<P> The Security Log, in Microsoft Windows, is a log that contains records of login / logout activity or other security - related events specified by the system's audit policy . Auditing allows administrators to configure Windows to record operating system activity in the Security Log . The Security Log is one of three logs viewable under Event Viewer . Local Security Authority Subsystem Service writes events to the log . The Security Log is one of the primary tools used by Administrators to detect and investigate attempted and successful unauthorized activity and to troubleshoot problems; Microsoft describes it as "Your Best and Last Defense". The log and the audit policies that govern it are also favorite targets of hackers and rogue system administrators seeking to cover their tracks before and after committing unauthorized activity . </P> <P> If the audit policy is set to record logins, a successful login results in the user's user name and computer name being logged as well as the user name they are logging into . Depending on the version of Windows and the method of login, the IP address may or may not be recorded . Windows 2000 Web Server, for instance, does not log IP addresses for successful logins, but Windows Server 2003 includes this capability . The categories of events that can be logged are: </P> <Ul> <Li> Account logon events </Li> <Li> Account management </Li> <Li> Directory service access </Li> <Li> Logon events </Li> <Li> Object access </Li> <Li> Policy change </Li> <Li> Privilege use </Li> <Li> Process tracking </Li> <Li> System events </Li> </Ul> <Li> Account logon events </Li>

What can be audited using the windows security auditing feature
find me the text answering this question