The Windows operating system allows you to monitor all the activities that take place on a PC. It is even possible log logins successful and/or unsuccessful and delete a user account if necessary. Therefore, you must know how to enable event auditing at logon with Windows 10. This tutorial shows you all the steps to achieve it.
What are the benefits of configuring event auditing?
There are many benefits that you can obtain by configure event auditing. In this regard, it is possible to add a higher level of account security or receive a notice of failed entries to your account. In this sense, a user can know if someone has accessed and used his PC.
The event authoring configuration allows you to have a account security record. In this regard, logon events are generated when a user attempts to authenticate on a local computer. Therefore, the event is saved in the local security log. It is important to mention that no events are created when a user logs out.
The activation of event auditing allows you to have a login control. In this way, the operating system will record all entries made on a computer. These types of logs are stored on the device for viewing in an action viewer that only works on the professional version of Windows.
Notice of failed entries to your account
It is possible to specify if you wish to obtain a notice of failed entries to your account. To do this, you’ll need to define policy settings. Therefore, an audit entry is produced every time an error occurs when logging on to a Windows computer.
How to configure login event auditing?
it’s possible configure event auditings login. To achieve this, you will need to open the Windows Control Panel and select the ‘System and Security’ section. Click on ‘Administrative Tools’ and select the ‘Local Policies’ folder. Next, tap the ‘Audit Policy’ folder.
Following this order of ideas, you will see a series of directives in the right area of the window. Locate the ‘Audit logon events’ option and right-click on it. Then, click on ‘Properties’ and check the ‘Error’ box so that all the errors on every login attempt.
Also, you can check the ‘OK’ box if you want them to be stored. login logs successful. Once you complete this step, click ‘OK’ for the changes to take effect. The ‘Audited’ setting will now be displayed next to the ‘Audit logon events’ policy. This means that the attribute has been enabled.
Where to view my recent activity with Windows 10?
Recent activity with Windows 10 can be viewed from the event viewer. In case you don’t know, Event Viewer is a setting option or administrative tool. This allows access to all the records that include the use of applicationsinstallation, security and system.
How to use your event viewer in Windows?
Windows provides information about the date and time an event is registered, its origin, an id and the category to which it belongs. It is even possible to use the event viewer in Windows to carry out different actions. About, users can create custom viewsopen saved records and filter particular records.
Also, from the event viewer, we can display the properties of each event, search for specific records, and attach tasks. In fact, the system allows you to copy selected event files or empty logs. You just have to click on Windows Logs and select a category to see the details of the events.
The details of each event will give you more clarity about the activities that are running on your PC. Sometimes, you will find that the system is logging errors and warnings. In such cases, it is desirable that take the id or error code and specifications about the origin. In this way, you will be able to find a solution in this regard.