Home Library Learn Samples Downloads Support Community Forums
MSDN Library
Windows Desktop App Development
Develop
Desktop App Technologies
Security and Identity
Authorization
Authorization Reference
Authorization Structures
ACCESS_ALLOWED_ACE
ACCESS_ALLOWED_CALLBACK_ACE
ACCESS_ALLOWED_CALLBACK_OBJECT_ACE
ACCESS_ALLOWED_OBJECT_ACE
ACCESS_DENIED_ACE
ACCESS_DENIED_CALLBACK_ACE
ACCESS_DENIED_CALLBACK_OBJECT_ACE
ACCESS_DENIED_OBJECT_ACE
ACE
ACE_HEADER
ACL
ACL_REVISION_INFORMATION
ACL_SIZE_INFORMATION
AUDIT_POLICY_INFORMATION
AUTHZ_ACCESS_REPLY
AUTHZ_ACCESS_REQUEST
AUTHZ_INIT_INFO
AUTHZ_REGISTRATION_OBJECT_TYPE_NAME_OFFSET
AUTHZ_RPC_INIT_INFO_CLIENT
AUTHZ_SECURITY_ATTRIBUTE_FQBN_VALUE
AUTHZ_SECURITY_ATTRIBUTE_OCTET_STRING_VALUE
AUTHZ_SECURITY_ATTRIBUTE_V1
AUTHZ_SECURITY_ATTRIBUTES_INFORMATION
AUTHZ_SOURCE_SCHEMA_REGISTRATION
CLAIM_SECURITY_ATTRIBUTE_FQBN_VALUE
CLAIM_SECURITY_ATTRIBUTE_OCTET_STRING_VALUE
CLAIM_SECURITY_ATTRIBUTE_RELATIVE_V1
CLAIM_SECURITY_ATTRIBUTE_V1
CLAIM_SECURITY_ATTRIBUTES_INFORMATION
EFFPERM_RESULT_LIST
EXPLICIT_ACCESS
GENERIC_MAPPING
INHERITED_FROM
LUID
LUID_AND_ATTRIBUTES
OBJECT_TYPE_LIST
OBJECTS_AND_NAME
OBJECTS_AND_SID
POLICY_AUDIT_SID_ARRAY
PRIVILEGE_SET
SECURITY_ATTRIBUTES
SECURITY_CAPABILITIES
SECURITY_DESCRIPTOR
SECURITY_OBJECT
SECURITY_QUALITY_OF_SERVICE
SI_ACCESS
SI_INHERIT_TYPE
SI_OBJECT_INFO
SID
SID_AND_ATTRIBUTES
SID_AND_ATTRIBUTES_HASH
SID_IDENTIFIER_AUTHORITY
SID_INFO
SID_INFO_LIST
SYSTEM_ALARM_ACE
SYSTEM_ALARM_CALLBACK_ACE
SYSTEM_ALARM_CALLBACK_OBJECT_ACE
SYSTEM_ALARM_OBJECT_ACE
SYSTEM_AUDIT_ACE
SYSTEM_AUDIT_CALLBACK_ACE
SYSTEM_AUDIT_CALLBACK_OBJECT_ACE
SYSTEM_AUDIT_OBJECT_ACE
SYSTEM_MANDATORY_LABEL_ACE
SYSTEM_RESOURCE_ATTRIBUTE_ACE
SYSTEM_SCOPED_POLICY_ID_ACE
TOKEN_ACCESS_INFORMATION
TOKEN_APPCONTAINER_INFORMATION
TOKEN_AUDIT_POLICY
TOKEN_CONTROL
TOKEN_DEFAULT_DACL
TOKEN_DEVICE_CLAIMS
TOKEN_ELEVATION
TOKEN_GROUPS
TOKEN_GROUPS_AND_PRIVILEGES
TOKEN_LINKED_TOKEN
TOKEN_MANDATORY_LABEL
TOKEN_MANDATORY_POLICY
TOKEN_ORIGIN
TOKEN_OWNER
TOKEN_PRIMARY_GROUP
TOKEN_PRIVILEGES
TOKEN_SOURCE
TOKEN_STATISTICS
TOKEN_USER
TOKEN_USER_CLAIMS
TRUSTEE
Expand Minimize
This topic has not yet been rated - Rate this topic

AUDIT_POLICY_INFORMATION structure

The AUDIT_POLICY_INFORMATION structure specifies a security event type and when to audit that type.

Syntax

C++
Copy 

typedef struct _AUDIT_POLICY_INFORMATION {
  GUID  AuditSubCategoryGuid;
  ULONG AuditingInformation;
  GUID  AuditCategoryGuid;
} AUDIT_POLICY_INFORMATION, *PAUDIT_POLICY_INFORMATION;

Members

AuditSubCategoryGuid

A GUID structure that specifies an audit subcategory.

AuditingInformation

A set of bit flags that specify the conditions under which the security event type specified by the AuditSubCategoryGuid and AuditCategoryGuid members are audited. The following values are defined.

Important  Note that the meaning of these values differs depending on which function is using this structure.

ValueMeaning
POLICY_AUDIT_EVENT_UNCHANGED
0x00000000

Do not change auditing options for the specified event type.

This value is valid for the AuditSetSystemPolicy and AuditQuerySystemPolicy functions.

POLICY_AUDIT_EVENT_SUCCESS
0x00000001

Audit successful occurrences of the specified event type.

This value is valid for the AuditSetSystemPolicy and AuditQuerySystemPolicy functions.

POLICY_AUDIT_EVENT_FAILURE
0x00000002

Audit failed attempts to cause the specified event type.

This value is valid for the AuditSetSystemPolicy and AuditQuerySystemPolicy functions.

POLICY_AUDIT_EVENT_NONE
0x00000004

Do not audit the specified event type.

This value is valid for the AuditSetSystemPolicy and AuditQuerySystemPolicy functions.

PER_USER_POLICY_UNCHANGED
0x00

Do not change auditing options for the specified event type.

This value is valid for the AuditSetPerUserPolicy and AuditQueryPerUserPolicy functions.

PER_USER_AUDIT_SUCCESS_INCLUDE
0x01

Audit successful occurrences of the specified event type.

This value is valid for the AuditSetPerUserPolicy and AuditQueryPerUserPolicy functions.

PER_USER_AUDIT_SUCCESS_EXCLUDE
0x02

Do not audit successful occurrences of the specified event type.

This value is valid for the AuditSetPerUserPolicy and AuditQueryPerUserPolicy functions.

PER_USER_AUDIT_FAILURE_INCLUDE
0x04

Audit failed attempts to cause the specified event type.

This value is valid for the AuditSetPerUserPolicy and AuditQueryPerUserPolicy functions.

PER_USER_AUDIT_FAILURE_EXCLUDE
0x08

Do not audit failed attempts to cause the specified event type.

This value is valid for the AuditSetPerUserPolicy and AuditQueryPerUserPolicy functions.

PER_USER_AUDIT_NONE
0x10

Do not audit the specified event type.

This value is valid for the AuditSetPerUserPolicy and AuditQueryPerUserPolicy functions.

 

AuditCategoryGuid

A GUID structure that specifies an audit-policy category.

Requirements

Minimum supported client

Windows Vista [desktop apps only]

Minimum supported server

Windows Server 2008 [desktop apps only]

Header
Ntsecapi.h

See also

AuditComputeEffectivePolicyBySid
AuditComputeEffectivePolicyByToken
AuditQueryPerUserPolicy
AuditQuerySystemPolicy
AuditSetPerUserPolicy
AuditSetSystemPolicy

 

 

Send comments about this topic to Microsoft

Build date: 10/26/2012

Did you find this helpful?
(1500 characters remaining)

Community Additions

ADD
© 2013 Microsoft. All rights reserved.