CollapseAll image

Get Audit Policy

The following steps describe how to retrieve the current auditing policy. The audit policy defines which events are to be audited by the audit log, and the level of criticality of each event. Events marked as critical that cannot be logged, either because the log is full or because it is locked, will fail and return an error.

1.  Retrieve the instance of AMT_AuditPolicyRule, where the “PolicyRuleName” key equals “Audit Policy Rule”.

2.  Examine AMT_AuditPolicyRule.AuditApplicationEventID.

Click here for a snippet demonstrating this step

You can execute this snippet by inserting it into the execution template found here.

  

$auditPolicyRuleRef =$wsmanConnectionObject.NewReference("SELECT * FROM  AMT_AuditPolicyRule WHERE PolicyRuleName='Audit Policy Rule'")

$auditPolicyRuleInstance =$auditPolicyRuleRef.Get()

$auditApplicationEventID =$auditPolicyRuleInstance.GetProperty("AuditApplicationEventID")

 

 

Instance Diagram

Classes Used in This Flow

SDK Sample

Not applicable

 

Copyright © 2006-2022, Intel Corporation. All rights reserved.