Since you're using ADU&C you could change the auditing configuration in a GPO and find a tool to consolidate the security logs from each machine. Admittedly I have little to no experience in log ...