Examples/FileSystemAuditRuleEntry_example.ps1
|
configuration Sample_FileAuditEntry { Import-DscResource -ModuleName AccessControlDsc node localhost { FileSystemAuditRuleEntry auditFolder { Path = "C:\auditFolder\auditChildFolder" Force = $true AuditRuleList = @( FileSystemAuditRuleList { Principal = 'users' ForcePrincipal = $true AuditRuleEntry = @( FileSystemAuditRule { AuditFlags = 'Success' FileSystemRights = 'Write' Inheritance = 'This folder and files' Ensure = 'Present' } ) } ) } FileSystemAuditRuleEntry SqlInstallFolderAuditing { Path = "C:\Program Files\SqlServerInstallation" Force = $false AuditRuleList = @( FileSystemAuditRuleList { Principal = 'Everyone' ForcePrincipal = $false AuditRuleEntry = @( FileSystemAuditRule { AuditFlags = 'Success' FileSystemRights = 'Traverse','ExecuteFile','ListDirectory','ReadData','ReadExtendedAttributes','ReadAttributes','CreateFiles','WriteData','CreateDirectories','AppendData','WriteAttributes','WriteExtendedAttributes','Delete','ReadPermissions' Inheritance = 'This folder subfolders and files' Ensure = 'Present' } ) } FileSystemAuditRuleList { Principal = 'Everyone' ForcePrincipal = $false AuditRuleEntry = @( FileSystemAuditRule { AuditFlags = 'Failure' FileSystemRights = 'Traverse','ExecuteFile','ListDirectory','ReadData','ReadExtendedAttributes','ReadAttributes','CreateFiles','WriteData','CreateDirectories','AppendData','WriteAttributes','WriteExtendedAttributes','Delete','ReadPermissions' Inheritance = 'This folder subfolders and files' Ensure = 'Present' } ) } ) } } } |