CyberPolice

An epic windows securing and hardening script
Log | Files | Refs | README

audit.csv (6312B)

      1 Machine Name,Policy Target,Subcategory,Subcategory GUID,Inclusion Setting,Exclusion Setting,Setting Value
      2 DESKTOP-3MPIN6J,System,IPsec Driver,{0CCE9213-69AE-11D9-BED3-505054503030},Success and Failure,,3
      3 DESKTOP-3MPIN6J,System,System Integrity,{0CCE9212-69AE-11D9-BED3-505054503030},Success and Failure,,3
      4 DESKTOP-3MPIN6J,System,Security System Extension,{0CCE9211-69AE-11D9-BED3-505054503030},Success and Failure,,3
      5 DESKTOP-3MPIN6J,System,Security State Change,{0CCE9210-69AE-11D9-BED3-505054503030},Success and Failure,,3
      6 DESKTOP-3MPIN6J,System,Other System Events,{0CCE9214-69AE-11D9-BED3-505054503030},Success and Failure,,3
      7 DESKTOP-3MPIN6J,System,Group Membership,{0CCE9249-69AE-11D9-BED3-505054503030},Success,,1
      8 DESKTOP-3MPIN6J,System,User / Device Claims,{0CCE9247-69AE-11D9-BED3-505054503030},Success,,1
      9 DESKTOP-3MPIN6J,System,Network Policy Server,{0CCE9243-69AE-11D9-BED3-505054503030},No Auditing,,0
     10 DESKTOP-3MPIN6J,System,Other Logon/Logoff Events,{0CCE921C-69AE-11D9-BED3-505054503030},Success and Failure,,3
     11 DESKTOP-3MPIN6J,System,Special Logon,{0CCE921B-69AE-11D9-BED3-505054503030},Success,,1
     12 DESKTOP-3MPIN6J,System,IPsec Extended Mode,{0CCE921A-69AE-11D9-BED3-505054503030},No Auditing,,0
     13 DESKTOP-3MPIN6J,System,IPsec Quick Mode,{0CCE9219-69AE-11D9-BED3-505054503030},No Auditing,,0
     14 DESKTOP-3MPIN6J,System,IPsec Main Mode,{0CCE9218-69AE-11D9-BED3-505054503030},No Auditing,,0
     15 DESKTOP-3MPIN6J,System,Account Lockout,{0CCE9217-69AE-11D9-BED3-505054503030},Failure,,2
     16 DESKTOP-3MPIN6J,System,Logoff,{0CCE9216-69AE-11D9-BED3-505054503030},Success,,1
     17 DESKTOP-3MPIN6J,System,Logon,{0CCE9215-69AE-11D9-BED3-505054503030},Success and Failure,,3
     18 DESKTOP-3MPIN6J,System,File Share,{0CCE9224-69AE-11D9-BED3-505054503030},No Auditing,,0
     19 DESKTOP-3MPIN6J,System,Central Policy Staging,{0CCE9246-69AE-11D9-BED3-505054503030},Failure,,2
     20 DESKTOP-3MPIN6J,System,Removable Storage,{0CCE9245-69AE-11D9-BED3-505054503030},Success and Failure,,3
     21 DESKTOP-3MPIN6J,System,Detailed File Share,{0CCE9244-69AE-11D9-BED3-505054503030},Failure,,2
     22 DESKTOP-3MPIN6J,System,Other Object Access Events,{0CCE9227-69AE-11D9-BED3-505054503030},No Auditing,,0
     23 DESKTOP-3MPIN6J,System,Filtering Platform Connection,{0CCE9226-69AE-11D9-BED3-505054503030},No Auditing,,0
     24 DESKTOP-3MPIN6J,System,Filtering Platform Packet Drop,{0CCE9225-69AE-11D9-BED3-505054503030},No Auditing,,0
     25 DESKTOP-3MPIN6J,System,Handle Manipulation,{0CCE9223-69AE-11D9-BED3-505054503030},No Auditing,,0
     26 DESKTOP-3MPIN6J,System,Application Generated,{0CCE9222-69AE-11D9-BED3-505054503030},No Auditing,,0
     27 DESKTOP-3MPIN6J,System,Certification Services,{0CCE9221-69AE-11D9-BED3-505054503030},No Auditing,,0
     28 DESKTOP-3MPIN6J,System,SAM,{0CCE9220-69AE-11D9-BED3-505054503030},Success and Failure,,3
     29 DESKTOP-3MPIN6J,System,Kernel Object,{0CCE921F-69AE-11D9-BED3-505054503030},Failure,,2
     30 DESKTOP-3MPIN6J,System,Registry,{0CCE921E-69AE-11D9-BED3-505054503030},Failure,,2
     31 DESKTOP-3MPIN6J,System,File System,{0CCE921D-69AE-11D9-BED3-505054503030},Failure,,2
     32 DESKTOP-3MPIN6J,System,Other Privilege Use Events,{0CCE922A-69AE-11D9-BED3-505054503030},No Auditing,,0
     33 DESKTOP-3MPIN6J,System,Non Sensitive Privilege Use,{0CCE9229-69AE-11D9-BED3-505054503030},Failure,,2
     34 DESKTOP-3MPIN6J,System,Sensitive Privilege Use,{0CCE9228-69AE-11D9-BED3-505054503030},Success and Failure,,3
     35 DESKTOP-3MPIN6J,System,DPAPI Activity,{0CCE922D-69AE-11D9-BED3-505054503030},No Auditing,,0
     36 DESKTOP-3MPIN6J,System,RPC Events,{0CCE922E-69AE-11D9-BED3-505054503030},Success,,1
     37 DESKTOP-3MPIN6J,System,Process Creation,{0CCE922B-69AE-11D9-BED3-505054503030},Success,,1
     38 DESKTOP-3MPIN6J,System,Process Termination,{0CCE922C-69AE-11D9-BED3-505054503030},No Auditing,,0
     39 DESKTOP-3MPIN6J,System,Plug and Play Events,{0CCE9248-69AE-11D9-BED3-505054503030},Success and Failure,,3
     40 DESKTOP-3MPIN6J,System,Authentication Policy Change,{0CCE9230-69AE-11D9-BED3-505054503030},Success,,1
     41 DESKTOP-3MPIN6J,System,Other Policy Change Events,{0CCE9234-69AE-11D9-BED3-505054503030},Success and Failure,,3
     42 DESKTOP-3MPIN6J,System,Filtering Platform Policy Change,{0CCE9233-69AE-11D9-BED3-505054503030},No Auditing,,0
     43 DESKTOP-3MPIN6J,System,Audit Policy Change,{0CCE922F-69AE-11D9-BED3-505054503030},Success and Failure,,3
     44 DESKTOP-3MPIN6J,System,Authorization Policy Change,{0CCE9231-69AE-11D9-BED3-505054503030},Success,,1
     45 DESKTOP-3MPIN6J,System,MPSSVC Rule-Level Policy Change,{0CCE9232-69AE-11D9-BED3-505054503030},Success and Failure,,3
     46 DESKTOP-3MPIN6J,System,Other Account Management Events,{0CCE923A-69AE-11D9-BED3-505054503030},Success and Failure,,3
     47 DESKTOP-3MPIN6J,System,Application Group Management,{0CCE9239-69AE-11D9-BED3-505054503030},No Auditing,,0
     48 DESKTOP-3MPIN6J,System,Distribution Group Management,{0CCE9238-69AE-11D9-BED3-505054503030},No Auditing,,0
     49 DESKTOP-3MPIN6J,System,Security Group Management,{0CCE9237-69AE-11D9-BED3-505054503030},Success and Failure,,3
     50 DESKTOP-3MPIN6J,System,Computer Account Management,{0CCE9236-69AE-11D9-BED3-505054503030},Success and Failure,,3
     51 DESKTOP-3MPIN6J,System,User Account Management,{0CCE9235-69AE-11D9-BED3-505054503030},Success and Failure,,3
     52 DESKTOP-3MPIN6J,System,Directory Service Access,{0CCE923B-69AE-11D9-BED3-505054503030},No Auditing,,0
     53 DESKTOP-3MPIN6J,System,Directory Service Changes,{0CCE923C-69AE-11D9-BED3-505054503030},No Auditing,,0
     54 DESKTOP-3MPIN6J,System,Detailed Directory Service Replication,{0CCE923E-69AE-11D9-BED3-505054503030},No Auditing,,0
     55 DESKTOP-3MPIN6J,System,Directory Service Replication,{0CCE923D-69AE-11D9-BED3-505054503030},No Auditing,,0
     56 DESKTOP-3MPIN6J,System,Other Account Logon Events,{0CCE9241-69AE-11D9-BED3-505054503030},No Auditing,,0
     57 DESKTOP-3MPIN6J,System,Kerberos Service Ticket Operations,{0CCE9240-69AE-11D9-BED3-505054503030},No Auditing,,0
     58 DESKTOP-3MPIN6J,System,Credential Validation,{0CCE923F-69AE-11D9-BED3-505054503030},Success and Failure,,3
     59 DESKTOP-3MPIN6J,System,Kerberos Authentication Service,{0CCE9242-69AE-11D9-BED3-505054503030},Success and Failure,,3
     60 DESKTOP-3MPIN6J,,Option:CrashOnAuditFail,,Disabled,,0
     61 DESKTOP-3MPIN6J,,Option:FullPrivilegeAuditing,,Disabled,,0
     62 DESKTOP-3MPIN6J,,Option:AuditBaseObjects,,Disabled,,0
     63 DESKTOP-3MPIN6J,,Option:AuditBaseDirectories,,Disabled,,0
     64 DESKTOP-3MPIN6J,,FileGlobalSacl,,,,S:(AU;SA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)
     65 DESKTOP-3MPIN6J,,RegistryGlobalSacl,,,,S:(AU;SA;KA;;;WD)