sneedmca/shadowbrokers-exploits
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
shadowbrokers-exploits/windows/Resources/Ops/Aliases/eventlogs_aliases.xml
Donncha O'Cearbhaill 7f640a83d4 Inital commit of Shadowbrokers 'Lost in Translation' release
2017-04-14 11:45:07 +02:00

49 lines
No EOL
2 KiB
XML
Raw Blame History

<?xml version='1.1' ?>
<Aliases>
<Alias>
<Name>eventlogmonitor</Name>
<ReplaceBeforeArgs>python windows\eventlogs.py -args " -m </ReplaceBeforeArgs>
<ReplaceAfterArgs>" -project Ops</ReplaceAfterArgs>
<Help>Usage: eventlogmonitor [Options]
Note: To quit an eventlogmonitor, press Ctrl-D. If you are prompted to continue or quit, type quit and hit enter.
Options:
-l [logname]
If provided, will only monitor the named log
-i [interval]
Number of seconds to wait between successive eventlogquery commands
-c [classic]
If provided, will only monitor the classic event logs (System, Security, Application)
-t [target]
Monitor event logs on given target instead of this target</Help>
</Alias>
<Alias>
<Name>eventlogsurvey</Name>
<ReplaceBeforeArgs>python windows\eventlogs.py -args " </ReplaceBeforeArgs>
<ReplaceAfterArgs>" -project Ops</ReplaceAfterArgs>
<Help>Usage: eventlogsurvey [Options]
Options:
-l [logname]
If provided, will only monitor the named log
-c [classic]
If provided, will only monitor the classic event logs (System, Security, Application)
-t [target]
Monitor event logs on given target instead of this target</Help>
</Alias>
<Alias>
<Name>eventlogclean</Name>
<ReplaceBeforeArgs>script windows/eventlogclean.dss -args "</ReplaceBeforeArgs>
<ReplaceAfterArgs>" -project Ops</ReplaceAfterArgs>
<Help>Usage: script eventLogClean.eps _Options_</Help>
<Help> Deletes multiple records from one of the event logs</Help>
<Help> </Help>
<Help>Options:</Help>
<Help> [-log &lt;system/application/security&gt;]</Help>
<Help> Erase log entries from this log</Help>
<Help> [-start &lt;ID&gt;]</Help>
<Help> Record ID to start with</Help>
<Help> [-end &lt;ID&gt;]</Help>
<Help> Record ID to end with</Help>
<Help> [-list &lt;IDs&gt;]</Help>
<Help> List of record IDs to delete (1,3 or 1,3-4,7 or 1-5,10,15)--no spaces!</Help>
</Alias>
</Aliases>
Reference in a new issue View git blame Copy permalink