Detailed Tracking

Applies To: Windows 7, Windows Server 2008 R2

Detailed Tracking security policy settings and audit events can be used to monitor the activities of individual applications, to understand how a computer is being used, and the activities of users on that computer. This category includes the following subcategories:

• Audit DPAPI Activity

• Audit Process Creation

• Audit Process Termination

• Audit RPC Events

For more information about audit events that are generated by Detailed Tracking audit settings in Windows Server 2008 R2 and Windows 7, see Security Audit Events for Windows 7 and Windows Server 2008 R2 (https://go.microsoft.com/fwlink/?LinkId=157780).