Control: Windows machines should meet requirements for 'System Audit Policies - Detailed Tracking'

Description

Windows machines should have the specified Group Policy settings in the category 'System Audit Policies - Detailed Tracking' for auditing DPAPI, process creation/termination, RPC events, and PNP activity. This policy requires that the Guest Configuration prerequisites have been deployed to the policy assignment scope.

Usage

Run the control in your terminal:

powerpipe control run azure_compliance.control.compute_vm_meet_system_audit_policies_requirement_windows

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run azure_compliance.control.compute_vm_meet_system_audit_policies_requirement_windows --share

SQL

This control uses a named query:

select
  id as resource,
  'info' as status,
  'Manual verification required. Check control description for more details.' as reason,
  display_name as subscription
from
  azure_subscription;

Control: Windows machines should meet requirements for 'System Audit Policies - Detailed Tracking'

Description

Usage

SQL

Tags