16 lines
847 B
PowerShell
16 lines
847 B
PowerShell
# RDP események exportálása CSV-be
|
|
Get-WinEvent -LogName "Microsoft-Windows-TerminalServices-LocalSessionManager/Operational" `
|
|
| Where-Object { $_.Id -in 21,22,23,24,25,39,40,41 } `
|
|
| Select-Object TimeCreated, Id, LevelDisplayName, Message `
|
|
| Export-Csv "C:\Logs\RDP_LocalSessionManager.csv" -NoTypeInformation -Encoding UTF8
|
|
|
|
Get-WinEvent -LogName "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational" `
|
|
| Select-Object TimeCreated, Id, LevelDisplayName, Message `
|
|
| Export-Csv "C:\Logs\RDP_RemoteConnectionManager.csv" -NoTypeInformation -Encoding UTF8
|
|
|
|
Get-WinEvent -LogName "System" | Where-Object { $_.Id -eq 56 -and $_.ProviderName -eq "TermDD" } `
|
|
| Select-Object TimeCreated, Id, LevelDisplayName, Message `
|
|
| Export-Csv "C:\Logs\RDP_TermDD.csv" -NoTypeInformation -Encoding UTF8
|
|
|
|
|
|
|