The code has no technical content and the graphical operation is converted to a command line.
Effect Chart:
Code (SAMTOOL.BAT):
Copy Code code as follows:
@echo off
If {%1} = = {} goto:help
if {%2} = = {} goto:help
If exist Samtool.sdb erase samtool.sdb/q
If exist Samtool.inf erase samtool.inf/q
If exist SAMTool.log erase samtool.log/q
If {%1} = = {-B} secedit/export/cfg%2/log Samtool.log/quiet
If {%1} = = {-R} secedit/configure/db samtool.sdb/cfg%2/log samtool.log/quiet
If {%1} = = {-O} (
if {%4} = = {} goto:help
If not {%3} = = {p} goto:help
echo%4 | Findstr "[0-3]" >nul | | Goto:help
REM pushd%windir%\system32\
Echo. [Version] >>samtool.inf
Echo.signature= "$CHICAGO $" >>samtool.inf
Echo. [Event Audit] >>samtool.inf
echo.%2 | findstr "D" >nul && Echo. Auditdsaccess=%4 >>samtool.inf
echo.%2 | findstr "E" >nul && Echo. Auditlogonevents=%4 >>samtool.inf
echo.%2 | findstr "S" >nul && Echo. Auditsystemevents=%4 >>samtool.inf
echo.%2 | findstr "O" >nul && Echo. Auditobjectaccess=%4 >>samtool.inf
echo.%2 | findstr "U" >nul && Echo. Auditprivilegeuse=%4 >>samtool.inf
echo.%2 | findstr "C" >nul && Echo. Auditpolicychange=%4 >>samtool.inf
echo.%2 | findstr "L" >nul && Echo. Auditaccountlogon=%4 >>samtool.inf
echo.%2 | findstr "M" >nul && Echo. Auditaccountmanage=%4 >>samtool.inf
echo.%2 | findstr "P" >nul && Echo. Auditprocesstracking=%4 >>samtool.inf
if {%2} = = {A} (
Echo. Auditdsaccess=%4 >>samtool.inf
Echo. Auditlogonevents=%4 >>samtool.inf
Echo. Auditsystemevents=%4 >>samtool.inf
Echo. Auditobjectaccess=%4 >>samtool.inf
Echo. Auditprivilegeuse=%4 >>samtool.inf
Echo. Auditpolicychange=%4 >>samtool.inf
Echo. Auditaccountlogon=%4 >>samtool.inf
Echo. Auditaccountmanage=%4 >>samtool.inf
Echo. Auditprocesstracking=%4 >>samtool.inf
)
secedit/configure/db samtool.sdb/cfg Samtool.inf/log Samtool.log/quiet
)
if {%3} = = {-V} type SAMTool.log
if {%5} = = = {-V} type SAMTool.log
If exist Samtool.sdb erase samtool.sdb/q
If exist Samtool.inf erase samtool.inf/q
If exist SAMTool.log erase samtool.log/q
Exit/b
: Help
Cls
Echo. System Audit Strategy Manage tool. (C) Copyright 2013 enun-net.
Echo.
Echo. Usage:samtool-b^|r [Drive:][path][filename]-O options-p parameters-v
Echo.
Echo. -B Backup The current configuration, specifies a INF file.
Echo. -R from a INF file recovery configuration.
Echo. -O options^ (Support multiple^):
Echo. D:directory Service Access
Echo. E:logon Events
Echo. S:system Events
Echo. O:object Access
Echo. U:privilege use
Echo. C:policy Change
Echo. L:account Logon
Echo. M:account Manage
Echo. P:process Tracking
Echo. A:all Audit
Echo. -P Parameters:
Echo. 0:don ' t audit
Echo. 1:only Audit Successful
Echo. 2:only Audit Failure
Echo. 3:all Audit ^ (successful and failure^)
Echo. -V Detailed results.
Echo.
Echo. Example:samtool-o ec-p 0-v
Echo. Samtool-b c:\myconfig.inf-v
Exit/b
For example: Samtool-o ec-p 1-v, the configuration Audit policy is: Audit policy changes (success), Audit logon events (success), and display more detailed output.
Original: https://www.enun.net/?p=2339