{"id":21888635,"url":"https://github.com/swisscom/splunk-addon-powershell","last_synced_at":"2025-04-15T10:19:33.987Z","repository":{"id":73689920,"uuid":"181646201","full_name":"swisscom/splunk-addon-powershell","owner":"swisscom","description":"Splunk Add-on for PowerShell provides field extraction for PowerShell event logs.","archived":false,"fork":false,"pushed_at":"2021-02-01T22:32:28.000Z","size":26,"stargazers_count":17,"open_issues_count":0,"forks_count":8,"subscribers_count":16,"default_branch":"master","last_synced_at":"2025-04-15T10:19:04.398Z","etag":null,"topics":["powershell","splunk","splunk-addon"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/swisscom.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-04-16T08:20:09.000Z","updated_at":"2024-03-05T09:50:27.000Z","dependencies_parsed_at":"2023-02-25T11:00:24.840Z","dependency_job_id":null,"html_url":"https://github.com/swisscom/splunk-addon-powershell","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swisscom%2Fsplunk-addon-powershell","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swisscom%2Fsplunk-addon-powershell/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swisscom%2Fsplunk-addon-powershell/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swisscom%2Fsplunk-addon-powershell/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/swisscom","download_url":"https://codeload.github.com/swisscom/splunk-addon-powershell/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249048747,"owners_count":21204306,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["powershell","splunk","splunk-addon"],"created_at":"2024-11-28T11:16:21.564Z","updated_at":"2025-04-15T10:19:33.979Z","avatar_url":"https://github.com/swisscom.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Splunk Add-on for PowerShell\n\nThe Splunk Add-on for PowerShell provides field extraction for PowerShell event\nlogs. Unfortunately, PowerShell logs are in system language which requires field \nextraction for each language. Furthermore, delimiters are sometimes `:` and sometimes `=`.\n\nCurrently supported languages are\n* English\n* French\n* Italian\n* German\n\n## Prerequisites\n\nCollection of `Microsoft-Windows-PowerShell/Operational` event logs.\n\n## Installation\n\nAdd the folder \"ta-microsoft-powershell\" to a ZIP and upload it to https://spunkserver/en-US/manager/appinstall/_upload.\n\n## Sourcetypes\n\nFollowing source is used for field extraction.\n\n```\nsource=\"XmlWinEventLog:Microsoft-Windows-PowerShell/Operational\" \n```\n\n## Changelog\n\nSee [changelog in the add-on](ta-microsoft-powershell/README.md).\n\n## Contribution\n\nFile an [issue](https://github.com/swisscom/splunk-addon-powershell/issues) or submit a [pull request](https://github.com/swisscom/splunk-addon-powershell/pulls).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fswisscom%2Fsplunk-addon-powershell","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fswisscom%2Fsplunk-addon-powershell","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fswisscom%2Fsplunk-addon-powershell/lists"}