thumbscrw/PSWinFW
1
0
Fork 0
mirror of https://github.com/Thumbscrew/PSWinFW.git synced 2024-11-09 23:53:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
6f7c9dde2d
PSWinFW/README.md

1.5 KiB
Raw Blame History

PSWinFW (beta)

Note: Module is WIP. Testing is done in a domain environment (not sure how it will fair on standalone machines). Pull Requests welcome.

Description

A powershell module for retrieving Windows Firewall logs and displaying them in a nicer, more useful format.

Installation

git clone https://github.com/Thumbscrew/PSWinFW.git
Import-Module PSWinFW

Example Usage

Get last 1000 Windows Firewall log lines at a specific path:

Get-PSFirewallLog -Path C:\Windows\system32\logfiles\firewall\pfirewall.log -Tail 1000

Get Windows Firewall log by specifying the log directory and filename separately:

Get-PSFirewallLog -LogDirectory C:\Windows\system32\logfiles\firewall\ -LogFileName domainfw.log

Get Windows Firewall log by retrieving the path automatically from the registry on the local machine:

Get-PSFirewallLog -LogProfile Domain

Get Windows Firewall log on a remote computer using the Remote Registry service to get the log path:

Get-PSFirewallLog -LogProfile Public -ComputerName MyRemoteComputer -Verbose

Get the last 100 events from the Domain profile of a remote machine, inferring the path using the local machine's path (doesn't use Remote Registry service):

Get-PSFirewallLog -LogProfile Domain -ComputerName MyRemoteComputer -InferPath -Tail 100

Get the last 100 events from the Private profile firewall log and follow the log:

Get-PSFirewallLog -LogProfile Private -Tail 100 -Wait