<xsd:element name="auditeventpolicysubcategories_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>The auditeventpolicysubcategories item enumerates the different types of subcategories the system should audit. These subcategories are new in Windows Vista. It extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<!-- Account Logon Audit Policy Subcategories -->
<xsd:element name="credential_validation" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemcredentialvalidation" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:credential_validation">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the credential_validation entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="kerberos_ticket_events" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemkerberosticketevents" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:kerberos_ticket_events">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the kerberos_ticket_events entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="other_account_logon_events" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemotheraccountlogonevents" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:other_account_logon_events">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the other_account_logon_events entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<!-- Account Management Audit Policy Subcategories -->
<xsd:element name="application_group_management" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemapplicationgroupmanagement" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:application_group_management">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the application_group_management entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="computer_account_management" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemcomputeraccountmanagement" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:computer_account_management">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the computer_account_management entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="distribution_group_management" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemdistributiongroupmanagement" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:distribution_group_management">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the distribution_group_management entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="other_account_management_events" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemotheraccountmanagementevents" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:other_account_management_events">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the other_account_management_events entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="security_group_management" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemsecuritygroupmanagement" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:security_group_management">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the security_group_management entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="user_account_management" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemuseraccountmanagement" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:user_account_management">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the user_account_management entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<!-- Detailed Tracking Audit Policy Subcategories -->
<xsd:element name="dpapi_activity" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemdpapiactivity" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:dpapi_activity">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the dpapi_activity entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="process_creation" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemprocesscreation" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:process_creation">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the process_creation entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="process_termination" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemprocesstermination" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:process_termination">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the process_termination entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="rpc_events" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemrpcevents" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:rpc_events">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the rpc_events entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<!-- DS Access Audit Policy Subcategories -->
<xsd:element name="directory_service_access" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemdirectoryserviceaccess" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:directory_service_access">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the directory_service_access entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="directory_service_changes" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemdirectoryservicechanges" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:xxx">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the directory_service_changes entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="directory_service_replication" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemdirectoryservicereplication" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:directory_service_replication">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the directory_service_replication entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="detailed_directory_service_replication" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemdetaileddirectoryservicereplication" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:detailed_directory_service_replication">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the detailed_directory_service_replication entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<!-- Logon/Logoff Audit Policy Subcategories -->
<xsd:element name="account_lockout" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemaccountlockout" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:account_lockout">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the account_lockout entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="ipsec_extended_mode" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemipsecextendedmode" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:ipsec_extended_mode">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the ipsec_extended_mode entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="ipsec_main_mode" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemipsecmainmode" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:ipsec_main_mode">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the ipsec_main_mode entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="ipsec_quick_mode" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemipsecquickmode" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:ipsec_quick_mode">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the ipsec_quick_mode entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="logoff" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemlogoff" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:logoff">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the logoff entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="logon" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemlogon" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:logon">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the logon entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="other_logon_logoff_events" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemotherlogonlogoffevents" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:other_logon_logoff_events">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the other_logon_logoff_events entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="special_logon" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemspeciallogon" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:special_logon">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the special_logon entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<!-- Object Access Audit Policy Subcategories -->
<xsd:element name="application_generated" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemapplicationgenerated" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:application_generated">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the application_generated entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="certification_services" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemcertificationservices" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:certification_services">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the certification_services entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_share" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemfileshare" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:file_share">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the file_share entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_system" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemfilesystem" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:file_system">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the file_system entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="filtering_platform_connection" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemfilteringplatformconnection" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:filtering_platform_connection">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the filtering_platform_connection entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="filtering_platform_packet_drop" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemfilteringplatformpacketdrop" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:filtering_platform_packet_drop">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the filtering_platform_packet_drop entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="handle_manipulation" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemhandlemanipulation" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:handle_manipulation">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the handle_manipulation entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="kernel_object" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemkernelobject" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:kernel_object">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the kernel_object entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="other_object_access_events" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemotherobjectaccessevents" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:other_object_access_events">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the other_object_access_events entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="registry" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemregistry" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:registry">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the registry entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="sam" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemsam" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:sam">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the sam entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<!-- Policy Change Audit Policy Subcategories -->
<xsd:element name="audit_policy_change" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemauditpolicychange" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:audit_policy_change">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the audit_policy_change entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="authentication_policy_change" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemauthenticationpolicychange" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:authentication_policy_change">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the authentication_policy_change entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="authorization_policy_change" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemauthorizationpolicychange" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:authorization_policy_change">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the authorization_policy_change entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="filtering_platform_policy_change" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemfilteringplatformpolicychange" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:filtering_platform_policy_change">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the filtering_platform_policy_change entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="mpssvc_rule_level_policy_change" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemmpssvcrulelevelpolicychange" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:mpssvc_rule_level_policy_change">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the mpssvc_rule_level_policy_change entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="other_policy_change_events" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemotherpolicychangeevents" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:other_policy_change_events">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the other_policy_change_events entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<!-- Privilege Use Audit Policy Subcategories -->
<xsd:element name="non_sensitive_privilege_use" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemnonsensitiveprivilegeuse" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:non_sensitive_privilege_use">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the non_sensitive_privilege_use entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="other_privilege_use_events" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemotherprivilegeuseevents" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:other_privilege_use_events">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the other_privilege_use_events entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="sensitive_privilege_use" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemsensitiveprivilegeuse" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:sensitive_privilege_use">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the sensitive_privilege_use entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<!-- System Audit Policy Subcategories -->
<xsd:element name="ipsec_driver" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemipsecdriver" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:ipsec_driver">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the ipsec_driver entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="other_system_events" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemothersystemevents" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:other_system_events">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the other_system_events entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="security_state_change" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemsecuritystatechange" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:security_state_change">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the security_state_change entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="security_system_extension" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemsecuritysystemextension" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:security_system_extension">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the security_system_extension entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="system_integrity" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="aepsitemsystemintegrity" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:auditeventpolicysubcategories_item/win-sc:system_integrity">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the system_integrity entity of an auditeventpolicysubcategories_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
|
XSD Schema Diagram:
