deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-22 05:43:41 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

edits

Browse Source
This commit is contained in:
Justin Hall
2018-10-12 14:27:11 -07:00
parent f2ca16c468
commit 602451b3de
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md
View File

@ -17,14 +17,15 @@ ms.date: 10/12/2018
Since the Security log uses a manifest, you can get all of the event schema from the workstation.
Run this from an elevated powershell prompt:
Run the following from an elevated PowerShell prompt:
```powershell
$secEvents = get-winevent -listprovider "microsoft-windows-security-auditing"
```
The .events property is a collection of all of the events listed in the manifest on the local machine.
For each event there is a .Template property for the XML template used for the event properties (if there are any.)
For each event, there is a .Template property for the XML template used for the event properties (if there are any).
For example: