Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/Digressive/Logon-Audit

Record log on and log off events with this PowerShell script.
https://github.com/Digressive/Logon-Audit

logon-audit logs powershell powershell-script teams

Last synced: 3 months ago
JSON representation

Record log on and log off events with this PowerShell script.

Awesome Lists containing this project

README

        

# Logon Audit Utility

## Really simple log on/off auditing utility

For full change log and more information, [visit my site.](https://gal.vin/utils/logon-audit-utility/)

Logon Audit Utility is available from:

* [GitHub](https://github.com/Digressive/Logon-Audit)
* [The Microsoft PowerShell Gallery](https://www.powershellgallery.com/packages/Logon-Audit)

Please consider supporting my work:

* Support with a one-time donation using [PayPal](https://www.paypal.me/digressive).

Please report any problems via the ‘issues’ tab on GitHub.

Thanks
-Mike

## Features and Requirements

* The utility should be run on a client machine.
* It is ideally triggered as a logon/logoff script by Group Policy.
* Any files that the script needs to access should be accessible from a client device.
* It can be used to log to a file, send to a webhook or both.
* The utility requires at least PowerShell 5.0.
* Tested on Windows 11, Windows 10, Windows Server 2022, Windows Server 2019, Windows Server 2016 and Windows Server 2012 R2.

## Configuration

Here’s a list of all the command line switches and example configurations.

| Command Line Switch | Description | Example |
| ------------------- | ----------- | ------- |
| -Logon | Use this option to log a log on event. | N/A |
| -Logoff | Use this option to log a log off event. | N/A |
| -Webhook | The txt file containing the URI for a webhook to send the log file to. | [path\]webhook.txt |
| -L | The path to output the log file to. | [path\logs] |
| -Help | Display usage information. No arguments also displays help. | N/A |

## Example

``` txt
[path\]Logon-Audit.ps1 -Logon -L [path]
```

The above command will record a logon event for the currently logged on user to the log file and also to Teams.

## Change Log

### 2023-04-28: Version 23.04.28

* Changed the -Teams switch to -Webhook to better represent it's function.

### 2022-06-14: Version 22.05.30

* Added checks and balances to help with configuration as I'm very aware that the initial configuration can be troublesome. Running the utility manually is a lot more friendly and step-by-step now.
* Added -Help to give usage instructions in the terminal. Running the script with no options will also trigger the -help switch.
* Cleaned user entered paths so that trailing slashes no longer break things or have otherwise unintended results.
* Added -LogRotate [days] to removed old logs created by the utility.
* Streamlined config report so non configured options are not shown.
* Added donation link to the ASCII banner.
* Cleaned up code, removed unneeded log noise.

### 2021-12-08: Version 21.12.08

* Configured logs path now is created, if it does not exist.
* Added OS version info.
* Added Utility version info.
* Added Hostname info.
* Changed a variable to prevent conflicts with future PowerShell versions.

### 2020-03-12: Version 20.03.12 'Chick'

* Added option to send an event to Microsoft Teams.
* Refactored code.
* Fully backwards compatible.

### 2019-09-28 v1.0

* Initial public release.