This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Logparser | |
############### | |
# Security Log | |
############### | |
# Find Event id | |
& 'C:\Program Files (x86)\Log Parser 2.2\LogParser.exe' -stats:OFF -i:EVT "SELECT * FROM 'Security.evtx' WHERE EventID = '5038'" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Security log | |
#============ | |
#### | |
#4624 - Logon & Logoff events successful | |
#4625 - Logon unsucceful | |
#### | |
# Get usernames | |
Get-WinEvent -path .\Security.evtx | Where {$_.id -eq "4624"} | Foreach {([xml]$_.ToXml()).GetElementsByTagName("Data").ItemOf(5)}| Select -ExpandProperty "#text" -Unique | |
# Get domains |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## This is a sample NXLog configuration file | |
## This configuration can be used to collect syslog messages from any RFC 5426 capable device | |
## and write those logs to a file which can be picked up by the Log Analytics agent | |
## Thanks to jorritfolmer for initial inspiration here: https://gist.github.com/jorritfolmer/bc6374b48bde2ba99f983cc0889da8a9 | |
## | |
define ROOT C:\Program Files (x86)\nxlog | |
Moduledir %ROOT%\modules |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Import-Module Active Directory | |
Get-ADUser -Properties * -LDAPFilter '(name=*)' -SearchBase "OU=Employees,OU=CON - User Accounts,DC=contoso,DC=com" | Select Name , SamAccountName , LastLogonDate | Export-Csv C:\Users.csv |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add-MailboxFolderPermission -Identity ayla@contoso.com:\Marketing -User Ed@contoso.com -AccessRights Owner |