Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/PSSecTools/WindowsEventForwarding
A module for working with Windows Event Collector service and maintain Windows Event Forwarding subscriptions.
https://github.com/PSSecTools/WindowsEventForwarding
Last synced: about 2 months ago
JSON representation
A module for working with Windows Event Collector service and maintain Windows Event Forwarding subscriptions.
- Host: GitHub
- URL: https://github.com/PSSecTools/WindowsEventForwarding
- Owner: PSSecTools
- License: mit
- Created: 2018-05-31T11:07:59.000Z (over 6 years ago)
- Default Branch: Development
- Last Pushed: 2020-07-13T19:31:50.000Z (over 4 years ago)
- Last Synced: 2024-08-05T17:33:10.322Z (5 months ago)
- Language: PowerShell
- Homepage:
- Size: 185 KB
- Stars: 33
- Watchers: 4
- Forks: 9
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Changelog: changelog.md
- License: license
Awesome Lists containing this project
- awesome-hacking-lists - PSSecTools/WindowsEventForwarding - A module for working with Windows Event Collector service and maintain Windows Event Forwarding subscriptions. (PowerShell)
README
Windows Event Forwarding
====================A module for working with Windows Event Collector service and maintain Windows Event Forwarding subscriptions.
# Purpose
Welcome to the PowerShell Windows Event Forwarding (WEF) module. A module designed to make the administration of a WEF Server comfortable. This fits especially on machines with more than a bunch of subscriptions.
All cmdlets are built with
- PowerShell regular verbs
- Prefix WEF in any noun
- Mostly with pipeline availabilities
- Comprehensive loggingEffectively, the module is a wrapper around the command line utility ```wecutil.exe``` of the windows event forwarding platform, but with a lot more convenience and remoting capabilities.
#
## Installation
In order to get started with the module, simply run this in an elevated console:
```powershell
Install-Module WindowsEventForwarding
```
This will install the module on your system, ready for use## Example
Every function has examples:
```powershell
Get-Help Get-WEFSubscription -ExamplesGet-Help New-WEFSubscription -Examples
```
This will query subscriptions from the local system:
```powershell
Get-WEFSubscription -Name MySubscription, Subscription2
```
The functions will also work on a remote system:
```powershell
Get-WEFSubscription -Name MySubscription -ComputerName Server01"MySubscription" | Get-WEFSubscription -ComputerName Server01
"Server01" | Get-WEFSubscription -Name "MySubscription"
```
For remote administration PSRemoting is used, so be sure to have it properly set up.## Configuration Notice
This module uses the PSFramework, primarily for logging purpose and for executing remote commands effectively.\
In the future, the configuration management will also be done with PSFramework, maybe.# Changelog
Changes will be tracked in the [changelog.md](changelog.md)