O'Reilly logo

PowerShell in Practice by Richard Siddaway

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Appendix C. PowerShell events

The Windows OS and everything you do in it is based on events:

  • Start a program and an event occurs.
  • Deleting a file records another event.
  • Changing a configuration is yet another event.

Some of these events we’re interested in, and others can be treated as noise we can ignore. PowerShell v2 provides the functionality to access these events, which provides another way to monitor system activity in real time. “Yes, I do want to know if xyx.exe is started on that machine during the day or if someone changes a file in a particular folder.”

This material is somewhat advanced, which is why it’s in an appendix. Not all administrators will need access to this, but if you do, it’ll be really useful. The PowerShell ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required