Monitoring the creation or modification of objects gives you a way to track potential security problems, helps to ensure user accountability, and provides evidence in the event of a security breach.

The most common types of events to be audited are:

  • Access to objects, such as files and folders.

  • Management of user accounts and group accounts.

  • Users logging on to and logging off from the system.

This section contains: