Table of Contents
- Introduction
- Deployment
- Configuration
- OS Support
- Integration
- 42. Amazon Web Services (AWS)
- 43. Apache HTTP Server
- 44. Apache NiFi
- 45. Apache Tomcat
- 46. APC Automatic Transfer Switch
- 47. Apple macOS kernel
- 48. ArcSight Common Event Format (CEF)
- 49. Box
- 50. Brocade switches
- 51. Browser History Logs
- 52. Check Point
- 53. Cisco ACS
- 54. Cisco ASA
- 55. Cisco FireSIGHT
- 56. Cisco IPS
- 57. Cloud Instance Metadata
- 58. Common Event Expression (CEE)
- 59. Dell EqualLogic
- 60. Dell iDRAC
- 61. Dell PowerVault MD series
- 62. Devo
- 63. DHCP logs
- 64. DNS Monitoring
- 65. Docker
- 66. Elastic Common Schema (ECS)
- 67. Elasticsearch and Kibana
- 68. F5 BIG-IP
- 69. File Integrity Monitoring
- 70. FreeRADIUS
- 71. Google Chronicle
- 72. Graylog
- 73. HP ProCurve
- 74. IBM QRadar SIEM
- 75. Industrial Control Systems
- 76. Kubernetes
- 77. Linux Audit System
- 78. Linux system logs
- 79. Log Event Extended Format (LEEF)
- 80. LogPoint
- 81. Logstash
- 82. McAfee Enterprise Security Manager (ESM)
- 83. McAfee ePolicy Orchestrator
- 84. Microsoft Active Directory Domain Controller
- 85. Microsoft Azure
- 86. Microsoft Azure Event Hubs
- 87. Microsoft Azure Sentinel
- 88. Microsoft Exchange
- 89. Microsoft IIS
- 90. Microsoft SharePoint
- 91. Microsoft SQL Server
- 92. Microsoft System Center Endpoint Protection
- 93. Microsoft System Center Configuration Manager
- 94. Microsoft System Center Operations Manager
- 95. MongoDB
- 96. Nagios Log Server
- 97. Nessus Vulnerability Scanner
- 98. NetApp
- 99. .NET application logs
- 100. Nginx
- 101. Okta
- 102. Oracle Database
- 103. Osquery
- 104. Postfix
- 105. Promise
- 106. Raijin Database Engine
- 107. Rapid7 InsightIDR SIEM
- 108. RSA NetWitness
- 109. SafeNet KeySecure
- 110. Salesforce
- 111. Snare
- 112. Snort
- 113. Solarwinds Loggly
- 114. Splunk
- 115. Sumo Logic
- 116. Symantec Endpoint Protection
- 117. Synology DiskStation
- 118. Syslog
- 119. Sysmon
- 120. Ubiquiti UniFi
- 121. VMware vCenter
- 122. Windows AppLocker
- 123. Windows Command Line Auditing
- 124. Windows Event Log
- 125. Windows Firewall
- 126. Windows Group Policy
- 127. Windows Management Instrumentation (WMI)
- 128. Windows PowerShell
- 129. Microsoft Windows Update
- 130. Windows USB auditing
- 131. Zeek (formerly Bro) Network Security Monitor
- Troubleshooting
- Enterprise Edition Reference Manual
- NXLog Manager
- NXLog Add-Ons
128. Windows PowerShell
This topic explains how to collect PowerShell logs as well as how to use PowerShell in NXLog configurations.
PowerShell is an command-line shell based on the .NET framework.
-
Using PowerShell scripts – Using PowerShell for log processing and generating configuration
-
Logging PowerShell activity – Configuring and collecting PowerShell session logs