Windows logon auditing: Everything you need to know in only 10 minutes [Free e-book]
User logon activity needs to be audited to meet various security, operational, and compliance requirements of an IT environment, such as:
Detecting suspicious activities like a high volume of logon failures.
Tracking the active and idle time spent by users at their workstations.
Maintaining a comprehensive audit trail of logons occurring across the domain and more.
So, it is imperative for administrators to audit logons. However, the process of auditing logons has a steep learning curve. We've put together an e-book to make it easier for you to get on top of the process.
In this free e-book, you'll learn about:
The difference between authentication and logons.
The auditing settings you need to configure to enable logging.
The 12 critical event IDs to keep track of.
Logon types, failure codes, and other event fields to keep an eye on.
How to overcome the limitations of native auditing.
Comments