Export (0) Print
Expand All
ACE
ACL
SID
Expand Minimize

AUDIT_POLICY_INFORMATION structure

The AUDIT_POLICY_INFORMATION structure specifies a security event type and when to audit that type.

Syntax


typedef struct _AUDIT_POLICY_INFORMATION {
  GUID  AuditSubCategoryGuid;
  ULONG AuditingInformation;
  GUID  AuditCategoryGuid;
} AUDIT_POLICY_INFORMATION, *PAUDIT_POLICY_INFORMATION;

Members

AuditSubCategoryGuid

A GUID structure that specifies an audit subcategory.

AuditingInformation

A set of bit flags that specify the conditions under which the security event type specified by the AuditSubCategoryGuid and AuditCategoryGuid members are audited. The following values are defined.

Important  Note that the meaning of these values differs depending on which function is using this structure.

ValueMeaning
POLICY_AUDIT_EVENT_UNCHANGED
0x00000000

Do not change auditing options for the specified event type.

This value is valid for the AuditSetSystemPolicy and AuditQuerySystemPolicy functions.

POLICY_AUDIT_EVENT_SUCCESS
0x00000001

Audit successful occurrences of the specified event type.

This value is valid for the AuditSetSystemPolicy and AuditQuerySystemPolicy functions.

POLICY_AUDIT_EVENT_FAILURE
0x00000002

Audit failed attempts to cause the specified event type.

This value is valid for the AuditSetSystemPolicy and AuditQuerySystemPolicy functions.

POLICY_AUDIT_EVENT_NONE
0x00000004

Do not audit the specified event type.

This value is valid for the AuditSetSystemPolicy and AuditQuerySystemPolicy functions.

PER_USER_POLICY_UNCHANGED
0x00

Do not change auditing options for the specified event type.

This value is valid for the AuditSetPerUserPolicy and AuditQueryPerUserPolicy functions.

PER_USER_AUDIT_SUCCESS_INCLUDE
0x01

Audit successful occurrences of the specified event type.

This value is valid for the AuditSetPerUserPolicy and AuditQueryPerUserPolicy functions.

PER_USER_AUDIT_SUCCESS_EXCLUDE
0x02

Do not audit successful occurrences of the specified event type.

This value is valid for the AuditSetPerUserPolicy and AuditQueryPerUserPolicy functions.

PER_USER_AUDIT_FAILURE_INCLUDE
0x04

Audit failed attempts to cause the specified event type.

This value is valid for the AuditSetPerUserPolicy and AuditQueryPerUserPolicy functions.

PER_USER_AUDIT_FAILURE_EXCLUDE
0x08

Do not audit failed attempts to cause the specified event type.

This value is valid for the AuditSetPerUserPolicy and AuditQueryPerUserPolicy functions.

PER_USER_AUDIT_NONE
0x10

Do not audit the specified event type.

This value is valid for the AuditSetPerUserPolicy and AuditQueryPerUserPolicy functions.

 

AuditCategoryGuid

A GUID structure that specifies an audit-policy category.

Requirements

Minimum supported client

Windows Vista [desktop apps only]

Minimum supported server

Windows Server 2008 [desktop apps only]

Header

Ntsecapi.h

See also

AuditComputeEffectivePolicyBySid
AuditComputeEffectivePolicyByToken
AuditQueryPerUserPolicy
AuditQuerySystemPolicy
AuditSetPerUserPolicy
AuditSetSystemPolicy

 

 

Community Additions

ADD
Show:
© 2014 Microsoft