We just setup a new GPO and enabled auditing on a couple of our servers. My question really is how do I verify/test this is working properly. We wanted to document/audit when certain changes occur on the network such as; modification of folders, who logs onto one of these servers and the normal auditing in general. As a test, I wanted to login to each server, but don't know where I would view/verify each server log in order to make sure this auting is correct.
Lastly, even if auditing is correct, is there a way to get even more granular? There is one 2003 server and one 2008 R2 server.