Event ID: 5145A network share object was checked to see whether client can be granted desired access.
A network share object was checked to see whether client can be granted desired access. Subject: Security ID: %1 Account Name: %2 Account Domain: %3 Logon ID: %4 Network Information: Object Type: %5 Source Address: %6 Source Port: %7 Share Information: Share Name: %8 Share Path: %9 Relative Target Name: %10 Access Request Information: Access Mask: %11 Accesses: %12 Access Check Results: %13
Enabling auditing on this subcategory will apply to all files, on all network shares, on all hosts to which this setting gets applied.
Volume: Medium High Very High
Volume is potentially very high on busy servers and domain controllers.
Lookup Audit Policy Configuration Settings
C:\> AuditPol.exe /get /subcategory:"Detailed File Share"
LEFT/RIGHT arrow keys for navigationBack to List