Displays information about and performs functions to manipulate audit policies.
For examples of how this command can be used, see the Examples section in each topic.
Auditpol command [<sub-command><options>]
|/get||Displays the current audit policy.
See Auditpol get for syntax and options.
|/set||Sets the audit policy.
See Auditpol set for syntax and options.
|/list||Displays selectable policy elements.
See Auditpol list for syntax and options.
|/backup||Saves the audit policy to a file.
See Auditpol backup for syntax and options.
|/restore||Restores the audit policy from a file that was previously created by using auditpol /backup.
See Auditpol restore for syntax and options.
|/clear||Clears the audit policy.
See Auditpol clear for syntax and options.
|/remove||Removes all per-user audit policy settings and disables all system audit policy settings.
See Auditpol remove for syntax and options.
|/resourceSACL||Configures global resource system access control lists (SACLs).
Note: Applies only to Windows 7 and Windows Server 2008 R2.See Auditpol resourceSACL.
|/?||Displays help at the command prompt.|
The audit policy command-line tool can be used to:
- Set and query a system audit policy.
- Set and query a per-user audit policy.
- Set and query auditing options.
- Set and query the security descriptor used to delegate access to an audit policy.
- Report or back up an audit policy to a comma-separated value (CSV) text file.
- Load an audit policy from a CSV text file.
- Configure global resource SACLs.
We'd love to hear your thoughts. Choose the type you'd like to provide:
Our feedback system is built on GitHub Issues. Read more on our blog.