CSEC_PUBLIC/WELA
1
0
Fork 0
mirror of https://github.com/Yamato-Security/WELA.git synced 2025-12-06 09:12:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

doc: add readme

Browse Source
This commit is contained in:
fukusuket
2025-05-12 11:19:31 +09:00
parent 902da44231
commit 3aa0c4fcf5
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -94,6 +94,7 @@ Please download the latest stable version of WELA from the [Releases](https://gi
# Command Usage
## audit-settings
`audit-settings` command checks the Windows Event Log audit policy settings and compares them with the recommended settings from **[Yamato Security](https://github.com/Yamato-Security/EnableWindowsLogSettings)**, **[Microsoft(Sever/Client)](https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/audit-policy-recommendations)**, and **[Australian Signals Directorate (ASD)](https://www.cyber.gov.au/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/system-monitoring/windows-event-logging-and-forwarding)**.
RuleCount indicates the number of [Sigma rules](https://github.com/SigmaHQ/sigma) that can detect events within that category.
#### `audit-settings` command examples
Check by YamatoSecurity(Default) recommend setting and save to CSV:
@@ -162,6 +163,7 @@ At the least, **if you like our tools and resources, then please give us a star
# Acknowledgements
* [SigmaHQ](https://github.com/SigmaHQ/sigma)
# Twitter