Audit Policies
Audit policies are the basis for auditing events on a Windows Server 2012 system. Depending on the policies set, auditing might require a substantial amount of server resources in addition to those resources supporting the server’s functionality. Otherwise, it could potentially slow server performance. Also, collecting lots of information is only as good as the evaluation of the audit logs. In other words, if a lot of information is captured and a significant amount of effort is required to evaluate those audit logs, the whole purpose of auditing is not as effective. As a result, it is important to take the time to properly plan how the system will be audited. This allows the administrator to determine what needs to be audited, ...
Get Windows Server® 2012 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.