524 lines
21 KiB
JSON
524 lines
21 KiB
JSON
{
|
|
"@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/configurationPolicies/$entity",
|
|
"createdDateTime": "2025-03-16T05:44:12.1595502Z",
|
|
"creationSource": null,
|
|
"description": "",
|
|
"lastModifiedDateTime": "2025-03-16T05:44:12.1595502Z",
|
|
"name": "Win - SC - Device Security - D - Audit and Event Logging",
|
|
"platforms": "windows10",
|
|
"priorityMetaData": null,
|
|
"roleScopeTagIds": [
|
|
"0"
|
|
],
|
|
"settingCount": 35,
|
|
"technologies": "mdm",
|
|
"id": "5763c0b9-33b4-4cf7-8efe-bc1be616ae15",
|
|
"templateReference": {
|
|
"templateId": "",
|
|
"templateFamily": "none",
|
|
"templateDisplayName": null,
|
|
"templateDisplayVersion": null
|
|
},
|
|
"settings": [
|
|
{
|
|
"id": "0",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_eventlogservice_controleventlogbehavior",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_eventlogservice_controleventlogbehavior_0",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "1",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_eventlogservice_specifymaximumfilesizeapplicationlog",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_eventlogservice_specifymaximumfilesizeapplicationlog_1",
|
|
"children": [
|
|
{
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_eventlogservice_specifymaximumfilesizeapplicationlog_channel_logmaxsize",
|
|
"settingInstanceTemplateReference": null,
|
|
"simpleSettingValue": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationIntegerSettingValue",
|
|
"settingValueTemplateReference": null,
|
|
"value": 32768
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "2",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_admx_eventlog_channel_log_retention_2",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_admx_eventlog_channel_log_retention_2_0",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "3",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_eventlogservice_specifymaximumfilesizesecuritylog",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_eventlogservice_specifymaximumfilesizesecuritylog_1",
|
|
"children": [
|
|
{
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_eventlogservice_specifymaximumfilesizesecuritylog_channel_logmaxsize",
|
|
"settingInstanceTemplateReference": null,
|
|
"simpleSettingValue": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationIntegerSettingValue",
|
|
"settingValueTemplateReference": null,
|
|
"value": 196608
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "4",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_admx_eventlog_channel_log_retention_3",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_admx_eventlog_channel_log_retention_3_0",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "5",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_admx_eventlog_channel_logmaxsize_3",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_admx_eventlog_channel_logmaxsize_3_1",
|
|
"children": [
|
|
{
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_admx_eventlog_channel_logmaxsize_3_channel_logmaxsize",
|
|
"settingInstanceTemplateReference": null,
|
|
"simpleSettingValue": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationIntegerSettingValue",
|
|
"settingValueTemplateReference": null,
|
|
"value": 32768
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "6",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_admx_eventlog_channel_log_retention_4",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_admx_eventlog_channel_log_retention_4_0",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "7",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_eventlogservice_specifymaximumfilesizesystemlog",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_eventlogservice_specifymaximumfilesizesystemlog_1",
|
|
"children": [
|
|
{
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_eventlogservice_specifymaximumfilesizesystemlog_channel_logmaxsize",
|
|
"settingInstanceTemplateReference": null,
|
|
"simpleSettingValue": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationIntegerSettingValue",
|
|
"settingValueTemplateReference": null,
|
|
"value": 32768
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "8",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_accountlogon_auditcredentialvalidation",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_accountlogon_auditcredentialvalidation_3",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "9",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_accountlogonlogoff_auditaccountlockout",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_accountlogonlogoff_auditaccountlockout_2",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "10",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_accountlogonlogoff_auditgroupmembership",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_accountlogonlogoff_auditgroupmembership_1",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "11",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_accountlogonlogoff_auditlogoff",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_accountlogonlogoff_auditlogoff_1",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "12",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_accountlogonlogoff_auditlogon",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_accountlogonlogoff_auditlogon_3",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "13",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_accountmanagement_auditapplicationgroupmanagement",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_accountmanagement_auditapplicationgroupmanagement_3",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "14",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_policychange_auditauthenticationpolicychange",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_policychange_auditauthenticationpolicychange_1",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "15",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_policychange_auditauthorizationpolicychange",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_policychange_auditauthorizationpolicychange_1",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "16",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_policychange_auditpolicychange",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_policychange_auditpolicychange_1",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "17",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_objectaccess_auditfileshare",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_objectaccess_auditfileshare_3",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "18",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_accountlogonlogoff_auditotherlogonlogoffevents",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_accountlogonlogoff_auditotherlogonlogoffevents_3",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "19",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_accountmanagement_auditsecuritygroupmanagement",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_accountmanagement_auditsecuritygroupmanagement_1",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "20",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_system_auditsecuritysystemextension",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_system_auditsecuritysystemextension_1",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "21",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_accountlogonlogoff_auditspeciallogon",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_accountlogonlogoff_auditspeciallogon_1",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "22",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_accountmanagement_audituseraccountmanagement",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_accountmanagement_audituseraccountmanagement_3",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "23",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_detailedtracking_auditpnpactivity",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_detailedtracking_auditpnpactivity_1",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "24",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_detailedtracking_auditprocesscreation",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_detailedtracking_auditprocesscreation_1",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "25",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_objectaccess_auditdetailedfileshare",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_objectaccess_auditdetailedfileshare_2",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "26",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_objectaccess_auditotherobjectaccessevents",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_objectaccess_auditotherobjectaccessevents_3",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "27",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_objectaccess_auditremovablestorage",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_objectaccess_auditremovablestorage_3",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "28",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_policychange_auditmpssvcrulelevelpolicychange",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_policychange_auditmpssvcrulelevelpolicychange_3",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "29",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_policychange_auditotherpolicychangeevents",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_policychange_auditotherpolicychangeevents_2",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "30",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_privilegeuse_auditsensitiveprivilegeuse",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_privilegeuse_auditsensitiveprivilegeuse_3",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "31",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_system_auditipsecdriver",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_system_auditipsecdriver_3",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "32",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_system_auditothersystemevents",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_system_auditothersystemevents_3",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "33",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_system_auditsecuritystatechange",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_system_auditsecuritystatechange_1",
|
|
"children": []
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"id": "34",
|
|
"settingInstance": {
|
|
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
|
|
"settingDefinitionId": "device_vendor_msft_policy_config_audit_system_auditsystemintegrity",
|
|
"settingInstanceTemplateReference": null,
|
|
"choiceSettingValue": {
|
|
"settingValueTemplateReference": null,
|
|
"value": "device_vendor_msft_policy_config_audit_system_auditsystemintegrity_3",
|
|
"children": []
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|