fix: add Application

2025-12-16 22:22:49 +01:00 · 2025-05-10 08:33:27 +09:00
parent 00e64b5ec3
commit 49a64bb9ca
2 changed files with 82 additions and 0 deletions
--- a/WELA.ps1
+++ b/WELA.ps1
@@ -197,6 +197,25 @@ function GuideYamatoSecurity
        [object[]] $all_rules
    )
    $auditResult = @()
+
+    # Application
+    $guid    = ""
+    $eids     = @()
+    $channels = @("Application")
+    $enabled  = $true
+    $rules    = $all_rules | Where-Object { RuleFilter $_ $eids $channels $guid }
+    $rules    | ForEach-Object { $_.applicable = $enabled }
+    $auditResult += [WELA]::New(
+            "Application",
+            "",
+            $enabled,
+            [array]$rules,
+            "Enabled",
+            "Enabled",
+            "",
+            ""
+    )
+
    # Applocker
    $guid    = ""
    $eids     = @()
@@ -1326,6 +1345,7 @@ function GuideASD {
    )

    $auditResult = @()
+
    # Application
    $guid    = ""
    $eids     = @()
@@ -2473,6 +2493,7 @@ function GuideMSC {
    )

    $auditResult = @()
+
    # Application
    $guid    = ""
    $eids     = @()
--- a/auditpol.txt
+++ b/auditpol.txt
@@ -0,0 +1,61 @@
+Active code page: 437
+Machine Name,Policy Target,Subcategory,Subcategory GUID,Inclusion Setting,Exclusion Setting
+
+SAMURAI,System, ,{0CCE9211-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System,,{0CCE9212-69AE-11D9-BED3-505054503030},Success and Failure,
+
+SAMURAI,System,IPsec ,{0CCE9213-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System, ,{0CCE9214-69AE-11D9-BED3-505054503030},Success and Failure,
+
+SAMURAI,System,,{0CCE9210-69AE-11D9-BED3-505054503030},Success,
+
+SAMURAI,System,,{0CCE9215-69AE-11D9-BED3-505054503030},Success and Failure,
+
+SAMURAI,System,,{0CCE9216-69AE-11D9-BED3-505054503030},Success,
+
+SAMURAI,System, ,{0CCE9217-69AE-11D9-BED3-505054503030},Success,
+
+SAMURAI,System,IPsec  ,{0CCE9218-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System,IPsec  ,{0CCE9219-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System,IPsec ,{0CCE921A-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System,,{0CCE921B-69AE-11D9-BED3-505054503030},Success,
+
+SAMURAI,System,/ ,{0CCE921C-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System,  ,{0CCE9243-69AE-11D9-BED3-505054503030},Success and Failure,
+
+SAMURAI,System,/,{0CCE9247-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System, ,{0CCE9249-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System, ,{0CCE921D-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System,,{0CCE921E-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System, ,{0CCE921F-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System,SAM,{0CCE9220-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System,,{0CCE9221-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System,,{0CCE9222-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System,,{0CCE9223-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System,,{0CCE9224-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System,  ,{0CCE9225-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System, ,{0CCE9226-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System,  ,{0CCE9227-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System,,{0CCE9244-69AE-11D9-BED3-505054503030},No Auditing,
+
+SAMURAI,System,,{0CCE9245-69AE-11D9-BED3-505054503030},No Auditing,
+