Update README.md
This commit is contained in:
Eric Conrad
25
README.md
25
README.md
@ -17,36 +17,25 @@ Sample evtx files are in the .\evtx directory
|
||||
|
||||
Process local Windows security event log:
|
||||
|
||||
`
|
||||
.\DeepBlue.ps1
|
||||
`
|
||||
`.\DeepBlue.ps1`
|
||||
|
||||
or:
|
||||
|
||||
`
|
||||
.\DeepBlue.ps1 -log security
|
||||
`
|
||||
`.\DeepBlue.ps1 -log security`
|
||||
|
||||
Process local Windows system event log:
|
||||
|
||||
`
|
||||
.\DeepBlue.ps1 -log system
|
||||
`
|
||||
`.\DeepBlue.ps1 -log system`
|
||||
|
||||
or:
|
||||
|
||||
`
|
||||
.\DeepBlue.ps1 "" system
|
||||
`
|
||||
`.\DeepBlue.ps1 "" system`
|
||||
|
||||
Process evtx file:
|
||||
`
|
||||
.\DeepBlue.ps1 .\evtx\new-user-security.evtx
|
||||
`
|
||||
|
||||
`.\DeepBlue.ps1 .\evtx\new-user-security.evtx`
|
||||
|
||||
or:
|
||||
|
||||
`
|
||||
.\DeepBlue.ps1 -file .\evtx\new-user-security.evtx
|
||||
`
|
||||
`.\DeepBlue.ps1 -file .\evtx\new-user-security.evtx`
|
||||
|
||||
|
||||
Reference in New Issue
Block a user