AccountManagement_AuditSecurityGroupManagement

This policy setting allows you to audit events generated by changes to security groups such as the following: Security group is created, changed, or deleted. Member is added or removed from a security group. Group type is changed.

Audit Policy CSPMicrosoftLearn

./Device/Vendor/MSFT/Policy/Config/Audit/AccountManagement_AuditSecurityGroupManagement

Format: int Value: 1

Audit event on success.

YES

Audit Security Group Management