file audit question

My goal is to have a failed security log to post in the event viewer when someone tries to access a folder or file they do not have access to.  I enabled 'failed' file audits for the 'everyone' group.  I set the option 'List/Folder Read Data'.  Shouldn't this simply place an entry in my security log when someone is denied access to a folder or file?  I'm getting all kind of failed security logs when people are successfully accessing files.  Why is it logging successful attempts to files and folders?

thanks
gopher_49Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Jay_Jay70Connect With a Mentor Commented:
you need to enable auditing in GPO as well as on individual folders that you want to audit...
0
 
gopher_49Author Commented:
When you say 'enable auditing in GPO', do you mean 'policy auditing'???
0
 
Jay_Jay70Commented:
i mean enable auditing (object access, account access etc) in group policy
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.