Hi Moss, Thanks for posting in Microsoft TechNet forums. Here is an article which might be useful to you: Advanced Security Audit Policy Step-by-Step Guide http://technet.microsoft.com/en-us/library/dd408940(v=ws.10).aspx Regards Kevin

I need to minimize what is being audited for my Security Logs. I am required to keep the Audit Logs for a very long time, and they are just too big. I have 4 servers running Server 2008R2 and I am getting about 4GB of Audit Logs PER SERVER every two weeks. I know I can change a few things via the GPMC Computer Config -> Windows Settings -> Security Settings -> Local Policies -> Audit Policy I was hoping there was a more specific means of picking what I want to audit as 4GB every two weeks is unacceptable. Thanks, -Moss