| title | description | ms.date |
|---|---|---|
WindowsPowerShell Policy CSP |
Learn more about the WindowsPowerShell Area in Policy CSP. |
01/18/2024 |
[!INCLUDE ADMX-backed CSP tip]
| Scope | Editions | Applicable OS |
|---|---|---|
| ✅ Device ✅ User |
✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC |
✅ Windows 10, version 1803 [10.0.17134] and later |
./User/Vendor/MSFT/Policy/Config/WindowsPowerShell/TurnOnPowerShellScriptBlockLogging
./Device/Vendor/MSFT/Policy/Config/WindowsPowerShell/TurnOnPowerShellScriptBlockLogging
This policy setting enables logging of all PowerShell script input to the Microsoft-Windows-PowerShell/Operational event log.
-
If you enable this policy setting, Windows PowerShell will log the processing of commands, script blocks, functions, and scripts - whether invoked interactively, or through automation.
-
If you disable this policy setting, logging of PowerShell script input is disabled.
If you enable the Script Block Invocation Logging, PowerShell additionally logs events when invocation of a command, script block, function, or script starts or stops. Enabling Invocation Logging generates a high volume of event logs.
Note
This policy setting exists under both Computer Configuration and User Configuration in the Group Policy Editor. The Computer Configuration policy setting takes precedence over the User Configuration policy setting.
Description framework properties:
| Property name | Property value |
|---|---|
| Format | chr (string) |
| Access Type | Add, Delete, Get, Replace |
[!INCLUDE ADMX-backed policy note]
ADMX mapping:
| Name | Value |
|---|---|
| Name | EnableScriptBlockLogging |
| Friendly Name | Turn on PowerShell Script Block Logging |
| Location | Computer and User Configuration |
| Path | Windows Components > Windows PowerShell |
| Registry Key Name | Software\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging |
| Registry Value Name | EnableScriptBlockLogging |
| ADMX File Name | PowerShellExecutionPolicy.admx |