Skip to content

about_ADAuditTasks

Jump to bottom
DrIOS edited this page Jul 15, 2023 · 3 revisions

ADAuditTasks

about_ADAuditTasks

SHORT DESCRIPTION

This module contains various Active Directory auditing tasks that generate logs, CSV output, and report objects.

LONG DESCRIPTION

This module provides a collection of public and private functions that support various Active Directory auditing tasks, generating logs, CSV output, and report objects.

The following Public Functions are available to the user executing the tasks:

  • Convert-NmapXMLToCSV
  • Get-ADActiveUserAudit
  • Get-ADHostAudit
  • Get-ADUserLogonAudit
  • Get-ADUserPrivilegeAudit
  • Get-ADUserWildCardAudit
  • Get-NetworkAudit
  • Get-WebCertAudit
  • Get-HostTag
  • Get-QuickPing
  • Join-CSVFile
  • Merge-ADAuditZip
  • Merge-NmapToADHostAUdit
  • Send-AuditEmail
  • Submit-FTPUpload

The following Private Functions support the functions in this module:

  • Build-ADAuditTasksComputer
  • Build-ADAuditTasksUser
  • Initialize-DirectoryPath
  • Build-MacIdOUIList
  • Build-NetScanObject
  • Build-ReportArchive
  • Get-AdExtendedRight
  • Get-ADGroupMemberof
  • Group-UpdateByProduct
  • Initialize-ModuleEnv
  • Install-ADModule
  • Test-IsAdmin
  • Write-AuditLog

Optional Subtopics

None

EXAMPLES

Example 1: Creating a zip file of various host types

The following example demonstrates how to create a zip file of different host types:

$workstations   = Get-ADHostAudit -HostType WindowsWorkstations
$servers        = Get-ADHostAudit -HostType WindowsServers
$nonWindows     = Get-ADHostAudit -HostType "Non-Windows"

Merge-ADAuditZip -FilePaths $workstations, $servers, $nonWindows

Example 2: Sending Email with Attachment

This example shows how to send an email with an attachment file generated by the Get-ADActiveUserAudit function using the Send-AuditEmail function.

Send-AuditEmail -SMTPServer "smtp.office365.com" -Port 587 -UserName "[email protected]" `
-From "[email protected]" -To "[email protected]" -Pass (Read-Host -AsSecureString) -AttachmentFiles "$(Get-ADActiveUserAudit -Report)"

NOTE

Some of the functions in the module return objects, while others generate log files, CSV files, or report objects. Most of the report objects can be emailed using the Send-AuditEmail function.

TROUBLESHOOTING NOTE

There are currently no known issues with this module.

SEE ALSO

For more information on this module and how to use it, see:

KEYWORDS

The following alternate names or titles for this topic that readers might use:

  • ADAudit
  • Active Directory auditing
  • Active Directory auditing tasks
  • Active Directory audit logs
  • Active Directory CSV output
  • Active Directory report objects
Clone this wiki locally