Documentation
Comment based help is provided for the Functions in this Module. Additional documentation may be provided here as time permits.NOTE: Be sure you elevate the PowerShell console and run in Administrator mode for all commands.
The following examples, troubleshooting, and the comment based help should assist in getting started.
Other Examples
Additional Information Links
- Quick and Dirty Large Scale Eventing for Windows - http://blogs.technet.com/b/wincat/archive/2008/08/11/quick-and-dirty-large-scale-eventing-for-windows.aspx
- Event Log Scenarios - http://msdn.microsoft.com/en-us/library/bb671204(v=VS.90).aspx
- System.Diagnostics.Eventing.Reader Namespace - System.Diagnostics.Eventing.Reader Namespace
- Security Audit Events for Windows 7 and Windows Server 2008 R2 - http://www.microsoft.com/downloads/en/details.aspx?FamilyID=3a15b562-4650-4298-9745-d9b261f35814
- Decoding UAC Flags Values in events 4720, 4738, 4741, and 4742 - http://blogs.msdn.com/b/ericfitz/archive/2011/04/28/decoding-uac-flags-values-in-events-4720-4738-4741-and-4742.aspx
- User-Account-Control Attribute - http://msdn.microsoft.com/en-us/library/ms680832(v=vs.85).aspx
- How to use the UserAccountControl flags to manipulate user account properties - http://support.microsoft.com/kb/305144
- PowerShell Cookbook : Chapter 31. Event Handling Introduction - http://www.pavleck.net/powershell-cookbook/ch31.html
- Use Asynchronous Event Handling in PowerShell - http://blogs.technet.com/b/heyscriptingguy/archive/2011/06/16/use-asynchronous-event-handling-in-powershell.aspx
- Manage Event Subscriptions with PowerShell - http://blogs.technet.com/b/heyscriptingguy/archive/2011/06/17/manage-event-subscriptions-with-powershell.aspx
- Use the PowerShell WMI Event Module to Quickly Monitor Events - http://blogs.technet.com/b/heyscriptingguy/archive/2010/12/09/use-the-powershell-wmi-event-module-to-quickly-monitor-events.aspx