Event ID: 4719System audit policy was changed
System audit policy was changed. Subject: Security ID: %1 Account Name: %2 Account Domain: %3 Logon ID: %4 Audit Policy Change: Category: %5 Subcategory: %6 Subcategory GUID: %7 Changes: %8
This event generates when the computer's audit policy changes.
This event is always logged regardless of the "Audit Policy Change" sub-category setting.
Lookup Audit Policy Configuration Settings
C:\> AuditPol.exe /get /subcategory:"Audit Policy Change"
LEFT/RIGHT arrow keys for navigationBack to List