This policy setting determines what information is logged in security audit events when a new process has been created. This ...

Windows 10

This policy setting determines what information is logged in security audit events when a new process has been created.

This setting only applies when the Audit Process Creation policy is enabled. If you enable this policy setting the command line information for every process will be logged in plain text in the security event log as part of the Audit Process Creation event 4688, "a new process has been created," on the workstations and servers on which this policy setting is applied.

If you disable or do not configure this policy setting, the process's command line information will not be included in Audit Process Creation events.

Default: Not configured

Note: When this policy setting is enabled, any user with access to read the security events will be able to read the command line arguments for any successfully created process. Command line arguments can contain sensitive or private information such as passwords or user data.

This policy setting determines the level that Microsoft can experiment with the product to study user preferences or device ... This policy setting determines the maximum retry interval allowed when applications performing periodic searches for Domain ... This policy setting determines the permitted list of hosts that can submit a query to the Simple Network Management (SNMP) ... This policy setting determines the priority order of ECC curves used with ECDHE cipher suites. If you enable this policy ... This policy setting determines what information is logged in security audit events when a new process has been created. This ... This policy setting determines when a successful DC cache entry is refreshed. This policy setting is applied to caller programs ... This policy setting determines when a successful DC cache entry is refreshed. This policy setting is applied to caller programs ... This policy setting determines when disk quota policies are updated. This policy setting affects all policies that use the ... This policy setting determines when encryption policies are updated. This policy setting affects all policies that use the ...