Intel AMT Features > Access Monitor > Use Cases > Enable and Disable Auditing
CollapseAll image

Enable and Disable Auditing

 Note:

   Setting the signing key material is a prerequisite for enabling the Audit Log feature in pre-8.0 releases
(see Set the Signing Key Material).

   In pre-8.0 releases:  When performing setup and configuration using either TLS-PSK or remote configuration, do not enable the audit log until after executing CommitChanges.

   Starting in Release 8.0:  Audit Log is enabled by default in all provisioning states (PRE, IN, POST).

The following steps describe how to enable and disable the auditing feature.

1.  Retrieve the instance of AMT_AuditLog, where the “Name” key equals “Intel(r) AMT:Audit Log”.

2.  Invoke AMT_AuditLog.RequestStateChange with one of the following values for the RequestedState parameter:

Value

Description

2

Enabled

3

Disabled

 

Click here for a snippet demonstrating this step

You can execute this snippet by inserting it into the execution template found here.

  

$auditLogRef =$wsmanConnectionObject.NewReference("SELECT * FROM AMT_AuditLog WHERE Name='Intel(r) AMT:Audit Log'")

$inputObject =$auditLogRef.CreateMethodInput("RequestStateChange")

$inputObject.SetProperty("RequestedState","2")

$outputObject =$auditLogRef.InvokeMethod($inputObject)

$returnValue =$outputObject.GetProperty("ReturnValue")

 

 

Instance Diagram

Classes Used in This Flow

   AMT_AuditLog

SDK Sample

Located at:<SDK_root>\Windows\Intel_AMT\Samples\WS-Management\AccessMonitor\C++

 

See Also:

   About the Auditor User

   Enabling Auditing

Copyright © 2006-2022, Intel Corporation. All rights reserved.