By default, AD FS in Windows Server 2016 has a basic level of auditing enabled. With basic auditing, administrators will only be able to see up to five events for a single request. But we can raise the auditing level using the PowerShell cmdlet Set-AdfsProperties -AuditLevel.
The following table identifies the available auditing levels.
|Audit Level||PowerShell syntax||Description|
|None||Set-AdfsProperties – AuditLevel None||Auditing is disabled and no events will be logged.|
|Basic (Default)||Set-AdfsProperties – AuditLevel Basic||No more than 5 events will be logged for a single request|
|Verbose||Set-AdfsProperties – AuditLevel Verbose||All events will be logged. This will log a significant amount of information per request.|
If you need to check the current auditing level, you can use the PowerShell cmdlet Get-dfsProperties.