Value Data

The .audit file syntax contains keywords that can be assigned various value types to customize your checks. This section describes these keywords and the format of the data that can be entered.

This section includes the following information:

Data Types

The following types of data can be entered for the checks:

Data Type



0 to 2,147,483,647


Where X is a DWORD or MIN and Y is a DWORD or MAX


value_data: 45

value_data: [11..9841]

value_data: [45..MAX]

In addition, numbers can be specified with plus (+) or minus (-) to indicate their "sign" and be specified as hexadecimal values. Hexadecimal and signs can be combined. The following are valid examples (without the corresponding label in parentheses) within a REGISTRY_SETTING audit for a POLICY_DWORD:

value_data: -1 (signed)

value_data: +10 (signed)

value_data: 10 (unsigned)

value_data: 2401649476 (unsigned)

value_data: [MIN..+10] (signed range)

value_data: [20..MAX] (unsigned range)

value_data: 0x800010AB (unsigned hex)

value_data: -0x10 (signed hex)