Manage auditing and security log

Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment


Determines which users can specify object access auditing options for individual resources such as files, Active Directory objects, and registry keys.

A user with this right can use the security tab in the security permission set editor's Properties dialog box to specify auditing options for the selected object.

This user right is defined in the Default Domain Controller Group Policy object (GPO) and in the local security policy of workstations and servers.

By default, only administrators have the privilege to manage auditing and the security log.

Note Image Note

This policy does not allow a user to specify that file and object access auditing be enabled in general. In order for such auditing to take place, the Audit object access setting under Audit Policies must be configured.

Audited events are viewed in the security log of the Event Viewer . A user with this policy can also view and clear the security log.