thumbscrw
/
PSWinFW
mirror of https://github.com/Thumbscrew/PSWinFW.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
A PowerShell module for retrieving and displaying Windows Firewall logs in a nicer format.
25 Commits 2 Branches 4 Tags 49 KiB
PowerShell 100%
Go to file
James 9a1eeefca9 Updated psd1 with min PS Version. Added example to README. 2020-01-30 14:21:01 +00:00
formats Adjusted Table width, added labels. Removed Include switches as no longer required. 2019-11-06 19:35:16 +00:00
public Get-Help added. 2020-01-06 15:07:44 +00:00
tests Init commit 2019-11-01 08:20:21 +00:00
.gitignore Init commit 2019-11-01 08:20:21 +00:00
PSWinFW.psd1 Updated psd1 with min PS Version. Added example to README. 2020-01-30 14:21:01 +00:00
PSWinFW.psm1 Init commit 2019-11-01 08:20:21 +00:00
README.md Updated psd1 with min PS Version. Added example to README. 2020-01-30 14:21:01 +00:00
_config.yml Set theme jekyll-theme-slate 2019-11-03 17:18:41 +00:00

README.md

PSWinFW (beta)

Note: Module is WIP. Testing is done in a domain environment (not sure how it will fair on standalone machines). Pull Requests welcome.

Description

A powershell module for retrieving Windows Firewall logs and displaying them in a nicer, more useful format.

Installation

git clone https://github.com/Thumbscrew/PSWinFW.git
Import-Module PSWinFW

Example Usage

Get last 1000 Windows Firewall log lines at a specific path:

Get-PSFirewallLog -Path C:\Windows\system32\logfiles\firewall\pfirewall.log -Tail 1000

Get Windows Firewall log by specifying the log directory and filename separately:

Get-PSFirewallLog -LogDirectory C:\Windows\system32\logfiles\firewall\ -LogFileName domainfw.log

Get Windows Firewall log by retrieving the path automatically from the registry on the local machine:

Get-PSFirewallLog -LogProfile Domain

Get Windows Firewall log on a remote computer using the Remote Registry service to get the log path:

Get-PSFirewallLog -LogProfile Public -ComputerName MyRemoteComputer -Verbose

Get the last 100 events from the Domain profile of a remote machine, inferring the path using the local machine's path (doesn't use Remote Registry service):

Get-PSFirewallLog -LogProfile Domain -ComputerName MyRemoteComputer -InferPath -Tail 100

Get the last 100 events from the Private profile firewall log and follow the log:

Get-PSFirewallLog -LogProfile Private -Tail 100 -Wait