Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-27 07:00:39 +00:00
Code Issues Projects Releases Packages Wiki Activity

optimize comments for audit_policy resource

Browse source
This commit is contained in:
Christoph Hartmann 2015-09-05 22:45:43 +02:00 committed by Dominik Richter
parent 90935e75e1
commit 62d0b217f9
1 changed files with 17 additions and 81 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

98
lib/resources/audit_policy.rb
View file

@ -2,7 +2,7 @@
# copyright: 2015, Vulcano Security GmbH # copyright: 2015, Vulcano Security GmbH
# license: All rights reserved # license: All rights reserved
## Advanced Auditing # Advanced Auditing:
# As soon as you start applying Advanced Audit Configuration Policy, legacy policies will be completely ignored. # As soon as you start applying Advanced Audit Configuration Policy, legacy policies will be completely ignored.
# reference: https://technet.microsoft.com/en-us/library/cc753632.aspx # reference: https://technet.microsoft.com/en-us/library/cc753632.aspx
# use: # use:
@ -11,86 +11,22 @@
# - list specific parameter: Auditpol /get /subcategory:"IPsec Driver" # - list specific parameter: Auditpol /get /subcategory:"IPsec Driver"
# #
# @link: http://blogs.technet.com/b/askds/archive/2011/03/11/getting-the-effective-audit-policy-in-windows-7-and-2008-r2.aspx # @link: http://blogs.technet.com/b/askds/archive/2011/03/11/getting-the-effective-audit-policy-in-windows-7-and-2008-r2.aspx
#
=begin # Valid values are:
Category/Subcategory,GUID #
System,{69979848-797A-11D9-BED3-505054503030} # - "No Auditing"
Security State Change,{0CCE9210-69AE-11D9-BED3-505054503030} # - "Not Specified"
Security System Extension,{0CCE9211-69AE-11D9-BED3-505054503030} # - "Success"
System Integrity,{0CCE9212-69AE-11D9-BED3-505054503030} # - "Success and Failure"
IPsec Driver,{0CCE9213-69AE-11D9-BED3-505054503030} # - "Failure"
Other System Events,{0CCE9214-69AE-11D9-BED3-505054503030} #
Logon/Logoff,{69979849-797A-11D9-BED3-505054503030} # Further information is available at: https://msdn.microsoft.com/en-us/library/dd973859.aspx
Logon,{0CCE9215-69AE-11D9-BED3-505054503030} #
Logoff,{0CCE9216-69AE-11D9-BED3-505054503030} # Usage:
Account Lockout,{0CCE9217-69AE-11D9-BED3-505054503030} #
IPsec Main Mode,{0CCE9218-69AE-11D9-BED3-505054503030} # describe audit_policy do
IPsec Quick Mode,{0CCE9219-69AE-11D9-BED3-505054503030} # its('Other Account Logon Events') { should_not eq 'No Auditing' }
IPsec Extended Mode,{0CCE921A-69AE-11D9-BED3-505054503030} # end
Special Logon,{0CCE921B-69AE-11D9-BED3-505054503030}
Other Logon/Logoff Events,{0CCE921C-69AE-11D9-BED3-505054503030}
Network Policy Server,{0CCE9243-69AE-11D9-BED3-505054503030}
User / Device Claims,{0CCE9247-69AE-11D9-BED3-505054503030}
Object Access,{6997984A-797A-11D9-BED3-505054503030}
File System,{0CCE921D-69AE-11D9-BED3-505054503030}
Registry,{0CCE921E-69AE-11D9-BED3-505054503030}
Kernel Object,{0CCE921F-69AE-11D9-BED3-505054503030}
SAM,{0CCE9220-69AE-11D9-BED3-505054503030}
Certification Services,{0CCE9221-69AE-11D9-BED3-505054503030}
Application Generated,{0CCE9222-69AE-11D9-BED3-505054503030}
Handle Manipulation,{0CCE9223-69AE-11D9-BED3-505054503030}
File Share,{0CCE9224-69AE-11D9-BED3-505054503030}
Filtering Platform Packet Drop,{0CCE9225-69AE-11D9-BED3-505054503030}
Filtering Platform Connection,{0CCE9226-69AE-11D9-BED3-505054503030}
Other Object Access Events,{0CCE9227-69AE-11D9-BED3-505054503030}
Detailed File Share,{0CCE9244-69AE-11D9-BED3-505054503030}
Removable Storage,{0CCE9245-69AE-11D9-BED3-505054503030}
Central Policy Staging,{0CCE9246-69AE-11D9-BED3-505054503030}
Privilege Use,{6997984B-797A-11D9-BED3-505054503030}
Sensitive Privilege Use,{0CCE9228-69AE-11D9-BED3-505054503030}
Non Sensitive Privilege Use,{0CCE9229-69AE-11D9-BED3-505054503030}
Other Privilege Use Events,{0CCE922A-69AE-11D9-BED3-505054503030}
Detailed Tracking,{6997984C-797A-11D9-BED3-505054503030}
Process Creation,{0CCE922B-69AE-11D9-BED3-505054503030}
Process Termination,{0CCE922C-69AE-11D9-BED3-505054503030}
DPAPI Activity,{0CCE922D-69AE-11D9-BED3-505054503030}
RPC Events,{0CCE922E-69AE-11D9-BED3-505054503030}
Policy Change,{6997984D-797A-11D9-BED3-505054503030}
Audit Policy Change,{0CCE922F-69AE-11D9-BED3-505054503030}
Authentication Policy Change,{0CCE9230-69AE-11D9-BED3-505054503030}
Authorization Policy Change,{0CCE9231-69AE-11D9-BED3-505054503030}
MPSSVC Rule-Level Policy Change,{0CCE9232-69AE-11D9-BED3-505054503030}
Filtering Platform Policy Change,{0CCE9233-69AE-11D9-BED3-505054503030}
Other Policy Change Events,{0CCE9234-69AE-11D9-BED3-505054503030}
Account Management,{6997984E-797A-11D9-BED3-505054503030}
User Account Management,{0CCE9235-69AE-11D9-BED3-505054503030}
Computer Account Management,{0CCE9236-69AE-11D9-BED3-505054503030}
Security Group Management,{0CCE9237-69AE-11D9-BED3-505054503030}
Distribution Group Management,{0CCE9238-69AE-11D9-BED3-505054503030}
Application Group Management,{0CCE9239-69AE-11D9-BED3-505054503030}
Other Account Management Events,{0CCE923A-69AE-11D9-BED3-505054503030}
DS Access,{6997984F-797A-11D9-BED3-505054503030}
Directory Service Access,{0CCE923B-69AE-11D9-BED3-505054503030}
Directory Service Changes,{0CCE923C-69AE-11D9-BED3-505054503030}
Directory Service Replication,{0CCE923D-69AE-11D9-BED3-505054503030}
Detailed Directory Service Replication,{0CCE923E-69AE-11D9-BED3-505054503030}
Account Logon,{69979850-797A-11D9-BED3-505054503030}
Credential Validation,{0CCE923F-69AE-11D9-BED3-505054503030}
Kerberos Service Ticket Operations,{0CCE9240-69AE-11D9-BED3-505054503030}
Other Account Logon Events,{0CCE9241-69AE-11D9-BED3-505054503030}
Kerberos Authentication Service,{0CCE9242-69AE-11D9-BED3-505054503030}
Valid values are:
- "No Auditing"
- "Not Specified"
- "Success"
- "Success and Failure"
- "Failure"
Further information is available at: https://msdn.microsoft.com/en-us/library/dd973859.aspx
=end
class AuditPolicy < Vulcano.resource(1) class AuditPolicy < Vulcano.resource(1)
name 'audit_policy' name 'audit_policy'