Windows 10 Security baseline - Audit settings on local machine

Question

I have applied in the Windows 10 Baseline security policy via Endpoint Manager in the cloud.
&nbsp;
The policy has successfully applied to the local Windows 10 Pro machine.
&nbsp;
It is my understanding that the setting under the baseline Audit section i.e. "Account Logon Audit Credential Validation (Device)&nbsp;" for example map to the following registry key:
&nbsp;

HKLM:\SOFTWARE\Microsoft\PolicyManager\current\device\Audit
&nbsp;
for example, key =&nbsp;AccountLogon_AuditCredentialValidation
&nbsp;
per -&nbsp;https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-audit#audit-accountlogon-auditcredentialvalidation
&nbsp;
However, I can't find these settings in the registry at all. What am I missing?
&nbsp;
Basically, what I'm trying to achieve is to verify on the local Win 10 Pro machine that the Windows 10 Baseline policy has indeed set all the values from the policy in the local machine. I'm current stuck on verifying that the baseline policies in the Audit sections are being applied successfully to the local workstation.
&nbsp;
Any assistance appreciated.
&nbsp;
Thanks

criss_t_w · Accepted Answer

run this from an elevated command prompt&nbsp;auditpol /get /category:*

Forum Discussion

Windows 10 Security baseline - Audit settings on local machine

1 Reply

Resources