Logon
|
Audit events generated by user account logon attempts on a computer.
|
Logoff
|
Audit events generated by closing a logon session. These events occur on the computer that was accessed. For an interactive logon, the security audit event is generated on the computer that the user account logged on to.
|
Account Lockout
|
Audit events generated by a failed attempt to log on to an account that is locked out.
|
IPsec Main Mode
|
Audit events generated by Internet Key Exchange protocol (IKE) and Authenticated Internet Protocol (AuthIP) during Main Mode negotiations.
|
IPsec Quick Mode
|
Audit events generated by Internet Key Exchange protocol (IKE) and Authenticated Internet Protocol (AuthIP) during Quick Mode negotiations.
|
IPsec Extended Mode
|
Audit events generated by Internet Key Exchange protocol (IKE) and Authenticated Internet Protocol (AuthIP) during Extended Mode negotiations.
|
Special Logon
|
Audit events generated by special logons.
|
Other Logon/Logoff Events
|
Audit other events related to logon and logoff that are not included in the Logon/Logoff category.
|
Network Policy Server
|
Audit events generated by RADIUS (IAS) and Network Access Protection (NAP) user access requests. These requests can be Grant, Deny, Discard, Quarantine, Lock, and Unlock.
|
