Command Line
Retrieval of Failed Logon Attempts from Windows Security Event Log using PowerShell
Monitoring failed logon attempts is crucial for ensuring the security of a Windows environment. PowerShell provides a robust way to automate the retrieval of such information from the Security event log, enabling efficient auditing and analysis. Let’s delve into the script: # Retrieve failed logon attempts from Security event log $FailedLogonEvents = Get-EventLog -LogName Security … Read more
PowerShell: Show running processes
This script will retrieve and display all running processes on the local computer. # Retrieve all running processes $processes = Get-Process # Display the processes $processes If you want to retrieve running processes on a remote computer, you can use the -ComputerName parameter of the Get-Process cmdlet. Here’s how you can do it: # Retrieve … Read more
Active Directory computers that are not disabled
This script will retrieve and display all Active Directory computers that are active (i.e., enabled). You can further customize the script to include additional properties or filter criteria as needed. # Import the Active Directory module Import-Module ActiveDirectory # Retrieve all Active Directory computers that are enabled $computers = Get-ADComputer -Filter {Enabled -eq $true} # … Read more
Active Directory users who are not disabled
This guide provides a PowerShell script to retrieve and display all Active Directory users who are not disabled. This is useful for administrators who need to manage and monitor user accounts in an Active Directory environment. The script can be customized to include additional properties or filter criteria as needed. PowerShell Script to Retrieve Non-Disabled … Read more