Not seeing access denied audit messages in restricted subdirectories