salt.modules.win_auditpol
A salt module for modifying the audit policies on the machine
Though this module does not set group policy for auditing, it displays how all auditing configuration is applied on the machine, either set directly or via local or domain group policy.
New in version 2018.3.4.
New in version 2019.2.1.
This module allows you to view and modify the audit settings as they are applied on the machine. The audit settings are broken down into nine categories:
Account Logon
Account Management
Detailed Tracking
DS Access
Logon/Logoff
Object Access
Policy Change
Privilege Use
System
The get_settings
function will return the subcategories for all nine of the above categories in one dictionary along with their auditing status.
To modify a setting you only need to specify the subcategory name and the value you wish to set. Valid settings are:
No Auditing
Success
Failure
Success and Failure
CLI Example:
# Get current state of all audit settings salt * auditpol.get_settings # Get the current state of all audit settings in the "Account Logon" # category salt * auditpol.get_settings category="Account Logon" # Get current state of the "Credential Validation" setting salt * auditpol.get_setting name="Credential Validation" # Set the state of the "Credential Validation" setting to Success and # Failure salt * auditpol.set_setting name="Credential Validation" value="Success and Failure" # Set the state of the "Credential Validation" setting to No Auditing salt * auditpol.set_setting name="Credential Validation" value="No Auditing"
-
Get the current configuration for the named audit setting
- Parameters
-
name (str) -- The name of the setting to retrieve
- Returns
-
The current configuration for the named setting
- Return type
- Raises
-
KeyError -- On invalid setting name
CommandExecutionError -- If an error is encountered retrieving the settings
CLI Example:
# Get current state of the "Credential Validation" setting salt * auditpol.get_setting "Credential Validation"
salt.modules.win_auditpol.get_setting(name)
-
Get the current configuration for all audit settings specified in the category
- Parameters
-
category (str) --
One of the nine categories to return. Can also be
All
to return the settings for all categories. Valid options are:Account Logon
Account Management
Detailed Tracking
DS Access
Logon/Logoff
Object Access
Policy Change
Privilege Use
System
All
Default value is
All
- Returns
-
- A dictionary containing all subcategories for the specified
-
category along with their current configuration
- Return type
- Raises
-
KeyError -- On invalid category
CommandExecutionError -- If an error is encountered retrieving the settings
CLI Example:
# Get current state of all audit settings salt * auditipol.get_settings # Get the current state of all audit settings in the "Account Logon" # category salt * auditpol.get_settings "Account Logon"
salt.modules.win_auditpol.get_settings(category='All')
-
Set the configuration for the named audit setting
- Parameters
- Returns
-
True if successful
- Return type
- Raises
-
KeyError -- On invalid
name
orvalue
CommandExecutionError -- If an error is encountered modifying the setting
CLI Example:
# Set the state of the "Credential Validation" setting to Success and # Failure salt * auditpol.set_setting "Credential Validation" "Success and Failure" # Set the state of the "Credential Validation" setting to No Auditing salt * auditpol.set_setting "Credential Validation" "No Auditing"
salt.modules.win_auditpol.set_setting(name, value)
© 2021 SaltStack.
Licensed under the Apache License, Version 2.0.
https://docs.saltproject.io/en/latest/ref/modules/all/salt.modules.win_auditpol.html