i have recently enable the AD Auditing at Domain level in my org to monitor the activity. i have enabled the following options under computer configuriton--->windows Setting> security Settings----> advance audit policy---- Audit Polices.
1- DS-- Audit Directory Service changes.
2- audit computer account management
3-audit dist Group Management
4- Audit Security Group Management.
and couple of other options, I have created the costume view and to record the security event for this. But unfortunately I can see from last few days nothing is record for event IR 4728 4729 on so on, which worried me if I am missing any key Steps to enable this.
Please can any one help and guide me best practice to enable AD aduite and record in event view for Auditing, and how I can set up to recoved Security, appliaciotn event on different drive or locaiton.