AD FS can be configured to do service auditing of user logons in order to reveal a level of detail. In order for the Usage Analytics feature to gather and analyze data, the Azure AD Connect Health agent needs the information in the AD FS Audit Logs. These logs are not enabled by default. On your AD FS servers, use the following procedures to enable auditing and to locate the audit logs. To check the status of AD FS security audits:
- Click Start, point to Administrative Tools, and then click Local Security Policy.
- Double-click Local Policies, and then click Audit Policy.
- In the details pane, double-click Audit object access.
- Check the status of the audit object policy on the Audit object access Properties page.