I have been asked to create an audit trial for an active directory user account.
I used a specific OU and created granular GPO for full auditing applying it to that account.
I would like to report activity with that account keeping the following in mind:
1. The name of that account is a subset of many others so it is hard to search for with the large quantity of events that exists in out enviorment.
2. Is there a audit reporting tool that will simplify this proccess
3. If other accounts are in need of monitoring is it a difficult proccess to maintain?