Need help in generating large no of security event logs for testing

Aditya G 41 Reputation points
2023-08-29T07:44:02.63+00:00

Hi,

I'm automating few scenarios related to security event logs using python(script executes in linux). First I tried the SSH way of logging into the MS-Server. However the events are generated in the Application> OpenSSH section. I want to generate the below mentioned events through CLI, where the events are generated under the security section(Windows logs > Security). Can anyone guide me on how to generate these events(prefereably through the powershell).

Kerberos Authentication Event (event id 4768)

Kerberos Service Ticket Request (event id 4769)

Account Login Request (event 4624)

Account Logoff Request (event 4634)

Thanks

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,332 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,706 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,572 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Ian Xue 38,221 Reputation points Microsoft Vendor
    2023-08-30T04:45:17.9766667+00:00

    Hi,

    You can use the New-WinEvent cmdlet to create new Windows events for a specified event provider from PowerShell.

    https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.diagnostics/new-winevent?view=powershell-7.3

    Best Regards,

    Ian Xue


    If the Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.