search

EvotecIT / PSWinReporting

This PowerShell Module has multiple functionalities, but one of the signature features of this module is the ability to parse Security logs on Domain Controllers providing easy to use access to AD Events.
MIT License
707 stars 70 forks source link

Documentation Update #41

Closed louissanchez84 closed 5 years ago

louissanchez84 commented 5 years ago

Hi,

I'm not really new to PowerShell, I consider myself fairly knowledgeable, but have no idea how to configure this. Would it be possible to create a true getting started guide? I just want to monitor group membership, but could see many of these reporting components being helpful.

PrzemyslawKlys commented 5 years ago

There are many guides to this.

Your starting point: https://evotec.xyz/hub/scripts/pswinreporting-powershell-module/

And then read all those: image

Basically, you can 

Install-Module PSWinReporting
Install-Module PSWriteColor
Install-Module PSEventViewer
Install-Module PSWriteExcel
Install-Module PSSharedGoods

Copy config from the newest article: https://evotec.xyz/pswinreporting-1-8-split-of-branches-legacy-vs-new-hope/ disable SQL on it and run it. But you really should read thru all those articles as they have bits and pieces that will get you started. For sure you need audit events enabled in your AD environment.

PrzemyslawKlys commented 5 years ago

Also, keep in mind that you should avoid using the GitHub version from Master branch because it has no documentation and has bugs.