Add a documentation website under website/, built from README.md and README-Japanese.md and laid out with top-tab topics and a left sidebar (same style as the Hayabusa docs). Designed to be hosted free on GitHub Pages. - Pages: Overview (About, Features, Screenshots), Getting Started, Commands (Command List, Command Usage), Resources (Companion Projects, Other Resources, Changelog, Contributing) - Custom landing page, theme, click-to-zoom screenshots - Changelog synced from CHANGELOG.md at build time - 15-language switcher via mkdocs-static-i18n: English + Japanese full content; the other 13 localize the UI and fall back to English until translated - .github/workflows/docs.yml builds (mkdocs --strict) + deploys to GitHub Pages Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2.3 KiB
Command Usage
audit-settings
The audit-settings command checks the Windows event log audit policy settings and compares them with the recommended settings from Yamato Security, Microsoft(Sever/Client), and Australian Signals Directorate (ASD).
RuleCount indicates the number of Sigma rules that can detect events within that category.
audit-settings command examples
Check with the default Yamato Security's recommended settings and save results to CSV:
./WELA.ps1 audit-settings -Baseline YamatoSecurity
Check with the Australian Signals Directorate's recommended settings and save results to CSV:
./WELA.ps1 audit-settings -Baseline ASD
Check with Microsoft's recommended Server OS settings and display results in a GUI:
./WELA.ps1 audit-settings -Baseline Microsoft_Server -OutType gui
Check with Microsoft's recommended Client OS settings and display results in table format:
./WELA.ps1 audit-settings -Baseline Microsoft_Client -OutType table
audit-filesize
The audit-filesize command checks the Windows event logs' file size and compares them with the recommended settings from Yamato Security's recommendations.
audit-filesize command examples
Check the Windows event log file size with Yamato Security's recommendations and save results to CSV:
./WELA.ps1 audit-filesize -Baseline YamatoSecurity
configure
The configure command sets the recommended Windows event log audit policy and file size.
configure command examples
Apply Yamato Security's recommended settings (with confirmation prompt before changing settings):
./WELA.ps1 configure -Baseline YamatoSecurity
Apply Australian Signals Directorate's recommended settings without confirmation prompt:
./WELA.ps1 configure -Baseline ASD -auto
update-rules
update-rules command examples
Update WELA's Sigma rules config files:
./WELA.ps1 update-rules