From the course: Windows Server 2016: Manage, Monitor, and Maintain Servers
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Managing security auditing - Windows Server Tutorial
From the course: Windows Server 2016: Manage, Monitor, and Maintain Servers
Managing security auditing
- [Instructor] So far this chapter has been about events that are collected and reported because Windows thought they were significant and we chose to use filters to decide which ones we wanted to see. The security log is a little different in that we get to decide what information is collected. It's also different in that it doesn't include information warnings and errors, it keeps a list of successful and/or failed attempts to access secure resources. There are some events that Windows is configured to audit by default, such as on this screen we can see logging on and logging off. There are other features that we can choose to add to this list. But we can take a quick scroll through here and we see all of these successful logins and log-offs and at one point as we go down the list, we'll see failed attempts to login to the server. These are events that you might want to take a closer look at. For example, we see that there was a failed attempt to log in. If we expand this area, we…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.