I’ve found several sites that show how to set the file audit settings…but I haven’t had much luck finding any information about retrieving audit settings on a particular folder…
I’m trying to write a health check script that will verify certain file auditing is in place such as…
%systemroot% has audits set up for ‘failures’ on 'CreateFiles" for the ‘everyone’ user. I know how to set this up using:
But I’m unsure how to query a folder and get it’s audit settings for a particular user (almost ‘everyone’ user in my case).
Any help or tips would be greatly appreciated.