WindowsAdvancedAuditPolicyMap

The main purpose of this project is to establish an exhaustive map of the correspondence between Windows advanced audit policy settings and event ids.

Generate Convert Improve

Install / Use

/learn @little-kawa/WindowsAdvancedAuditPolicyMap

About this skill

Quality Score

0/100

README

<h1 align="center">Windows Advanced Audit Policy Map</h1> <a href="LICENSE" alt="License"> <img src="https://img.shields.io/github/license/little-kawa/WindowsAdvancedAuditPolicyMap?style=flat-square" /></a> <a href="https://github.com/little-kawa/WindowsAdvancedAuditPolicyMap/issues" alt="Issues"> <img src="https://img.shields.io/github/issues/little-kawa/WindowsAdvancedAuditPolicyMap?style=flat-square" /></a> <a href="https://github.com/little-kawa/WindowsAdvancedAuditPolicyMap/graphs/contributors" alt="Contributors"> <img src="https://img.shields.io/github/contributors/little-kawa/WindowsAdvancedAuditPolicyMap?style=flat-square" /></a> <a href="https://github.com/little-kawa/WindowsAdvancedAuditPolicyMap/pulls?q=is%3Apr+is%3Aclosed" alt="Closed PRs"> <img src="https://img.shields.io/github/issues-pr-closed/little-kawa/WindowsAdvancedAuditPolicyMap?style=flat-square" /></a> <a href="https://github.com/little-kawa/WindowsAdvancedAuditPolicyMap/network/members/" alt="Forks"> <img src="https://img.shields.io/github/forks/little-kawa/WindowsAdvancedAuditPolicyMap?style=flat-square" /></a> <a href="https://github.com/little-kawa/WindowsAdvancedAuditPolicyMap/stargazers/" alt="Stars"> <img src="https://img.shields.io/github/stars/little-kawa/WindowsAdvancedAuditPolicyMap?style=flat-square" /></a> <a href="https://github.com/little-kawa/WindowsAdvancedAuditPolicyMap/watchers/" alt="Watchers"> <img src="https://img.shields.io/github/watchers/little-kawa/WindowsAdvancedAuditPolicyMap?style=flat-square" /></a>

Purpose

The first purpose of this project is to establish an exhaustive map of the correspondence between Windows advanced audit policy settings and event ids. I then added the estimated volume of each policy settings if enabled. I also marked audit policy settings recommended by ANSSI to be enabled. This project is based on the documentation for Windows 10/11 and Windows Server >= 2016

<a href="Files/WindowsAdvancedAuditPolicy.pdf" alt="WindowsAdvancedAuditPolicy.pdf">Display the PDF version</a>

Contribution

If you have ideas to improve this project, contributions are of course welcome <3

Documentation

ANSSI Guide Microsoft Documentation

Related Skills

healthcheck

349.9k

Host security hardening and risk-tolerance configuration for OpenClaw deployments

node-connect

349.9k

Diagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps

prose

349.9k

OpenProse VM skill pack. Activate on any `prose` command, .prose files, or OpenProse mentions; orchestrates multi-agent workflows.

frontend-design

109.8k

Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.

little-kawa

View profile

View on GitHub

GitHub Stars11

CategoryDevelopment

Updated10mo ago

Forks0

little-kawa/WindowsAdvancedAuditPolicyMap

Security Score

87/100

Audited on Jun 2, 2025

No findings