---
hide:
- navigation
- toc
---
---
## Why WELA?
- :material-clipboard-check:{ .lg .middle } __Audit log policy settings__
---
Audit your Windows event log **audit policy settings** to confirm the right events are being logged.
- :material-book-check:{ .lg .middle } __Based on guidelines__
---
Checks against the **major Windows event log audit configuration guidelines**.
- :material-shield-search:{ .lg .middle } __Sigma detectability__
---
Evaluates your settings against **real-world Sigma rule detectability** â will your logs actually catch attacks?
- :material-file-cog:{ .lg .middle } __File-size auditing__
---
Audits Windows event log **file sizes** and suggests recommended sizes.
- :material-cog-play:{ .lg .middle } __Auto-configure__
---
Apply the **recommended** audit policy and log file sizes with the `configure` command.
- :material-chart-box:{ .lg .middle } __Flexible output__
---
View results in the terminal, a GUI, a table, or as a **MITRE ATT&CK Navigator** heatmap.
## Quick links
- __:material-book-open-variant: New here?__
Start with the [Overview](overview/index.md), then head to
[Getting Started](getting-started/index.md) to install and run WELA.
- __:material-console-line: Working with the CLI?__
Browse the [Command List](commands/index.md) and the [Command Usage](commands/usage.md)
reference (`audit-settings`, `audit-filesize`, `configure`, `update-rules`).
- __:material-puzzle: Going further?__
Explore the [Companion Projects](resources/companion-projects.md), the
[Changelog](resources/changelog.md), and how to
[contribute](resources/contributing.md).