CSEC_PUBLIC/WELA
1
0
Fork 0
mirror of https://github.com/Yamato-Security/WELA.git synced 2025-12-06 09:12:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

chg: add other log

Browse Source
This commit is contained in:
fukusuket
2025-04-14 08:53:07 +09:00
parent 0560c6b8e4
commit 6ae4e62764
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
WELA.ps1
View File

@@ -201,7 +201,7 @@ function AuditLogSetting {
$channels = @("Application")
$enabled = $true
$rules = $all_rules | Where-Object { RuleFilter $_ $eids $channels $guid }
$rules | ForEach-Object { $_.applicable = $enabled }
$rules = ApplyRules -enabled $enabled -rules $all_rules -guid $guid
$auditResult += [WELA]::New(
"Application",
"",
@@ -219,7 +219,7 @@ function AuditLogSetting {
$channels = @("Microsoft-Windows-AppLocker/MSI and Script")
$enabled = $true
$rules = $all_rules | Where-Object { RuleFilter $_ $eids $channels $guid }
$rules | ForEach-Object { $_.applicable = $enabled }
$rules = ApplyRules -enabled $enabled -rules $all_rules -guid $guid
$auditResult += [WELA]::New(
"AppLocker",
"",
@@ -237,7 +237,7 @@ function AuditLogSetting {
$channels = @("Microsoft-Windows-Bits-Client/Operational")
$enabled = $true
$rules = $all_rules | Where-Object { RuleFilter $_ $eids $channels $guid }
$rules | ForEach-Object { $_.applicable = $enabled }
$rules = ApplyRules -enabled $enabled -rules $all_rules -guid $guid
$auditResult += [WELA]::New(
"Bits-Client Operational",
"",
@@ -255,7 +255,7 @@ function AuditLogSetting {
$channels = @("Microsoft-Windows-CodeIntegrity/Operational")
$enabled = $true
$rules = $all_rules | Where-Object { RuleFilter $_ $eids $channels $guid }
$rules | ForEach-Object { $_.applicable = $enabled }
$rules = ApplyRules -enabled $enabled -rules $all_rules -guid $guid
$auditResult += [WELA]::New(
"CodeIntegrity Operational",
"",