detection-rules icon indicating copy to clipboard operation
detection-rules copied to clipboard
verified publisher icon elastic

[Security Content] Windows Audit Policies Config Guides - Repo Edition

Open w0rk3r opened this issue 11 months ago • 2 comments

Issue

Part of https://github.com/elastic/ia-trade-team/issues/205

Summary

This repo version of the config guides will provide a centralized view of the audit policies we require customers to enable in order to use our rules. It will not replace the per-rule guide.

It is also easier to review the format, as we aren't repeating the same modification across hundreds of rules.

After this gets merged, I'll start incorporating them into the rules.

w0rk3r avatar Feb 26 '25 16:02 w0rk3r

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

botelastic[bot] avatar May 14 '25 04:05 botelastic[bot]

This has been closed due to inactivity. If you feel this is an error, please re-open and include a justifying comment.

botelastic[bot] avatar May 21 '25 05:05 botelastic[bot]

Closing this one as I plan to work in an enhanced version in https://github.com/elastic/ia-trade-team/issues/681

w0rk3r avatar Aug 18 '25 19:08 w0rk3r