Created
July 21, 2020 16:49
-
-
Save Kyleslav/e4fe2a61f9e6084e31bf0892f99937db to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Expand-Archive -LiteralPath \\NETWORK_PATH\winlogbeat-7.8.0-windows-x86_64.zip -DestinationPath 'c:\program files' | |
| $workdir = 'c:\program files\winlogbeat-7.8.0-windows-x86_64' | |
| Set-Location -Path $workdir | |
| Remove-Item winlogbeat.yml | |
| Copy-Item \\NETWORK_PATH\winlogbeat.yml -Destination winlogbeat.yml | |
| if (Get-Service winlogbeat -ErrorAction SilentlyContinue) { | |
| $service = Get-WmiObject -Class Win32_Service -Filter "name='winlogbeat'" | |
| $service.StopService() | |
| Start-Sleep -s 1 | |
| $service.delete() | |
| } | |
| # Create the new service. | |
| New-Service -name winlogbeat ` | |
| -displayName Winlogbeat ` | |
| -binaryPathName "`"$workdir\winlogbeat.exe`" -environment=windows_service -c `"$workdir\winlogbeat.yml`" -path.home `"$workdir`" -path.data `"C:\ProgramData\winlogbeat`" -path.logs `"C:\ProgramData\winlogbeat\logs`" -E logging.files.redirect_stderr=true" | |
| # Attempt to set the service to delayed start using sc config. | |
| Try { | |
| Start-Process -FilePath sc.exe -ArgumentList 'config winlogbeat start= delayed-auto' | |
| } | |
| Catch { Write-Host -f red "An error occured setting the service to delayed start." } | |
| Start-Service winlogbeat |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment