dmoore44
commented
4 years ago I messed that up - there's some parameter parsing issues that I need to work through. I'll see if I can get that fixed here in the next few days.
Open Mark-E-IT opened 4 years ago
dmoore44
commented
4 years ago I messed that up - there's some parameter parsing issues that I need to work through. I'll see if I can get that fixed here in the next few days.
I'm not sure if this is an issue or intended behavior. When attempting to run the following command, I get an error that the "Parameter is incorrect"
.\kansa.ps1 -target $env:computername -ModulePath ".\Modules\Log\Get-LogWinEvent.ps1 Security 1"
Removeing the "1", will allow for the data to be collected. From the documentation, there are three paramaters for the script, Log name, number of Days, and EventIDs, to collect. I'm not sure if I am incorrectly assuming those same parameters should also apply to running the module manually? This would be ideal, as I would like to modify the modules.conf file with the same parameters, as allowing kansa to collect the entire security log takes an extraordinary amount of time.