# Custom Baselines

This page contains a list of existing GPO baselines and allows you to clone built-in baselines or import an existing GPO as a baseline.

<figure><img src="/files/eOGKE7MQm9ujTuhNc9tI" alt=""><figcaption><p>Baselines</p></figcaption></figure>

The widgets in the upper-right side of the table allow us to;

* **Search:** Search the GPO baselines table across all table columns.
* **New Baseline:** Create a new GPO baseline by cloning a predefined baseline or importing an existing GPO.

<figure><img src="/files/ZvkJWWOgIljMYo4ywur5" alt="" width="375"><figcaption><p>Create new Custom Baseline</p></figcaption></figure>

The table contains relevant information about the baselines and allows us to perform operations on them using the three-dot button.

<div data-full-width="false"><figure><img src="/files/tU0BY4MFooCqit0WbNO9" alt=""><figcaption><p>Create new Custom Baseline with Import </p></figcaption></figure></div>

The **Import** option allows users to create a custom GPO baseline by uploading an existing baseline file.\
This enables reusing previously exported baselines or importing baselines prepared externally without creating them manually.

### General Information

* **Enabled**: Current status of the baseline.
* **Type**: Name of the organization that created the baseline.
* **Name**: Name of the baseline.
* **Operating System**: Appropriate Operating System for the baseline.
* **Total Settings**: Total settings count of the baseline.

<figure><img src="/files/WLgPVWcrwCchztrQT1Zh" alt=""><figcaption><p>Actions for GPO Baselines</p></figcaption></figure>

Three-dot button on each row allows us to perform the following operations on a baseline;

* **Edit:** Redirects the user to the **Edit/View GPO Baseline** page. This page allows to modify all configurations and specifications related to the GPO baseline.
* **Clone:** Clone the selected baseline.
* **Enable/Disable:** Change the status of the selected baseline.
* **Delete:** Delete the selected baseline.

The checkboxes that can be found on the left side of the list can be used to perform bulk operations on the selected custom baselines.

Allowed operations are;

* **Delete:** Delete the selected custom baselines
* **Delete All:** Delete all custom baselines from the table

<figure><img src="/files/g4589uVaDDaSq031UvNn" alt=""><figcaption><p>Custom GPO Baselines Bulk Delete</p></figcaption></figure>

### Baseline Settings

Edit baseline operations over the data table redirects the user to the **Edit GPO Baseline** page seen below;

<figure><img src="/files/MQu8DazUHUyNOKoRvsTc" alt=""><figcaption><p>GPO Baseline Settings</p></figcaption></figure>

The GPO baseline edit page consists of two different configurations, edit baseline name/OS and add/edit setting.

<div data-full-width="false"><figure><img src="/files/IVLCijoOUC9KkqQx3jPo" alt="" width="563"><figcaption><p>Add/Edit baseline setting</p></figcaption></figure></div>

The following table describes each setting type;

<table><thead><tr><th width="269">Setting Type</th><th>Description</th></tr></thead><tbody><tr><td>Audit Policy</td><td>This setting type checks for value defined in <strong>Computer Configuration > Windows Settings > Security Settings > Local Policies > Audit Policy</strong>.</td></tr><tr><td>User Rights</td><td>This setting type checks for value defined in <strong>Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment</strong>.</td></tr><tr><td>Registry Settings</td><td>This setting type is used to check the value of a registry key.</td></tr><tr><td>Check Registry Setting Exists</td><td>This setting type is used to exist check the value of a registry key.</td></tr><tr><td>Check Account</td><td>This setting type start with "Account:" for value defined in <strong>Computer Configuration > Windows Settings > Security Settings > Security Options.</strong></td></tr><tr><td>Anonymous SID</td><td>This setting type checks for value defined in <strong>Computer Configuration > Windows Settings > Security Settings > Security Options > Network access: Allow anonymous SID/Name translation.</strong></td></tr><tr><td>Kerberos Policy</td><td>This setting type checks for value defined in <strong>Computer Configuration > Windows Settings > Security Settings > Account Policies > Kerberos Policy.</strong></td></tr><tr><td>Lockout Policy</td><td>This setting type checks for value defined in <strong>Computer Configuration > Windows Settings > Security Settings > Account Policies > Account Lockout Policy.</strong></td></tr><tr><td>Password Policy</td><td>This setting type checks for value defined in <strong>Computer Configuration > Windows Settings > Security Settings > Account Policies > Password Policy.</strong></td></tr></tbody></table>

### Example

For example, the following figure shows how to add a Registry Setting policy.

<figure><img src="/files/LsrbVqXF7stx42yARaaY" alt=""><figcaption><p>Example add new setting</p></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.forestall.io/fsprotect/gpo-audit/custom-baselines.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.