Skip to content
Branch: master
Go to file
Code

Latest commit

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 

README.md

WmiEvent

Developed by @jaredcatkinson, @mattifestation

Overview

An Event Filter (__EventFilter) is a WMI Query Language (WQL) query that specifies the type of object to look for (for more details on WQL please check out Ravikanth Chaganti's free ebook). Event Consumers (__EventConsumer) are the action component of the Event Subscription. Event Consumers tell the subscription what to do with an object that makes it past the filter. There are five default event consumers in Windows: ActionScriptEventConsumer (runs arbitrary vbscript or jscript code), CommandLineEventConsumer (executes an arbitrary command), LogFileEventConsumer (writes to a specified flat log file), NtEventLogEventConsumer (creates a new event log), and SMTPEventConsumer (sends an email). Lastly, the Binding (__FilterToConsumerBinding) pairs a Filter with a Consumer.

Cmdlets

Get-ActiveScriptEventConsumer - 
Get-CommandLineEventConsumer - 
Get-LogFileEventConsumer - 
Get-NtEventLogEventConsumer - 
Get-SmtpEventLogEventConsumer - 
Get-WmiEventConsumer - 
Get-WmiEventFilter - 
Get-WmiEventSubscription - 
New-ActiveScriptEventConsumer - 
New-CommandLineEventConsumer - 
New-LogFileEventConsumer - 
New-NtEventLogEventConsumer - 
New-SmtpEventConsumer - 
New-WmiEventConsumer - 
New-WmiEventFilter - 
New-WmiEventSubscription - 
New-CimSessionDcom - 
Register-PermanentWmiEvent - 

About

A PowerShell module to abstract the complexities of Permanent WMI Event Subscriptions

Resources

License

Releases

No releases published
You can’t perform that action at this time.