{
  "version": "https://jsonfeed.org/version/1.1",
  "title": "get-events",
  "home_page_url": "https://evotec.xyz/es/tags/get-events",
  "feed_url": "https://evotec.xyz/es/tags/get-events/index.feed.json",
  "description": "Evotec Main Website",
  "items": [
    {
      "id": "https://evotec.xyz/es/blog/restoring-recovering-powershell-scripts-from-event-logs",
      "url": "https://evotec.xyz/es/blog/restoring-recovering-powershell-scripts-from-event-logs",
      "title": "Restoring (Recovering) PowerShell Scripts from Event Logs",
      "summary": "A few days ago, I was asked to take a look at PowerShell Malware. While I don\u2019t know much about malware, my curiosity didn\u2019t let me skip on this occasion, and I was handed over WindowsPowerShell.evtx file. Ok, that\u2019s not what I expected! I wanted PowerShell .ps1 files that I can read and assess? Well, you play with the cards you were dealt with. What I was handed over was PowerShell Event Log. PowerShell writes whatever you execute, and it thinks it is risky, to Windows PowerShell Operation Event Log.",
      "date_published": "2020-08-28T15:39:28.0000000Z",
      "tags": [
        "event log",
        "get-events",
        "powershell",
        "powershellmanager",
        "pseventviewer",
        "Windows"
      ]
    },
    {
      "id": "https://evotec.xyz/es/blog/active-directory-how-to-track-down-why-and-where-the-user-account-was-locked-out",
      "url": "https://evotec.xyz/es/blog/active-directory-how-to-track-down-why-and-where-the-user-account-was-locked-out",
      "title": "Active Directory \u2013 How to track down why and where the user account was locked out",
      "summary": "I\u2019ve been working with Windows Events for a while now. One of the things I did to help me diagnose problems and reporting on Windows Events was to write PSEventViewer to help to parse the logs and write PSWinReporting to help monitor (with use of PSEventViewer) Domain Controllers for events that happen across the domain. It\u2019s handy and I, get those excellent daily reports of what happened while I was gone.",
      "date_published": "2019-01-24T15:25:31.0000000Z",
      "tags": [
        "active directory",
        "event viewer",
        "get-events",
        "get-winevent",
        "powershell",
        "pseventviewer",
        "pswinreporting",
        "windows",
        "windows server"
      ]
    },
    {
      "id": "https://evotec.xyz/es/blog/working-with-windows-events-with-powershell",
      "url": "https://evotec.xyz/es/blog/working-with-windows-events-with-powershell",
      "title": "Working with Windows Events with PowerShell",
      "summary": "As you may (and should) know Event Log is your first place to look for explanations on why server/client is\u2026",
      "date_published": "2018-05-28T09:28:21.0000000Z",
      "tags": [
        "Active Directory",
        "event viewer",
        "Exchange",
        "get-events",
        "get-winevent",
        "microsoft",
        "powershell",
        "windows"
      ]
    },
    {
      "id": "https://evotec.xyz/es/blog/get-eventslibrary-ps1-monitoring-events-powershell",
      "url": "https://evotec.xyz/es/blog/get-eventslibrary-ps1-monitoring-events-powershell",
      "title": "Get-EventsLibrary.ps1 \u2013 Monitoring Events PowerShell",
      "summary": "This event library (Get-EventsLibrary.ps1) is PowerShell script that parses Security (mostly) logs on Domain Controllers. It has few reports capabilities\u2026",
      "date_published": "2018-04-19T09:48:35.0000000Z",
      "tags": [
        "active directory",
        "ad",
        "domain controller",
        "get-events",
        "monitoring",
        "powershell",
        "Windows"
      ]
    }
  ]
}