Events
Apr 29, 2 PM - Apr 30, 7 PM
Join the ultimate Windows Server virtual event April 29-30 for deep-dive technical sessions and live Q&A with Microsoft engineers.
Sign up nowauditpol
Displays information about and performs functions to manipulate audit policies, including:
Setting and querying a system audit policy.
Setting and querying a per-user audit policy.
Setting and querying auditing options.
Setting and querying the security descriptor used to delegate access to an audit policy.
Reporting or backing up an audit policy to a comma-separated value (CSV) text file.
Loading an audit policy from a CSV text file.
Configuring global resource SACLs.
auditpol command [<sub-command><options>]
| Sub-command | Description |
|---|---|
| /get | Displays the current audit policy. For more information, see auditpol get for syntax and options. |
| /set | Sets the audit policy. For more information, see auditpol set for syntax and options. |
| /list | Displays selectable policy elements. For more information, see auditpol list for syntax and options. |
| /backup | Saves the audit policy to a file. For more information, see auditpol backup for syntax and options. |
| /restore | Restores the audit policy from a file that was previously created by using auditpol /backup. For more information, see auditpol restore for syntax and options. |
| /clear | Clears the audit policy. For more information, see auditpol clear for syntax and options. |
| /remove | Removes all per-user audit policy settings and disables all system audit policy settings. For more information, see auditpol remove for syntax and options. |
| /resourceSACL | Configures global resource system access control lists (SACLs). Note: Applies only to Windows 7 and Windows Server 2008 R2. For more information, see auditpol resourceSACL. |
| /? | Displays help at the command prompt. |