Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
(On the 15th anniversary of my first blog posts...)
Performance improvements in the "AaronLocker" scripts, especially in Get-AppLockerEvents.ps1.
And:
Get-AppLockerEvents.ps1 ...
- Now retrieves Packaged App events;
- -EventLogNames parameter supports retrieving from named event logs, to support the use case when forwarded events are saved in event logs other than "ForwardedEvents";
- Removed all the field-omission switches (as part of the perf upgrade)
Generate-EventWorkbook.ps1 ...
- No longer requires a saved .csv file; invoke it without parameters and Generate-EventWorkbook.ps1 retrieves events from the local computer and slices/dices the results into a multi-tabbed Excel workbook.
Documentation updated, including updated troubleshooting/tips section.