Files
WELA/website/docs/commands/usage.md
T
Shirofune-Security a95f0f5eec docs: add Material for MkDocs documentation site (English + Japanese)
Add a documentation website under website/, built from README.md and
README-Japanese.md and laid out with top-tab topics and a left sidebar (same
style as the Hayabusa docs). Designed to be hosted free on GitHub Pages.

- Pages: Overview (About, Features, Screenshots), Getting Started, Commands
  (Command List, Command Usage), Resources (Companion Projects, Other
  Resources, Changelog, Contributing)
- Custom landing page, theme, click-to-zoom screenshots
- Changelog synced from CHANGELOG.md at build time
- 15-language switcher via mkdocs-static-i18n: English + Japanese full content;
  the other 13 localize the UI and fall back to English until translated
- .github/workflows/docs.yml builds (mkdocs --strict) + deploys to GitHub Pages

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-29 09:50:48 +09:00

2.3 KiB

Command Usage

audit-settings

The audit-settings command checks the Windows event log audit policy settings and compares them with the recommended settings from Yamato Security, Microsoft(Sever/Client), and Australian Signals Directorate (ASD). RuleCount indicates the number of Sigma rules that can detect events within that category.

audit-settings command examples

Check with the default Yamato Security's recommended settings and save results to CSV:

./WELA.ps1 audit-settings -Baseline YamatoSecurity

Check with the Australian Signals Directorate's recommended settings and save results to CSV:

./WELA.ps1 audit-settings -Baseline ASD

Check with Microsoft's recommended Server OS settings and display results in a GUI:

./WELA.ps1 audit-settings -Baseline Microsoft_Server -OutType gui

Check with Microsoft's recommended Client OS settings and display results in table format:

./WELA.ps1 audit-settings -Baseline Microsoft_Client -OutType table

audit-filesize

The audit-filesize command checks the Windows event logs' file size and compares them with the recommended settings from Yamato Security's recommendations.

audit-filesize command examples

Check the Windows event log file size with Yamato Security's recommendations and save results to CSV:

./WELA.ps1 audit-filesize -Baseline YamatoSecurity

configure

The configure command sets the recommended Windows event log audit policy and file size.

configure command examples

Apply Yamato Security's recommended settings (with confirmation prompt before changing settings):

./WELA.ps1 configure -Baseline YamatoSecurity

Apply Australian Signals Directorate's recommended settings without confirmation prompt:

./WELA.ps1 configure -Baseline ASD -auto

update-rules

update-rules command examples

Update WELA's Sigma rules config files:

./WELA.ps1 update-rules