Audit Users

 

IT Asset Tool can monitor access to the Users Event. It is important to maintain the security of the server and the client. The audit must be done after setting the login / logout event log by means of a GPO. (See F.A.Q.

IT Asset Tool can monitor and log user access. The audit must be done after setting up the log of login/logout events by means of a GPO. (see F.A.Q.)

IT Asset Tool detects the following events in each monitored system.

IdDescription
528Successful Logon
529Logon Failure - Unknown user name or bad password
538User Logoff
551User initiated logoff
644User Account Locked Out
4624An account was successfully logged on
4625An account failed to log on
4634An account was logged off
4647User initiated logoff
4720A user account was created
4722A user account was enabled
4723An attempt was made to change an account's password
4724An attempt was made to reset an account's password
4725A user account was disabled
4726A user account was deleted
4727A security-enabled global group was created
4728A member was added to a security-enabled global group
4729A member was removed from a security-enabled global group
4730A security-enabled global group was deleted
4740An account was successfully logged on
4767A user account was unlocked

 

  When filtering reports, it is possible to insert such administrator users from the "Config" menu:

Monitor accessi utenti admin

 

The audit Users can be done by inserting the new optional parameter "admin" follow the client guide  or in the case of an agent less installation the configuration is done in fully automatic mode thanks to the initial Wizard.

 

 

Windows Security Audit and Log of Admin Users Access.