Downloads:

671

Downloads of v 2.81:

71

Last Update:

15 May 2019

Package Maintainer(s):

Software Author(s):

  • Mark Russinovich

Tags:

eventlog dump tools sysinternals

PsLogList

2.81 | Updated: 15 May 2019

Downloads:

671

Downloads of v 2.81:

71

Maintainer(s):

Software Author(s):

  • Mark Russinovich

PsLogList 2.81

All Checks are Passing

2 Passing Test


Validation Testing Passed


Verification Testing Passed

Details

To install PsLogList, run the following command from the command line or from PowerShell:

>

To upgrade PsLogList, run the following command from the command line or from PowerShell:

>

To uninstall PsLogList, run the following command from the command line or from PowerShell:

>

NOTE: This applies to both open source and commercial editions of Chocolatey.

1. Ensure you are set for organizational deployment

Please see the organizational deployment guide

  • Open Source or Commercial:
    • Proxy Repository - Create a proxy nuget repository on Nexus, Artifactory Pro, or a proxy Chocolatey repository on ProGet. Point your upstream to https://chocolatey.org/api/v2. Packages cache on first access automatically. Make sure your choco clients are using your proxy repository as a source and NOT the default community repository. See source command for more information.
    • You can also just download the package and push it to a repository Download

3. Enter your internal repository url

(this should look similar to https://chocolatey.org/api/v2)

4. Choose your deployment method:


choco upgrade psloglist -y --source="'STEP 3 URL'" [other options]

See options you can pass to upgrade.

See best practices for scripting.

Add this to a PowerShell script or use a Batch script with tools and in places where you are calling directly to Chocolatey. If you are integrating, keep in mind enhanced exit codes.

If you do use a PowerShell script, use the following to ensure bad exit codes are shown as failures:


choco upgrade psloglist -y --source="'STEP 3 URL'" 
$exitCode = $LASTEXITCODE

Write-Verbose "Exit code was $exitCode"
$validExitCodes = @(0, 1605, 1614, 1641, 3010)
if ($validExitCodes -contains $exitCode) {
  Exit 0
}

Exit $exitCode

- name: Ensure psloglist installed
  win_chocolatey:
    name: psloglist
    state: present
    version: 2.81
    source: STEP 3 URL

See docs at https://docs.ansible.com/ansible/latest/modules/win_chocolatey_module.html.

Coming early 2020! Central Managment Reporting available now! More information...


chocolatey_package 'psloglist' do
  action    :install
  version  '2.81'
  source   'STEP 3 URL'
end

See docs at https://docs.chef.io/resource_chocolatey_package.html.


Chocolatey::Ensure-Package
(
    Name: psloglist,
    Version: 2.81,
    Source: STEP 3 URL
);

Requires Otter Chocolatey Extension. See docs at https://inedo.com/den/otter/chocolatey.


cChocoPackageInstaller psloglist
{
   Name     = 'psloglist'
   Ensure   = 'Present'
   Version  = '2.81'
   Source   = 'STEP 3 URL'
}

Requires cChoco DSC Resource. See docs at https://github.com/chocolatey/cChoco.


package { 'psloglist':
  provider => 'chocolatey',
  ensure   => '2.81',
  source   => 'STEP 3 URL',
}

Requires Puppet Chocolatey Provider module. See docs at https://forge.puppet.com/puppetlabs/chocolatey.


salt '*' chocolatey.install psloglist version="2.81" source="STEP 3 URL"

See docs at https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.chocolatey.html.

5. If applicable - Chocolatey configuration/installation

See infrastructure management matrix for Chocolatey configuration elements and examples.

Private CDN cached downloads available for licensed customers. Never experience 404 breakages again! Learn more...

This package was approved as a trusted package on 07 Nov 2019.

Description

Dump event log records.

The Resource Kit comes with a utility, elogdump, that lets you dump the contents of an Event Log on the local or a remote computer. PsLogList is a clone of elogdump except that PsLogList lets you login to remote systems in situations your current set of security credentials would not permit access to the Event Log, and PsLogList retrieves message strings from the computer on which the event log you view resides.

Command line usage

The default behavior of PsLogList is to show the contents of the System Event Log on the local computer, with visually-friendly formatting of Event Log records. Command line options let you view logs on different computers, use a different account to view a log, or to have the output formatted in a string-search friendly way.

psloglist [- ] [\\computer[,computer[,...] | @file [-u username [-p password]]] [-s [-t delimiter]] [-m #|-n #|-h #|-d #|-w][-c][-x][-r][-a mm/dd/yy][-b mm/dd/yy][-f filter] [-i ID[,ID[,...] | -e ID[,ID[,...]]] [-o event source[,event source][,..]]] [-q event source[,event source][,..]]] [-l event log file] <eventlog>

@file
Execute the command on each of the computers listed in the file.

-a
Dump records timestamped after specified date.

-b
Dump records timestamped before specified date.

-c
Clear the event log after displaying.

-d
Only display records from previous n days.

-c
Clear the event log after displaying.

-e
Exclude events with the specified ID or IDs (up to 10).

-f
Filter event types with filter string (e.g. "-f w" to filter warnings).

-h
Only display records from previous n hours.

-i
Show only events with the specified ID or IDs (up to 10).

-l
Dump records from the specified event log file.

-m
Only display records from previous n minutes.

-n
Only display the number of most recent entries specified.

-o
Show only records from the specified event source (e.g. \"-o cdrom\").

-p
Specifies optional password for user name. If you omit this you will be prompted to enter a hidden password.

-q
Omit records from the specified event source or sources (e.g. \"-q cdrom\").

-r
SDump log from least recent to most recent.

-s
This switch has _PsLogList_ print Event Log records one-per-line, with comma delimited fields. This format is convenient for text searches, e.g. psloglist | findstr /i text, and for importing the output into a spreadsheet.

-t
The default delimeter is a comma, but can be overriden with the specified character.

-u
Specifies optional user name for login to remote computer.

-w
Wait for new events, dumping them as they generate (local system only).

-x
Dump extended data

eventlog
eventlog.


tools\chocolateyInstall.ps1
$packageName = 'psloglist'
$url = 'https://download.sysinternals.com/files/PSTools.zip'
$checksum = 'b9f404d4c7b6bf3a37746c66bcd014e75859d2fcf887b1db527ec3ed2ccdeb30'
$checksumType = 'sha256'
$url64 = "$url"
$checksum64 = "$checksum"
$checksumType64 = "checksumType"
$toolsDir = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
Install-ChocolateyZipPackage -PackageName "$packageName" `
                             -Url "$url" `
                             -UnzipLocation "$toolsDir" `
                             -Url64bit "$url64" `
                             -Checksum "$checksum" `
                             -ChecksumType "$checksumType" `
                             -Checksum64 "$checksum64" `
                             -ChecksumType64 "$checksumType64"
Write-Verbose "Accepting license..."
$regRoot = 'HKCU:\Software\Sysinternals'
$regPkg = 'PsLoglist'
$regPath = Join-Path $regRoot $regPkg
if (!(Test-Path $regRoot)) {New-Item -Path "$regRoot"}
if (!(Test-Path $regPath)) {New-Item -Path "$regRoot" -Name "$regPkg"}
Set-ItemProperty -Path "$regPath" -Name EulaAccepted -Value 1
if ((Get-ItemProperty -Path "$regPath").EulaAccepted -ne 1) {
  throw "Failed setting registry value."
}

In cases where actual malware is found, the packages are subject to removal. Software sometimes has false positives. Moderators do not necessarily validate the safety of the underlying software, only that a package retrieves software from the official distribution point and/or validate embedded software against official distribution point (where distribution rights allow redistribution).

Chocolatey Pro provides runtime protection from possible malware.

Version Downloads Last Updated Status
PsLogList 2.80 306 Wednesday, May 24, 2017 Approved
PsLogList 2.71 294 Monday, December 28, 2015 Approved

Program

Package

  • Automatically built and uploaded by dtgm

This package has no dependencies.

Discussion for the PsLogList Package

Ground Rules:

  • This discussion is only about PsLogList and the PsLogList package. If you have feedback for Chocolatey, please contact the Google Group.
  • This discussion will carry over multiple versions. If you have a comment about a particular version, please note that in your comments.
  • The maintainers of this Chocolatey Package will be notified about new comments that are posted to this Disqus thread, however, it is NOT a guarantee that you will get a response. If you do not hear back from the maintainers after posting a message below, please follow up by using the link on the left side of this page or follow this link to contact maintainers. If you still hear nothing back, please follow the package triage process.
  • Tell us what you love about the package or PsLogList, or tell us what needs improvement.
  • Share your experiences with the package, or extra configuration or gotchas that you've found.
  • If you use a url, the comment will be flagged for moderation until you've been whitelisted. Disqus moderated comments are approved on a weekly schedule if not sooner. It could take between 1-5 days for your comment to show up.
comments powered by Disqus