Configure the logging to find CVE-2021-1675 related incidents

Invoke-EnableLoggingToFindPrinterHell.ps1

<#
   .SYNOPSIS
      Configure the logging to find CVE-2021-1675 related incidents
   
   .DESCRIPTION
      Configure the logging to find CVE-2021-1675 related incidents
   
   .EXAMPLE
      PS C:\> .\Invoke-EnableLoggingToFindPrinterHell

      Change the looging to find any CVE-2021-1675 related incidents
   
   .NOTES
      Another approach to mitigate all the CVE-2021-1675 pain

   .LINK
      https://mobile.twitter.com/MalwareJake/status/1410421445608476679
#>
[CmdletBinding(ConfirmImpact = 'Low')]
[OutputType([string])]
param ()

# Get all Servers in the Domain
$AllServer = (Get-ADComputer -Filter {
      OperatingSystem -Like '*Windows Server*'
   })

# Loop over the servers we have
foreach ($SingleServer in $AllServer.Name)
{
   try
   {
      Invoke-Command -ComputerName $SingleServer -ErrorAction Stop -ScriptBlock {
         # Execute remote (within the Remote Shell)
         $PrinterLog = (Get-LogProperties -Name 'Microsoft-Windows-PrintService\Operational' -ErrorAction SilentlyContinue)
         
         if ($PrinterLog.Enabled -ne $true)
         {
            $PrinterLog.Enabled = $true
            
            try
            {
               Set-LogProperties -LogDetails $PrinterLog -Force -ErrorAction Stop
            }
            catch
            {
               Write-Warning -Message ('Unable to configure logginging on: ' + $true)
            }
         }
      }
      Write-Output -InputObject ('Processed: ' + $SingleServer)
   }
   catch
   {
      Write-Warning -Message ('Failed on: ' + $SingleServer)
   }
}