Before you start creating a monitoring plan to audit your Windows servers (including DNS and DHCP servers), plan for the account that will be used for data collection – it should meet the requirements listed below. Then you will provide this account in the monitoring plan wizard.
On the target servers:
- The Manage auditing and security log policy must be defined for this account. See Configuring 'Manage Auditing and Security Log' Policy
This account must be a member of the local Administrators group.