audit each instance of a user exercising a user right. If ...
Audit process tracking This security setting determines whether to audit detailed tracking information for events such as ...
Audit Security Object changed: Primary User Name: %1 Primary Domain: %2 Primary Logon ID: %3 Client User Name: %4 Client ...
Audit system events This security setting determines whether to audit when a user restarts or shuts down the computer or ...
Audit: Audit the access of global system objects This security setting determines whether to audit the access of global system ...
Audit: Audit the use of Backup and Restore privilege This security setting determines whether to audit the use of all user ...