amanzoor
asked on
audit logs server 2008
Hi, I have made a GPO to fetch logs (audit account logon event, audit logon events success, failure) under computer config, policies, windows settings, security settings, local policies, and connected this GPO to the default domain controllers OU on the AD, all DC are running server 2008 ent edition. After this I have enforced the policy to download, checked via gpresult /r, and can see the policy name. Now when I want to check these logs from computer, manage, diagnonstics, windows logs, security the logs are not there, even though many people have logged on and off. What am I missing?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks, still need help.
Basically I would like to start seeing (who is logged on and off, Account logons) from any client computer on the domain, considering the above audits have already been applied to my DCs, where I would go to check on who is actually logged on and off (account logons), which category under the DC I would check it, is there any other thing I need to enable? security events are not showing me any domain logons? with users credentials (domain\username)?