![]() ![]() $tempapp | Add-Member -MemberType NoteProperty -Name "FileHash" -Value $AppFileHash -Force $tempapp | Add-Member -MemberType NoteProperty -Name "ProductName" -Value $AppProductName -Force $tempapp | Add-Member -MemberType NoteProperty -Name "FileVersion" -Value $AppProductVersion -Force $tempapp | Add-Member -MemberType NoteProperty -Name "FileDescription" -Value $AppFileDescription -Force $tempapp | Add-Member -MemberType NoteProperty -Name "ManagedDeviceID" -Value $ManagedDeviceID -Force $tempapp | Add-Member -MemberType NoteProperty -Name "Computer" -Value $ComputerName -Force $AppLockerArray = ($App in $AppLockerEvents) | Select-Object -ExpandProperty Counter $AppLockerEvents = Get-AppLockerFileInformation -EventLog -EventType Audited -Statistics This was achieved by using a combination of the Get-AppLockerFileInformation, Get-FileHash and Get-ItemProperty cmdlets below is an example of this For each application gather the following.Writing a PowerShell script, I started by collecting the following values ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |