{
  "version": "https://jsonfeed.org/version/1.1",
  "title": "event log",
  "home_page_url": "https://evotec.xyz/es/tags/event-log",
  "feed_url": "https://evotec.xyz/es/tags/event-log/index.feed.json",
  "description": "Evotec Main Website",
  "items": [
    {
      "id": "https://evotec.xyz/es/blog/restoring-recovering-powershell-scripts-from-event-logs",
      "url": "https://evotec.xyz/es/blog/restoring-recovering-powershell-scripts-from-event-logs",
      "title": "Restoring (Recovering) PowerShell Scripts from Event Logs",
      "summary": "A few days ago, I was asked to take a look at PowerShell Malware. While I don\u2019t know much about malware, my curiosity didn\u2019t let me skip on this occasion, and I was handed over WindowsPowerShell.evtx file. Ok, that\u2019s not what I expected! I wanted PowerShell .ps1 files that I can read and assess? Well, you play with the cards you were dealt with. What I was handed over was PowerShell Event Log. PowerShell writes whatever you execute, and it thinks it is risky, to Windows PowerShell Operation Event Log.",
      "date_published": "2020-08-28T15:39:28.0000000Z",
      "tags": [
        "event log",
        "get-events",
        "powershell",
        "powershellmanager",
        "pseventviewer",
        "Windows"
      ]
    },
    {
      "id": "https://evotec.xyz/es/blog/pswinreporting-forwarders-microsoft-teams-slack-microsoft-sql-and-more",
      "url": "https://evotec.xyz/es/blog/pswinreporting-forwarders-microsoft-teams-slack-microsoft-sql-and-more",
      "title": "PSWinReporting \u2013 Forwarders, Microsoft Teams, Slack, Microsoft SQL and more",
      "summary": "It\u2019s been a while since PSWinReporting has been updated, or rather since I\u2019ve written a blog post about it since it\u2019s always\u2026",
      "date_published": "2018-09-16T17:59:28.0000000Z",
      "tags": [
        "active directory",
        "event log",
        "events",
        "microsoft teams",
        "ms sql",
        "powershell",
        "slack",
        "sql",
        "teams",
        "Windows"
      ]
    },
    {
      "id": "https://evotec.xyz/es/blog/monitoring-active-directory-changes-on-users-and-groups-with-powershell",
      "url": "https://evotec.xyz/es/blog/monitoring-active-directory-changes-on-users-and-groups-with-powershell",
      "title": "Monitoring Active Directory Changes on Users and Groups with PowerShell",
      "summary": "Working as Administrator with Active Directory can be rewarding. You can easily deploy new settings, make changes to users even\u2026",
      "date_published": "2018-03-23T10:01:43.0000000Z",
      "tags": [
        "active directory",
        "event id",
        "event log",
        "event viewer",
        "events",
        "group membership",
        "groups",
        "monitoring",
        "powershell",
        "security events",
        "user changes",
        "Windows"
      ]
    }
  ]
}