Step #1 Define Auditing Settings
You can accomplish this by two ways the first way is on server itself, and the second one is on a group of server. In this blog I will describe both scenarios:

Scenario No.1: Configure Auditing on server itself:

• Open Run and type gpedit.msc to open Local Group Policy Management Editor Console.

• Go to Computer Configuration –> Windows Settings –> Security Settings –> Local Policy –> Audit Policy, and define what you want to audit either the Success or Failure action, then close this window.

Scenario No.2: Configure Auditing on a Group Of Servers via GPO:

• After add all target Servers inside specific Organizational Unit (OU).
• Open Group Policy Management Console.
• Go to target OU, right click and select Create GPO in this Domain, and link it here…
• Open Computer Configuration –> Policies –> Windows Settings –> Local Policies –> Audit Policy, and define what you want to audit either theSuccess or Failure action, then close this window, and close GPMC window as well.

Step #2 Apply Auditing Settings for a Folder/File

• Right-click on the needed object and click Properties, open Security tab, then click on Advanced
• Open Auditing tab, and add set the following fields with the needed values:
  • Principle: select the needed user.
  • Type: select the needed action you want to log
  • Applies To: select auditing level (folder, files… etc.)
  • Permissions: choose the needed permissions for auditing.

• Close Auditing Entry
• Close Auditing Security Settings
• Close Properties