Click here to Skip to main content
13,199,318 members (68,195 online)
Click here to Skip to main content

Stats

32.6K views
1.5K downloads
14 bookmarked
Posted 26 Feb 2010

Query the New Windows Audit Policies Programmatically

, 26 Feb 2010
This sample show how to access the information retrieved by running Auditpol.
//	---------------------------------------------------------------------------------------------
//	Author:			Marc Ochsenmeier
//	Email:			info@winitor.net
//	Web:			www.winitor.net
//	Date:			25.02.2010
//
//	Description:	Read the Windows Audit Policy settings programmatically like "Auditpol" does.
//	---------------------------------------------------------------------------------------------
#include "stdafx.h"

CAuditPolicyCategory::CAuditPolicyCategory(GUID* const guid): 
	m_pGuid(guid), m_pName(NULL)
{
}
CAuditPolicyCategory::~CAuditPolicyCategory()
{
	CleanAuditSubCategoriesCollection();
	m_pGuid = NULL;
}
GUID* CAuditPolicyCategory::GetGuid()
{
	return m_pGuid;
}
//	Retrieve its User Friendly Name
wstring CAuditPolicyCategory::GetFriendlyName()
{
	wstring sFriendlyName;

	if(m_pGuid)
	{
		if( AuditLookupCategoryName(m_pGuid, &m_pName))
		{
			sFriendlyName = m_pName;
		}
	}
	else
	{
		//	Error
	}
	return sFriendlyName;
}
void CAuditPolicyCategory::CleanAuditSubCategoriesCollection()
{
	AuditPolicySubCategory::iterator it = m_vAuditPolicySubCategories.begin();
	for( ;it!=m_vAuditPolicySubCategories.end(); it++)
	{
		CAuditPolicySubCategory* item = *it;
		delete item;
	}
	m_vAuditPolicySubCategories.clear();
}

vector<CAuditPolicySubCategory*> CAuditPolicyCategory::GetSubCategories()
{
	//	Clean from previous call.
	CleanAuditSubCategoriesCollection();

	GUID* pGuid = NULL;
	ULONG uCount = 0;
	if(AuditEnumerateSubCategories(
		m_pGuid, 
		FALSE /*return only the Subcategories for this Category*/, 
		&pGuid, 
		&uCount))
	{
		GUID* pCurrentGuid = pGuid;
		for(ULONG i=0; i<uCount; i++)
		{
			m_vAuditPolicySubCategories.push_back(new CAuditPolicySubCategory(pCurrentGuid));
			pCurrentGuid++;
		}
	}
	else
	{
		//	Error
	}
	return m_vAuditPolicySubCategories;
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

marc ochsenmeier
Software Developer (Senior) winitor
Germany Germany
Marc Ochsenmeier is the author of PEStudio (www.winitor.com) and works as developer with the focus on Windows Hardening.

PEStudio is on twitter at: https://twitter.com/ochsenmeier

You may also be interested in...

Permalink | Advertise | Privacy | Terms of Use | Mobile
Web02 | 2.8.171020.1 | Last Updated 26 Feb 2010
Article Copyright 2010 by marc ochsenmeier
Everything else Copyright © CodeProject, 1999-2017
Layout: fixed | fluid