en-US/DSInternals.RpcFilters.Bootstrap-help.xml
|
<?xml version="1.0" encoding="utf-8"?>
<helpItems schema="maml" xmlns="http://msh"> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Disable-RpcFilterAuditing</command:name> <command:verb>Disable</command:verb> <command:noun>RpcFilterAuditing</command:noun> <maml:description> <maml:para>Disables security auditing for RPC events.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet disables security auditing for RPC events by configuring the appropriate audit policy settings on the local computer using the netsh tool. The cmdlet must be run with elevated privileges.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Disable-RpcFilterAuditing</maml:name> </command:syntaxItem> </command:syntax> <command:parameters /> <command:inputTypes /> <command:returnValues> <command:returnValue> <dev:type> <maml:name>None</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- Example 1 --------------------------</maml:title> <dev:code>PS C:\> Disable-RpcFilterAuditing</dev:code> <dev:remarks> <maml:para>Disables security auditing for RPC events.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://github.com/MichaelGrafnetter/RPCFilterManager/blob/main/Documentation/PowerShell/Disable-RpcFilterAuditing.md</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Enable-RpcFilterAuditing</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Enable-RpcFilterAuditing</command:name> <command:verb>Enable</command:verb> <command:noun>RpcFilterAuditing</command:noun> <maml:description> <maml:para>Enable security auditing for RPC events.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet enables security auditing for RPC events by configuring the appropriate audit policy settings on the local computer using the netsh tool. The cmdlet must be run with elevated privileges.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Enable-RpcFilterAuditing</maml:name> </command:syntaxItem> </command:syntax> <command:parameters /> <command:inputTypes /> <command:returnValues> <command:returnValue> <dev:type> <maml:name>None</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- Example 1 --------------------------</maml:title> <dev:code>PS C:\> Enable-RpcFilterAuditing</dev:code> <dev:remarks> <maml:para>Enables security auditing for RPC events.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://github.com/MichaelGrafnetter/RPCFilterManager/blob/main/Documentation/PowerShell/Enable-RpcFilterAuditing.md</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Disable-RpcFilterAuditing</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-RpcFilterEvent</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>New-RpcFilter</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-RpcFilterEvent</command:name> <command:verb>Get</command:verb> <command:noun>RpcFilterEvent</command:noun> <maml:description> <maml:para>Gets RPC audit events from the Security log.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet retrieves RPC audit events from the Security log on the specified computer. By default, it retrieves events from the local computer. The maximum number of events to retrieve can be specified using the -MaxEvents parameter. The cmdlet must be run with elevated privileges to access the Security log.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-RpcFilterEvent</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="1" aliases="none"> <maml:name>ComputerName</maml:name> <maml:description> <maml:para>The name of the computer to query.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Localhost</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="2" aliases="none"> <maml:name>MaxEvents</maml:name> <maml:description> <maml:para>The maximum number of events to retrieve.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Int64</command:parameterValue> <dev:type> <maml:name>Int64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>9223372036854775807</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="1" aliases="none"> <maml:name>ComputerName</maml:name> <maml:description> <maml:para>The name of the computer to query.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Localhost</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="2" aliases="none"> <maml:name>MaxEvents</maml:name> <maml:description> <maml:para>The maximum number of events to retrieve.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Int64</command:parameterValue> <dev:type> <maml:name>Int64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>9223372036854775807</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <command:returnValue> <dev:type> <maml:name>DSInternals.Win32.RpcFilters.PowerShell.RpcEventLogRecord</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- Example 1 --------------------------</maml:title> <dev:code>PS C:\> Get-RpcFilterEvent</dev:code> <dev:remarks> <maml:para>Retrieves RPC audit events from the Security log on the local computer.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 2 --------------------------</maml:title> <dev:code>PS C:\> Get-RpcFilterEvent -ComputerName RemotePC -MaxEvents 100</dev:code> <dev:remarks> <maml:para>Retrieves the last 100 RPC audit events from the Security log on the specified remote computer.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://github.com/MichaelGrafnetter/RPCFilterManager/blob/main/Documentation/PowerShell/Get-RpcFilterEvent.md</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Enable-RpcFilterAuditing</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>New-RpcFilter</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> </helpItems> |