Audit Policy Change: New Policy: Success Failure %3 %4 Logon/Logoff %5 %6 Object Access %7 %8 Privilege Use %13 %14 Account ...

Windows Server 2008

Audit Policy Change:
 New Policy:
 	Success	Failure
 	    %3	    %4	Logon/Logoff
 	    %5	    %6	Object Access
 	    %7	    %8	Privilege Use
 	    %13	    %14	Account Management
 	    %11	    %12	Policy Change
 	    %1	    %2	System
 	    %9	    %10	Detailed Tracking
 	    %15	    %16	Directory Service Access
 	    %17	    %18	Account Logon

 Changed By:
 	  User Name:	%19
 	  Domain Name:	%20
 	  Logon ID:	%21

Audit directory service access This security setting determines whether to audit the event of a user accessing an Active ... Audit logon events This security setting determines whether to audit each instance of a user logging on to or logging off ... Audit object access This security setting determines whether to audit the event of a user accessing an object for example, ... Audit policy change This security setting determines whether to audit every incident of a change to user rights assignment ... Audit Policy Change: New Policy: Success Failure %3 %4 Logon/Logoff %5 %6 Object Access %7 %8 Privilege Use %13 %14 Account ... Audit privilege use This security setting determines whether to audit each instance of a user exercising a user right. If ... Audit process tracking This security setting determines whether to audit detailed tracking information for events such as ... Audit Security Object changed: Primary User Name: %1 Primary Domain: %2 Primary Logon ID: %3 Client User Name: %4 Client ... Audit system events This security setting determines whether to audit when a user restarts or shuts down the computer or ...