Auditing System Resources

Auditing is the best way to track what’s happening on your Windows Server 2008 systems. You can use auditing to collect information related to resource usage, such as file access, system logon, and system configuration changes. Any time an action occurs that you’ve configured for auditing, the action is written to the system’s security log, where it’s stored for your review. The security log is accessible from Event Viewer.

Note

For most auditing changes, you’ll need to be logged on using an account that’s a member of the Administrators group or be granted the Manage Auditing And Security Log right in Group Policy.

Setting Auditing Policies

Auditing policies are essential to ensure the security and integrity of your systems. ...

Get Windows Server® 2008 Administrator's Pocket Consultant now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Windows Server® 2008 Administrator's Pocket Consultant by William Stanek

Auditing System Resources

Note

Setting Auditing Policies

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly