< Back

Search-EmpireLoggedEvent

Sat Jan 18, 2020 8:48 pm

NAME Search-EmpireLoggedEvent



SYNOPSIS

Search logged events in a Empire server for a specified term.





SYNTAX

Search-EmpireLoggedEvent [-Id] <Int32> [-NoSSLCheck] -Term <String> [<CommonParameters>]



Search-EmpireLoggedEvent [-Token] <String> [-ComputerName] <String> [[-Port] <Int32>] [-NoSSLCheck] -Term <String>

[<CommonParameters>]





DESCRIPTION

Search logged events in a Empire server for a specified term.





PARAMETERS

-Id <Int32>

Empire session Id of the session to use.



Required? true

Position? 1

Default value 0

Accept pipeline input? true (ByPropertyName)

Accept wildcard characters? false



-Token <String>

Empire API token to use to execute the action.



Required? true

Position? 1

Default value

Accept pipeline input? true (ByPropertyName)

Accept wildcard characters? false



-ComputerName <String>

IP Address or FQDN of remote Empire server.



Required? true

Position? 2

Default value

Accept pipeline input? true (ByPropertyName)

Accept wildcard characters? false



-Port <Int32>

Port number to use in the connection to the remote Empire server.



Required? false

Position? 3

Default value 1337

Accept pipeline input? true (ByPropertyName)

Accept wildcard characters? false



-NoSSLCheck [<SwitchParameter>]

Do not check if the TLS/SSL certificate of the Empire is valid.



Required? false

Position? named

Default value False

Accept pipeline input? false

Accept wildcard characters? false



-Term <String>

Search term



Required? true

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



<CommonParameters>

This cmdlet supports the common parameters: Verbose, Debug,

ErrorAction, ErrorVariable, WarningAction, WarningVariable,

OutBuffer, PipelineVariable, and OutVariable. For more information, see

about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).



INPUTS



OUTPUTS

System.Int32





NOTES





Licensed under BSD 3-Clause license



-------------------------- EXAMPLE 1 --------------------------



C:\\PS>Search-EmpireLoggedEvent -Id 0 -Term ipconfig



Search for the string ipconfig in the logged events message field.











RELATED LINKS