Class: Chef::Resource::WindowsAuditPolicy

Inherits:
Chef::Resource show all
Defined in:
lib/chef/resource/windows_audit_policy.rb

Constant Summary collapse

WIN_AUDIT_SUBCATEGORIES =
["Account Lockout",
 "Application Generated",
 "Application Group Management",
 "Audit Policy Change",
 "Authentication Policy Change",
 "Authorization Policy Change",
 "Central Policy Staging",
 "Certification Services",
 "Computer Account Management",
 "Credential Validation",
 "DPAPI Activity",
 "Detailed Directory Service Replication",
 "Detailed File Share",
 "Directory Service Access",
 "Directory Service Changes",
 "Directory Service Replication",
 "Distribution Group Management",
 "File Share",
 "File System",
 "Filtering Platform Connection",
 "Filtering Platform Packet Drop",
 "Filtering Platform Policy Change",
 "Group Membership",
 "Handle Manipulation",
 "IPsec Driver",
 "IPsec Extended Mode",
 "IPsec Main Mode",
 "IPsec Quick Mode",
 "Kerberos Authentication Service",
 "Kerberos Service Ticket Operations",
 "Kernel Object",
 "Logoff",
 "Logon",
 "MPSSVC Rule-Level Policy Change",
 "Network Policy Server",
 "Non Sensitive Privilege Use",
 "Other Account Logon Events",
 "Other Account Management Events",
 "Other Logon/Logoff Events",
 "Other Object Access Events",
 "Other Policy Change Events",
 "Other Privilege Use Events",
 "Other System Events",
 "Plug and Play Events",
 "Process Creation",
 "Process Termination",
 "RPC Events",
 "Registry",
 "Removable Storage",
 "SAM",
 "Security Group Management",
 "Security State Change",
 "Security System Extension",
 "Sensitive Privilege Use",
 "Special Logon",
 "System Integrity",
 "Token Right Adjusted Events",
 "User / Device Claims",
 "User Account Management",
].freeze

Constants inherited from Chef::Resource

FORBIDDEN_IVARS, HIDDEN_IVARS

Instance Attribute Summary

Attributes inherited from Chef::Resource

#allowed_actions, #cookbook_name, #declared_type, #default_guard_interpreter, #elapsed_time, #enclosing_provider, #executed_by_runner, #logger, #params, #recipe_name, #resource_initializing, #run_context, #source_line, #updated

Instance Method Summary collapse

Methods inherited from Chef::Resource

#action, action, #action=, action_class, #after_created, allowed_actions, allowed_actions=, #as_json, #before_notifications, chef_version_for_provides, #compile_time, #cookbook_version, #current_value, #current_value_does_not_exist!, #custom_exception_message, custom_resource?, #customize_exception, declare_action_class, #declared_key, default_action, default_action=, default_description, #defined_at, #delayed_action, #delayed_notifications, deprecated, description, #events, examples, from_hash, from_json, #guard_interpreter, #identity, identity_attr, identity_property, #ignore_failure, #immediate_notifications, inherited, #initialize, #inspect, introduced, is_custom_resource!, json_create, load_current_value, #load_from, #lookup_provider_constant, #method_missing, #name, #node, #not_if, #notifies, #notifies_before, #notifies_delayed, #notifies_immediately, #only_if, preview_resource, #provider, #provider=, #provider_for_action, provides, provides?, #resolve_notification_references, resource_for_node, resource_matching_short_name, #resource_name, resource_name, resource_name=, #retries, #retry_delay, #run_action, #sensitive, #should_skip?, skip_docs, sorted_descendants, #source_line_file, #source_line_number, state_attrs, #state_for_resource_reporter, #subscribes, #suppress_up_to_date_messages?, #to_h, #to_json, #to_s, #to_text, #umask, unified_mode, #updated?, #updated_by_last_action, #updated_by_last_action?, use, #validate_action, #validate_resource_spec!, #value_to_text, #with_umask

Methods included from Mixin::ConvertToClassName

#constantize, #convert_to_class_name, #convert_to_snake_case, #filename_to_qualified_string, #normalize_snake_case_name, #snake_case_basename

Methods included from Mixin::LazyModuleInclude

#descendants, #include, #included

Methods included from Mixin::PowershellOut

#powershell_out, #powershell_out!

Methods included from Mixin::WindowsArchitectureHelper

#assert_valid_windows_architecture!, #disable_wow64_file_redirection, #forced_32bit_override_required?, #is_i386_process_on_x86_64_windows?, #node_supports_windows_architecture?, #node_windows_architecture, #restore_wow64_file_redirection, #valid_windows_architecture?, #with_os_architecture, #wow64_architecture_override_required?, #wow64_directory

Methods included from Mixin::PowershellExec

#powershell_exec, #powershell_exec!

Methods included from DSL::Powershell

#ps_credential

Methods included from DSL::RegistryHelper

#registry_data_exists?, #registry_get_subkeys, #registry_get_values, #registry_has_subkeys?, #registry_key_exists?, #registry_value_exists?

Methods included from DSL::ChefVault

#chef_vault, #chef_vault_item, #chef_vault_item_for_environment

Methods included from DSL::DataQuery

#data_bag, #data_bag_item, #search, #tagged?

Methods included from EncryptedDataBagItem::CheckEncrypted

#encrypted?

Methods included from DSL::PlatformIntrospection

#older_than_win_2012_or_8?, #platform?, #platform_family?, #value_for_platform, #value_for_platform_family

Methods included from Mixin::Provides

#provided_as, #provides, #provides?

Methods included from Mixin::DescendantsTracker

#descendants, descendants, #direct_descendants, direct_descendants, #find_descendants_by_name, find_descendants_by_name, #inherited, store_inherited

Methods included from Mixin::Deprecation

#deprecated_attr, #deprecated_attr_reader, #deprecated_attr_writer, #deprecated_ivar

Methods included from Mixin::Properties

#copy_properties_from, included, #property_description, #property_is_set?, #reset_property

Methods included from Mixin::ParamsValidate

#lazy, #set_or_return, #validate

Methods included from DSL::RebootPending

#reboot_pending?

Methods included from DSL::DeclareResource

#build_resource, #declare_resource, #delete_resource, #delete_resource!, #edit_resource, #edit_resource!, #find_resource, #find_resource!, #resources, #with_run_context

Constructor Details

This class inherits a constructor from Chef::Resource

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class Chef::Resource

Instance Method Details

#option_configured?(option_name, option_setting) ⇒ Boolean

Returns:

  • (Boolean)

171
172
173
174
175
176
177
# File 'lib/chef/resource/windows_audit_policy.rb', line 171

def option_configured?(option_name, option_setting)
  setting = option_setting ? "Enabled$" : "Disabled$"
  powershell_exec(<<-CODE).result
    $auditpol_config = auditpol /get /option:#{option_name}
    if ($auditpol_config | Select-String "#{setting}") { return $true } else { return $false }
  CODE
end

#subcategory_configured?(sub_cat, success_value, failure_value) ⇒ Boolean

Returns:

  • (Boolean)

155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
# File 'lib/chef/resource/windows_audit_policy.rb', line 155

def subcategory_configured?(sub_cat, success_value, failure_value)
  setting = if success_value && failure_value
              "Success and Failure$"
            elsif success_value && !failure_value
              "Success$"
            elsif !success_value && failure_value
              "(Failure$)&!(Success and Failure$)"
            else
              "No Auditing"
            end
  powershell_exec(<<-CODE).result
    $auditpol_config = auditpol /get /subcategory:"#{sub_cat}"
    if ($auditpol_config | Select-String "#{setting}") { return $true } else { return $false }
  CODE
end