Monitoring the creation or modification of objects gives you a way to track potential security problems, helps to ensure user accountability, and provides evidence in the event of a security breach.
The most common types of events to be audited are:
-
Access to objects, such as files and folders.
-
Management of user accounts and group accounts.
-
Users logging on to and logging off from the system.
This section contains: