The document Windows ADM Templates and Group Policy will assist a security/systems administrator with managing the Windows Snare Agents configuration from Microsoft Group Policy settings. This procedure may be used as an alternative to other software deployment strategies such as Microsoft SCCM.
Group Policy Management
The configuration of the agents can be managed using Group Policy Objects. As discussed in Appendix B, the Snare Agent policy key is located at HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Intersect Alliance\AuditService and uses exactly the same settings and structure as the standard registry location. The agent gives the policy location the highest precedence when loading the configuration (that is, any policy settings will override local settings) and as long as there is a complete set of configuration options between the policy and standard registry locations, the agent will operate as expected.
In the end of each setting, one of these characters are shown: (SGP), (AGP), (LR), (D). These are sources from where the setting can come and are explained as following.
...