Logon-Logoff: Audit LogoffID: oval:gov.nist.usgcb.windowsseven:def:174 | Date: (C)2012-04-13 (M)2022-10-10 |
Class: COMPLIANCE | Family: windows |
This policy setting allows you to audit events generated by the closing of a logon session. These events occur on the computer that was accessed. For an interactive logoff the security audit event is generated on the computer that the user account logged on to.
If you configure this policy setting, an audit event is generated when a logon session is closed. Success audits record successful attempts to close sessions and Failure audits record unsuccessful attempts to close sessions.
If you do not configure this policy setting, no audit event is generated when a logon session is closed.
Volume: Low.
Default: Success.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\System Audit Policies\Logon-Logoff\Audit Logoff
(2) REG: INFO NOT AVAILABLE
Platform: |
Microsoft Windows 7 |