You are viewing docs from the master branch, some of these features are not yet released.

salt.modules.win_auditpol¶

A salt module for modifying the audit policies on the machine

Though this module does not set group policy for auditing, it displays how all auditing configuration is applied on the machine, either set directly or via local or domain group policy.

New in version 2018.3.4.

New in version 2019.2.1.

This module allows you to view and modify the audit settings as they are applied on the machine. The audit settings are broken down into nine categories:

Account Logon
Account Management
Detailed Tracking
DS Access
Logon/Logoff
Object Access
Policy Change
Privilege Use
System

The get_settings function will return the subcategories for all nine of the above categories in one dictionary along with their auditing status.

To modify a setting you only need to specify the subcategory name and the value you wish to set. Valid settings are:

No Auditing
Success
Failure
Success and Failure

CLI Example:

# Get current state of all audit settings
salt * auditpol.get_settings

# Get the current state of all audit settings in the "Account Logon"
# category
salt * auditpol.get_settings category="Account Logon"

# Get current state of the "Credential Validation" setting
salt * auditpol.get_setting name="Credential Validation"

# Set the state of the "Credential Validation" setting to Success and
# Failure
salt * auditpol.set_setting name="Credential Validation" value="Success and Failure"

# Set the state of the "Credential Validation" setting to No Auditing
salt * auditpol.set_setting name="Credential Validation" value="No Auditing"

salt.modules.win_auditpol.get_setting(name)¶

Get the current configuration for the named audit setting

Parameters:

name (str) -- The name of the setting to retrieve

Returns:

The current configuration for the named setting

Return type:

str

Raises:

KeyError -- On invalid setting name
CommandExecutionError -- If an error is encountered retrieving the settings

CLI Example:

# Get current state of the "Credential Validation" setting
salt * auditpol.get_setting "Credential Validation"

salt.modules.win_auditpol.get_settings(category='All')¶

Get the current configuration for all audit settings specified in the category

Parameters:

category (str) --

One of the nine categories to return. Can also be All to return the settings for all categories. Valid options are:

Account Logon
Account Management
Detailed Tracking
DS Access
Logon/Logoff
Object Access
Policy Change
Privilege Use
System
All

Default value is All

Returns:

A dictionary containing all subcategories for the specified: category along with their current configuration

Return type:

dict

Raises:

KeyError -- On invalid category
CommandExecutionError -- If an error is encountered retrieving the settings

CLI Example:

# Get current state of all audit settings
salt * auditipol.get_settings

# Get the current state of all audit settings in the "Account Logon"
# category
salt * auditpol.get_settings "Account Logon"

salt.modules.win_auditpol.set_setting(name, value)¶

Set the configuration for the named audit setting

Parameters:

name (str) -- The name of the setting to configure
value (str) --
The configuration for the named value. Valid options are:
- No Auditing
- Success
- Failure
- Success and Failure

Returns:

True if successful

Return type:

bool

Raises:

KeyError -- On invalid name or value
CommandExecutionError -- If an error is encountered modifying the setting

CLI Example:

# Set the state of the "Credential Validation" setting to Success and
# Failure
salt * auditpol.set_setting "Credential Validation" "Success and Failure"

# Set the state of the "Credential Validation" setting to No Auditing
salt * auditpol.set_setting "Credential Validation" "No Auditing"