SecureAuditor.ini

[Antivirus]
Enabled = true

[DefaultAccount]
LocalUserNames = Administrator, Guest

[DiskSpace]
; Regex pattern to exclude drive name
Exclude = Temp
MaxUsage = 90

[EventLogs]
; Days before today
Days = 1
; Regex pattern to exclude event ID
Exclude =
; https://learn.microsoft.com/powershell/scripting/samples/creating-get-winevent-queries-with-filterhashtable#filtering-by-level
Levels = 1, 2, 3
LogNames = Application, Security, System
MaxEvents = 10
MaxMessageLength = 2048

[FailedHttpRequests]
; Days before today
Days = 1
MaxRecords = 10

[FileIntegrityMonitoring]
; The baseline file path for comparison
BaselinePath = SecureAuditor-FileIntegrityMonitoring.csv
Enabled = true
; Regex pattern to exclude path
Exclude =
HashAlgorithm = SHA256
MaxRecords = 10
; The critical system or application paths to monitor
Paths = C:\autoexec.bat, C:\boot.ini, C:\config.sys, C:\Windows\system.ini, C:\Windows\win.ini, C:\Windows\regedit.exe, C:\Windows\System32\userinit.exe, C:\Windows\explorer.exe, C:\Program Files\Microsoft Security Client\msseces.exe

[IdleAccount]
; Days before today
Days = 365
; Regex pattern to exclude username
Exclude =

[Login]
; Days before today
Days = 1
MaxEvents = 10

[PasswordExpires]
; Regex pattern to exclude username
Exclude =

[PasswordPolicy]
MaximumPasswordAge = 90
MinimumPasswordAge = 1
MinimumPasswordLength = 12
PasswordHistorySize = 3

[PendingUpdates]
; Regex pattern to exclude KBArticleIDs
Exclude = 

[Rules]
; Regex pattern to exclude rule name
Exclude = 
; Regex pattern to include rule name
Include = .*

[Shutdown]
; Days before today
Days = 1
MaxEvents = 10

[SoftwareInstallation]
; Days before today
Days = 1
MaxEvents = 10

[SystemInfo]
Enabled = true
; https://learn.microsoft.com/powershell/module/microsoft.powershell.management/get-computerinfo
Properties =

[UserAccountManagement]
; Days before today
Days = 1