From 6ae4e6276485599ef038c688a3cdfd4890ce36e3 Mon Sep 17 00:00:00 2001 From: fukusuket <41001169+fukusuket@users.noreply.github.com> Date: Mon, 14 Apr 2025 08:53:07 +0900 Subject: [PATCH] chg: add other log --- WELA.ps1 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/WELA.ps1 b/WELA.ps1 index 040ad193..44f912c7 100644 --- a/WELA.ps1 +++ b/WELA.ps1 @@ -201,7 +201,7 @@ function AuditLogSetting { $channels = @("Application") $enabled = $true $rules = $all_rules | Where-Object { RuleFilter $_ $eids $channels $guid } - $rules | ForEach-Object { $_.applicable = $enabled } + $rules = ApplyRules -enabled $enabled -rules $all_rules -guid $guid $auditResult += [WELA]::New( "Application", "", @@ -219,7 +219,7 @@ function AuditLogSetting { $channels = @("Microsoft-Windows-AppLocker/MSI and Script") $enabled = $true $rules = $all_rules | Where-Object { RuleFilter $_ $eids $channels $guid } - $rules | ForEach-Object { $_.applicable = $enabled } + $rules = ApplyRules -enabled $enabled -rules $all_rules -guid $guid $auditResult += [WELA]::New( "AppLocker", "", @@ -237,7 +237,7 @@ function AuditLogSetting { $channels = @("Microsoft-Windows-Bits-Client/Operational") $enabled = $true $rules = $all_rules | Where-Object { RuleFilter $_ $eids $channels $guid } - $rules | ForEach-Object { $_.applicable = $enabled } + $rules = ApplyRules -enabled $enabled -rules $all_rules -guid $guid $auditResult += [WELA]::New( "Bits-Client Operational", "", @@ -255,7 +255,7 @@ function AuditLogSetting { $channels = @("Microsoft-Windows-CodeIntegrity/Operational") $enabled = $true $rules = $all_rules | Where-Object { RuleFilter $_ $eids $channels $guid } - $rules | ForEach-Object { $_.applicable = $enabled } + $rules = ApplyRules -enabled $enabled -rules $all_rules -guid $guid $auditResult += [WELA]::New( "CodeIntegrity Operational", "",