Skip to content

Commit

Permalink
Update README.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@qjerome
qjerome committed Feb 25, 2021
1 parent b882f9e commit 8fcb729
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ In order to get the most of WHIDS you might want to improve your logging policy.
1. gpedit.msc -> `Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\System Audit Policies\Object Access\Audit File System` -> Enable
2. Right Click Any Folder -> Properties -> Security -> Advanced -> Auditing -> Add
1. `Select a principal` (put here the name of the user/group you want the audit for). Put group **Everyone** if you want to log access from any user.
2. `Apply this to` is used to select the scope of this audit policy starting from this folder
2. `Apply this to` is used to select the scope of this audit policy starting from the folder you have selected
3. `Basic permissions` select the kinds of accesses you want the logs to be generated for
4. Validate
3. File System auditing logs will appear in the `Security` log channel
Expand Down

0 comments on commit 8fcb729

Please sign in to comment.