Table of Contents
- Introduction
- Deployment
- Configuration
- OS Support
- Integration
- 42. Amazon Web Services (AWS)
- 43. Apache HTTP Server
- 44. Apache NiFi
- 45. Apache Tomcat
- 46. APC Automatic Transfer Switch
- 47. Apple macOS kernel
- 48. ArcSight Common Event Format (CEF)
- 49. Box
- 50. Brocade switches
- 51. Browser History Logs
- 52. Check Point
- 53. Cisco ACS
- 54. Cisco ASA
- 55. Cisco FireSIGHT
- 56. Cisco IPS
- 57. Cloud Instance Metadata
- 58. Common Event Expression (CEE)
- 59. Dell EqualLogic
- 60. Dell iDRAC
- 61. Dell PowerVault MD series
- 62. Devo
- 63. DHCP logs
- 64. DNS Monitoring
- 65. Docker
- 66. Elasticsearch and Kibana
- 67. F5 BIG-IP
- 68. File Integrity Monitoring
- 69. FreeRADIUS
- 70. Google Chronicle
- 71. Graylog
- 72. HP ProCurve
- 73. IBM QRadar SIEM
- 74. Industrial Control Systems
- 75. Linux Audit System
- 76. Linux system logs
- 77. Log Event Extended Format (LEEF)
- 78. Logstash
- 79. McAfee Enterprise Security Manager (ESM)
- 80. McAfee ePolicy Orchestrator
- 81. Microsoft Active Directory Domain Controller
- 82. Microsoft Azure
- 83. Microsoft Azure Event Hubs
- 84. Microsoft Azure Sentinel
- 85. Microsoft Exchange
- 86. Microsoft IIS
- 87. Microsoft SharePoint
- 88. Microsoft SQL Server
- 89. Microsoft System Center Endpoint Protection
- 90. Microsoft System Center Configuration Manager
- 91. Microsoft System Center Operations Manager
- 92. MongoDB
- 93. Nagios Log Server
- 94. Nessus Vulnerability Scanner
- 95. NetApp
- 96. .NET application logs
- 97. Nginx
- 98. Okta
- 99. Oracle Database
- 100. Osquery
- 101. Postfix
- 102. Promise
- 103. Raijin Database Engine
- 104. Rapid7 InsightIDR SIEM
- 105. RSA NetWitness
- 106. SafeNet KeySecure
- 107. Salesforce
- 108. Snare
- 109. Snort
- 110. Solarwinds Loggly
- 111. Splunk
- 112. Sumo Logic
- 113. Symantec Endpoint Protection
- 114. Synology DiskStation
- 115. Syslog
- 116. Sysmon
- 117. Ubiquiti UniFi
- 118. VMware vCenter
- 119. Windows AppLocker
- 120. Windows Command Line Auditing
- 121. Windows Event Log
- 122. Windows Firewall
- 123. Windows Group Policy
- 124. Windows Management Instrumentation (WMI)
- 125. Windows PowerShell
- 126. Microsoft Windows Update
- 127. Windows USB auditing
- 128. Zeek (formerly Bro) Network Security Monitor
- Troubleshooting
- Enterprise Edition Reference Manual
- NXLog Manager
- NXLog Add-Ons
125. Windows PowerShell
This topic explains how to collect PowerShell logs as well as how to use PowerShell in NXLog configurations.
PowerShell is an command-line shell based on the .NET framework.
-
Using PowerShell scripts – Using PowerShell for log processing and generating configuration
-
Logging PowerShell activity – Configuring and collecting PowerShell session logs