Class: AuditPolicy

Inherits:
Object
  • Object
show all
Defined in:
lib/resources/audit_policy.rb

Overview

Advanced Auditing: As soon as you start applying Advanced Audit Configuration Policy, legacy policies will be completely ignored. reference: technet.microsoft.com/en-us/library/cc753632.aspx use:

- list all categories: Auditpol /list /subcategory:* /r
- list parameters: Auditpol /get /category:"System" /subcategory:"IPsec Driver"
- list specific parameter: Auditpol /get /subcategory:"IPsec Driver"

@link: blogs.technet.com/b/askds/archive/2011/03/11/getting-the-effective-audit-policy-in-windows-7-and-2008-r2.aspx

Valid values are:

  • “No Auditing”

  • “Not Specified”

  • “Success”

  • “Success and Failure”

  • “Failure”

Further information is available at: msdn.microsoft.com/en-us/library/dd973859.aspx

Instance Method Summary collapse

Dynamic Method Handling

This class handles dynamic methods through the method_missing method

#method_missing(method) ⇒ Object 



36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
 
# File 'lib/resources/audit_policy.rb', line 36

def method_missing(method)
  key = method.to_s

  # expected result:
  # Machine Name,Policy Target,Subcategory,Subcategory GUID,Inclusion Setting,Exclusion Setting
  # WIN-MB8NINQ388J,System,Kerberos Authentication Service,{0CCE9242-69AE-11D9-BED3-505054503030},No Auditing,
  result ||= inspec.command("Auditpol /get /subcategory:'#{key}' /r").stdout

  # find line
  target = nil
  result.each_line {|s|
    target = s.strip if s =~ /\b.*#{key}.*\b/
  }

  # extract value
  values = nil
  unless target.nil?
    # split csv values and return value
    values = target.split(',')[4]
  end

  values
end

Instance Method Details

#to_sObject 



60
61
62
 
# File 'lib/resources/audit_policy.rb', line 60

def to_s
  'Audit Policy'
end