Open the Run window by pressing the key combination Win+R.
In the opened window, type secpol.msc and click OK.
The Local security policy window opens.
Select Security Settings → Local policies → Audit policy.
In the pane on the right, double-click to open the properties of the policy for which you want to enable an audit of successful and unsuccessful attempts.
In the <Policy name> properties window, on the Local security setting tab, select the Success and Failure check boxes to track successful and interrupted attempts.
It is recommended to enable an audit of successful and unsuccessful attempts for the following policies:
Audit Logon
Audit Policy Change
Audit System Events
Audit Logon Events
Audit Account Management
Configuration of an audit policy on the device is complete.