- Go to Local Security Policy/Group management policy.
- For Local Security Policy:
3. Go to "Local Policies" under "Security Settings" , select "Audit Policy":
4.Click on any of the events, say "Account Audit Logon":
5.Check "Success" and "Failures", then click "Apply"
6.Repeat the same for all the events.
For Group Policy Management, please refer to the link below:
https://www.lepide.com/blog/audit-successful-logon-logoff-and-failed-logons-in-activedirectory/