17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure' (Automated)
ObjectAccess_AuditDetailedFileShare
This policy setting allows you to audit attempts to access files and folders on a shared folder. The Detailed File Share setting logs an event every time a file or folder is accessed, whereas the File Share setting only records one event for any connection established between a client and file share. Detailed File Share audit events include detailed information about the permissions or other criteria used to grant or deny access.
./Device/Vendor/MSFT/Policy/Config/Audit/AccountLogon_AuditCredentialValidation
Format: int Value: 2
Audit event on failure.
YES
Auditing
Audit Detailed File Share
Previous17.6 Object AccessNext17.6.2 (L1) Ensure 'Audit File Share' is set to 'Success and Failure' (Automated)
Last updated