Audit Policies

Audit policies are the basis for auditing events on a Windows Server 2012 system. Depending on the policies set, auditing might require a substantial amount of server resources in addition to those resources supporting the server’s functionality. Otherwise, it could potentially slow server performance. Also, collecting lots of information is only as good as the evaluation of the audit logs. In other words, if a lot of information is captured and a significant amount of effort is required to evaluate those audit logs, the whole purpose of auditing is not as effective. As a result, it is important to take the time to properly plan how the system will be audited. This allows the administrator to determine what needs to be audited, ...

Get Windows Server® 2012 Unleashed now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.