Click here to Skip to main content
Click here to Skip to main content
Add your own
alternative version

Query the New Windows Audit Policies Programmatically

, 26 Feb 2010 CPOL
This sample show how to access the information retrieved by running Auditpol.
//	---------------------------------------------------------------------------------------------
//	Author:			Marc Ochsenmeier
//	Email:			info@winitor.net
//	Web:			www.winitor.net
//	Date:			25.02.2010
//
//	Description:	Read the Windows Audit Policy settings programmatically like "Auditpol" does.
//	---------------------------------------------------------------------------------------------
#include "stdafx.h"

CAuditPolicyCategory::CAuditPolicyCategory(GUID* const guid): 
	m_pGuid(guid), m_pName(NULL)
{
}
CAuditPolicyCategory::~CAuditPolicyCategory()
{
	CleanAuditSubCategoriesCollection();
	m_pGuid = NULL;
}
GUID* CAuditPolicyCategory::GetGuid()
{
	return m_pGuid;
}
//	Retrieve its User Friendly Name
wstring CAuditPolicyCategory::GetFriendlyName()
{
	wstring sFriendlyName;

	if(m_pGuid)
	{
		if( AuditLookupCategoryName(m_pGuid, &m_pName))
		{
			sFriendlyName = m_pName;
		}
	}
	else
	{
		//	Error
	}
	return sFriendlyName;
}
void CAuditPolicyCategory::CleanAuditSubCategoriesCollection()
{
	AuditPolicySubCategory::iterator it = m_vAuditPolicySubCategories.begin();
	for( ;it!=m_vAuditPolicySubCategories.end(); it++)
	{
		CAuditPolicySubCategory* item = *it;
		delete item;
	}
	m_vAuditPolicySubCategories.clear();
}

vector<CAuditPolicySubCategory*> CAuditPolicyCategory::GetSubCategories()
{
	//	Clean from previous call.
	CleanAuditSubCategoriesCollection();

	GUID* pGuid = NULL;
	ULONG uCount = 0;
	if(AuditEnumerateSubCategories(
		m_pGuid, 
		FALSE /*return only the Subcategories for this Category*/, 
		&pGuid, 
		&uCount))
	{
		GUID* pCurrentGuid = pGuid;
		for(ULONG i=0; i<uCount; i++)
		{
			m_vAuditPolicySubCategories.push_back(new CAuditPolicySubCategory(pCurrentGuid));
			pCurrentGuid++;
		}
	}
	else
	{
		//	Error
	}
	return m_vAuditPolicySubCategories;
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

marc ochsenmeier
Software Developer (Senior) winitor
Germany Germany
Marc Ochsenmeier is the author of PEStudio (www.winitor.com) and works as developer with the focus on Windows Hardening.
 
PEStudio is on twitter at: https://twitter.com/ochsenmeier

| Advertise | Privacy | Mobile
Web02 | 2.8.141022.2 | Last Updated 26 Feb 2010
Article Copyright 2010 by marc ochsenmeier
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid