Hi,
By using Audit Group Membership, you can audit group memberships when they're enumerated on the client computer.
Under the computer configuration,
https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/audit-group-membership