Configuring Audit Policy

  1. Audit Policies must be configured for respective computers that require audit.

  2. Specific audit entries (SACLs) must be enabled for audit objects.

Configuring Audit Policy:

  1. What is an audit policy?

  2. Where should it be applied?

  3. How to configure audit policy?

  4. How to configure advanced audit policy?

What is an audit policy?

Audit Policies must be configured in any Active Directory environment; this ensures that relevant audit data are logged into the security logs of desired computers / domain controllers.  ADAudit Plus will be able to collect and report audit data only for audit policy enabled computers.

 

Where should it be applied?

 

To audit Active Directory - The Default Domain Controller policy must be configured.

To audit File Servers - Audit Policy must be configured for the specific File Servers from where audit data is required.

To audit Member Servers - Audit Policy must be configured for the specific Member Servers from where audit data is required.

 

How to Configure Audit Policy?

  1. Audit Configuration for Domain Controllers

  2. Audit Configuration for File Servers

  3. Audit Configuration for Member Servers

  4. Audit Configuration for Workstations

Copyright © 2020, ZOHO Corp. All Rights Reserved.
ManageEngine
Get download link