Sharepoint 2010 Auditing - Tracking Changes to Permissions in Subsites using Sharepoint Groups

My goal is to track what users have been added to Sharepoint groups on subsites.

ex.

TopLevelSite/SubsiteA

TopLevelSite/SubsiteB

Each subsite has unique permissions on it (broken inheritance) and I have setup new Sharepoint Groups to manage permissions for each subsite.

ex.

SubsiteA Groups

SubsiteA Owners, SubsiteA Members

SubsiteB Groups

SubsiteB Owners, SubsiteB Members

I added some users to "SubsiteA Members" which is a Sharepoint group that exists only in the "TopLevelSite/SubsiteA" site. Then I generated an Audit report to see what data it logged for the event. But when I am viewing the reports it shows that user was added under the Root site (Site Collection). Even though that Sharepoint group doesnt exist on the SC root and I chose to break inheritance on the subsite.

So when filtering events that happened in "TopLevelSite/SubsiteA" the event doesn't show up.

So this makes it extremely difficult to find out what users were added to what site. all I have to work with is this. (which isnt very helpful)

Security Group Member Add <groupid>158</groupid><userid>18</userid><username>SomeUser</username>

So my question is this. What are others using to Audit permission changes in Sharepoint 2010? Is there a third party solution? Is this a bug?

Thanks for the help.

Graham

<label for="CheckBoxAuditPerms">
</label>

Cheers, TMG