<div>
<div class="content wysiwyg-content">
I need to setup auditing on a specific folder hosted on a Windows Server 2012.<br />
<br />
I first setup auditing policy using GPO (within security policy), then I configured the audit settings on the required folder.<br />
<br />
What I don't understand, is once I configure the policy, the server security log rapidly fills in with many events recording access to objects such as C:\Windows\System32\UIAuto<wbr />mationCore<wbr />Res.dll, and so on. Shouldn't that happen only after I configure audit setting on the required folder ?<br />
<br />
Thanks!
</div>
</div>


I need to setup auditing on a specific folder hosted on a Windows Server 2012.

I first setup auditing policy using GPO (within security policy), then I configured the audit settings on the required folder.

What I don't understand, is once I configure the policy, the server security log rapidly fills in with many events recording access to objects such as C:\Windows\System32\UIAutomationCoreRes.dll, and so on. Shouldn't that happen only after I configure audit setting on the required folder ?

Thanks!

Question about setting up audit for specific folder

This topic area includes legacy versions of Windows prior to Windows 2000: Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions including Windows Mobile.

Windows OS

Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.