community.windows.win_audit_policy_system – Used to make changes to the system wide Audit Policy
Note
This plugin is part of the community.windows collection (version 1.7.0).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.windows
.
To use it in a playbook, specify: community.windows.win_audit_policy_system
.
Synopsis
- Used to make changes to the system wide Audit Policy.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
audit_type list / elements=string / required |
| The type of event you would like to audit for. Accepts a list. See examples. |
category string | Single string value for the category you would like to adjust the policy on. Cannot be used with subcategory. You must define one or the other. Changing this setting causes all subcategories to be adjusted to the defined audit_type. | |
subcategory string | Single string value for the subcategory you would like to adjust the policy on. Cannot be used with category. You must define one or the other. |
Notes
Note
- It is recommended to take a backup of the policies before adjusting them for the first time.
- See this page for in depth information https://technet.microsoft.com/en-us/library/cc766468.aspx.
See Also
See also
- community.windows.win_audit_rule
-
The official documentation on the community.windows.win_audit_rule module.
Examples
- name: Enable failure auditing for the subcategory "File System" community.windows.win_audit_policy_system: subcategory: File System audit_type: failure - name: Enable all auditing types for the category "Account logon events" community.windows.win_audit_policy_system: category: Account logon events audit_type: success, failure - name: Disable auditing for the subcategory "File System" community.windows.win_audit_policy_system: subcategory: File System audit_type: none
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
current_audit_policy dictionary | always | details on the policy being targetted Sample: { "File Share":"failure" } |
Authors
- Noah Sparks (@nwsparks)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/windows/win_audit_policy_system_module.html