name: Check audit setting

on:
  push:
    branches: [ "*" ]
  workflow_dispatch:

jobs:
  build:
    strategy:
      matrix:
        os: [windows-2019, windows-2022, windows-2025]
    runs-on: ${{ matrix.os }}
    steps:
      - uses: actions/checkout@v4

#      - name: auditpol /list /subcategory:* /r
#        run: auditpol /list /subcategory:* /r
#
#      - name: auditpol /get /category:*
#        run: auditpol /get /category:*
#
#      - name: Get-WinEvent -ListLog * | Select-Object LogName, MaximumSizeInBytes
#        run: Get-WinEvent -ListLog * | Select-Object LogName, MaximumSizeInBytes
#
#      - name: Get-WinEvent -ListProvider *
#        run: (Get-WinEvent -ListProvider Microsoft-Windows-Security-Auditing).Events | ForEach-Object { [PSCustomObject]@{EventID=$_.Id; Description=($_.Description -replace "`r`n", " ") -replace "\..*", ""} }
#
#      - name: Checkout self repository
#        uses: actions/checkout@v4
#
#      - name: Load audit settings(json)
#        run: |
#            $startTime = Get-Date
#            $audit_settings = Get-Content -Path ./config/security_rules.json -Raw | ConvertFrom-Json
#            $audit_settings
#            $endTime = Get-Date
#            $duration = $endTime - $startTime
#            Write-Output "Duration: $duration"
#
#      - name: Load audit settings(csv)
#        run: |
#            $startTime = Get-Date
#            $audit_settings = Import-Csv ./config/eid_subcategory_mapping.csv
#            $audit_settings
#            $endTime = Get-Date
#            $duration = $endTime - $startTime
#            Write-Output "Duration: $duration"

      - name: Run WELA.ps1
        run: |
          ./WELA.ps1

      - name: Output UsableRules.csv
        run: |
          Get-Content UsableRules.csv

      - name: Output UnUsableRules.csv
        run: |
          Get-Content UnusableRules.csv