Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/Digressive/Logon-Audit
Record log on and log off events with this PowerShell script.
https://github.com/Digressive/Logon-Audit
logon-audit logs powershell powershell-script teams
Last synced: 3 months ago
JSON representation
Record log on and log off events with this PowerShell script.
- Host: GitHub
- URL: https://github.com/Digressive/Logon-Audit
- Owner: Digressive
- License: mit
- Created: 2019-09-28T16:33:36.000Z (about 5 years ago)
- Default Branch: master
- Last Pushed: 2024-05-14T20:47:55.000Z (6 months ago)
- Last Synced: 2024-05-28T02:23:25.606Z (6 months ago)
- Topics: logon-audit, logs, powershell, powershell-script, teams
- Language: PowerShell
- Homepage: https://gal.vin/posts/logon-audit-utility/
- Size: 23.4 KB
- Stars: 8
- Watchers: 2
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- jimsghstars - Digressive/Logon-Audit - Record log on and log off events with this PowerShell script. (PowerShell)
README
# Logon Audit Utility
## Really simple log on/off auditing utility
For full change log and more information, [visit my site.](https://gal.vin/utils/logon-audit-utility/)
Logon Audit Utility is available from:
* [GitHub](https://github.com/Digressive/Logon-Audit)
* [The Microsoft PowerShell Gallery](https://www.powershellgallery.com/packages/Logon-Audit)Please consider supporting my work:
* Support with a one-time donation using [PayPal](https://www.paypal.me/digressive).
Please report any problems via the ‘issues’ tab on GitHub.
Thanks
-Mike## Features and Requirements
* The utility should be run on a client machine.
* It is ideally triggered as a logon/logoff script by Group Policy.
* Any files that the script needs to access should be accessible from a client device.
* It can be used to log to a file, send to a webhook or both.
* The utility requires at least PowerShell 5.0.
* Tested on Windows 11, Windows 10, Windows Server 2022, Windows Server 2019, Windows Server 2016 and Windows Server 2012 R2.## Configuration
Here’s a list of all the command line switches and example configurations.
| Command Line Switch | Description | Example |
| ------------------- | ----------- | ------- |
| -Logon | Use this option to log a log on event. | N/A |
| -Logoff | Use this option to log a log off event. | N/A |
| -Webhook | The txt file containing the URI for a webhook to send the log file to. | [path\]webhook.txt |
| -L | The path to output the log file to. | [path\logs] |
| -Help | Display usage information. No arguments also displays help. | N/A |## Example
``` txt
[path\]Logon-Audit.ps1 -Logon -L [path]
```The above command will record a logon event for the currently logged on user to the log file and also to Teams.
## Change Log
### 2023-04-28: Version 23.04.28
* Changed the -Teams switch to -Webhook to better represent it's function.
### 2022-06-14: Version 22.05.30
* Added checks and balances to help with configuration as I'm very aware that the initial configuration can be troublesome. Running the utility manually is a lot more friendly and step-by-step now.
* Added -Help to give usage instructions in the terminal. Running the script with no options will also trigger the -help switch.
* Cleaned user entered paths so that trailing slashes no longer break things or have otherwise unintended results.
* Added -LogRotate [days] to removed old logs created by the utility.
* Streamlined config report so non configured options are not shown.
* Added donation link to the ASCII banner.
* Cleaned up code, removed unneeded log noise.### 2021-12-08: Version 21.12.08
* Configured logs path now is created, if it does not exist.
* Added OS version info.
* Added Utility version info.
* Added Hostname info.
* Changed a variable to prevent conflicts with future PowerShell versions.### 2020-03-12: Version 20.03.12 'Chick'
* Added option to send an event to Microsoft Teams.
* Refactored code.
* Fully backwards compatible.### 2019-09-28 v1.0
* Initial public release.