update

2025-12-18 07:02:52 +01:00 · 2025-03-16 19:26:41 +09:00
parent df1e2a3c4a
commit 9ca653095f
1 changed files with 32 additions and 32 deletions
--- a/.github/workflows/check-audit.yml
+++ b/.github/workflows/check-audit.yml
@@ -14,38 +14,38 @@ jobs:
    steps:
      - uses: actions/checkout@v4
-      - name: auditpol /list /subcategory:* /r
+#      - name: auditpol /list /subcategory:* /r
-        run: auditpol /list /subcategory:* /r
+#        run: auditpol /list /subcategory:* /r
-
+#
-      - name: auditpol /get /category:*
+#      - name: auditpol /get /category:*
-        run: auditpol /get /category:*
+#        run: auditpol /get /category:*
-
+#
-      - name: Get-WinEvent -ListLog * | Select-Object LogName, MaximumSizeInBytes
+#      - name: Get-WinEvent -ListLog * | Select-Object LogName, MaximumSizeInBytes
-        run: Get-WinEvent -ListLog * | Select-Object LogName, MaximumSizeInBytes
+#        run: Get-WinEvent -ListLog * | Select-Object LogName, MaximumSizeInBytes
-
+#
-      - name: Get-WinEvent -ListProvider *
+#      - name: Get-WinEvent -ListProvider *
-        run: (Get-WinEvent -ListProvider Microsoft-Windows-Security-Auditing).Events | ForEach-Object { [PSCustomObject]@{EventID=$_.Id; Description=($_.Description -replace "`r`n", " ") -replace "\..*", ""} }
+#        run: (Get-WinEvent -ListProvider Microsoft-Windows-Security-Auditing).Events | ForEach-Object { [PSCustomObject]@{EventID=$_.Id; Description=($_.Description -replace "`r`n", " ") -replace "\..*", ""} }
-
+#
-      - name: Checkout self repository
+#      - name: Checkout self repository
-        uses: actions/checkout@v4
+#        uses: actions/checkout@v4
-
+#
-      - name: Load audit settings(json)
+#      - name: Load audit settings(json)
-        run: |
+#        run: |
-            $startTime = Get-Date
+#            $startTime = Get-Date
-            $audit_settings = Get-Content -Path ./config/security_rules.json -Raw | ConvertFrom-Json
+#            $audit_settings = Get-Content -Path ./config/security_rules.json -Raw | ConvertFrom-Json
-            $audit_settings
+#            $audit_settings
-            $endTime = Get-Date
+#            $endTime = Get-Date
-            $duration = $endTime - $startTime
+#            $duration = $endTime - $startTime
-            Write-Output "Duration: $duration"
+#            Write-Output "Duration: $duration"
-
+#
-      - name: Load audit settings(csv)
+#      - name: Load audit settings(csv)
-        run: |
+#        run: |
-            $startTime = Get-Date
+#            $startTime = Get-Date
-            $audit_settings = Import-Csv ./config/eid_subcategory_mapping.csv
+#            $audit_settings = Import-Csv ./config/eid_subcategory_mapping.csv
-            $audit_settings
+#            $audit_settings
-            $endTime = Get-Date
+#            $endTime = Get-Date
-            $duration = $endTime - $startTime
+#            $duration = $endTime - $startTime
-            Write-Output "Duration: $duration"
+#            Write-Output "Duration: $duration"
      - name: Run WELA.ps1
        run: |