Verifying Microsoft Advanced Audit Policy Configurations

Starting in Windows 7 and Windows Server 2008 R2, Microsoft introduced sub-category configuration audit policies.  This provides administrators with added granularity when deciding which event logs are necessary to be logged.  More on  Advanced Audit Policies can be found here: [more]

The following command will pull the configuration for all of the new advanced security audit policies:

audipol /get /category:*