├── .codecov.yml ├── .gitattributes ├── .github ├── ISSUE_TEMPLATE │ ├── General.md │ ├── Problem_with_resource.md │ └── Resource_proposal.md ├── PULL_REQUEST_TEMPLATE.md └── stale.yml ├── .gitignore ├── .vscode ├── analyzersettings.psd1 └── settings.json ├── DSCResources └── MSFT_xWinEventLog │ ├── MSFT_xWinEventLog.psm1 │ └── MSFT_xWinEventLog.schema.mof ├── Examples └── Demo1.ps1 ├── LICENSE ├── README.md ├── WinEvent.Tests.ps1 ├── appveyor.yml ├── xWinEventLog.psd1 └── xWinEventLog.psm1 /.codecov.yml: -------------------------------------------------------------------------------- 1 | codecov: 2 | notify: 3 | require_ci_to_pass: no 4 | 5 | comment: 6 | layout: "reach, diff" 7 | behavior: default 8 | 9 | coverage: 10 | range: 50..80 11 | round: down 12 | precision: 0 13 | 14 | status: 15 | project: 16 | default: 17 | # Set the overall project code coverage requirement to 70% 18 | target: 70 19 | patch: 20 | default: 21 | # Set the pull request requirement to not regress overall coverage by more than 5% 22 | # and let codecov.io set the goal for the code changed in the patch. 23 | target: auto 24 | threshold: 5 25 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | # Needed for publishing of examples, build worker defaults to core.autocrlf=input. 2 | * text eol=crlf 3 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/General.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: General question or documentation update 3 | about: If you have a general question or documentation update suggestion around the resource module. 4 | --- 5 | 8 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/Problem_with_resource.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Problem with a resource 3 | about: If you have a problem, bug, or enhancement with a resource in this resource module. 4 | --- 5 | 24 | #### Details of the scenario you tried and the problem that is occurring 25 | 26 | #### Verbose logs showing the problem 27 | 28 | #### Suggested solution to the issue 29 | 30 | #### The DSC configuration that is used to reproduce the issue (as detailed as possible) 31 | ```powershell 32 | # insert configuration here 33 | ``` 34 | 35 | #### The operating system the target node is running 36 | 50 | 51 | #### Version and build of PowerShell the target node is running 52 | 56 | 57 | #### Version of the DSC module that was used ('dev' if using current dev branch) 58 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/Resource_proposal.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: New resource proposal 3 | about: If you have a new resource proposal that you think should be added to this resource module. 4 | --- 5 | 17 | ### Description 18 | 19 | ### Proposed properties 20 | 21 | ### Special considerations or limitations 22 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | 14 | #### Pull Request (PR) description 15 | 18 | 19 | #### This Pull Request (PR) fixes the following issues 20 | 27 | 28 | #### Task list 29 | 37 | - [ ] Added an entry under the Unreleased section of the change log in the README.md. 38 | Entry should say what was changed, and how that affects users (if applicable). 39 | - [ ] Resource documentation added/updated in README.md. 40 | - [ ] Resource parameter descriptions added/updated in README.md, schema.mof 41 | and comment-based help. 42 | - [ ] Comment-based help added/updated. 43 | - [ ] Localization strings added/updated in all localization files as appropriate. 44 | - [ ] Examples appropriately added/updated. 45 | - [ ] Unit tests added/updated. See [DSC Resource Testing Guidelines](https://github.com/PowerShell/DscResources/blob/master/TestsGuidelines.md). 46 | - [ ] Integration tests added/updated (where possible). See [DSC Resource Testing Guidelines](https://github.com/PowerShell/DscResources/blob/master/TestsGuidelines.md). 47 | - [ ] New/changed code adheres to [DSC Resource Style Guidelines](https://github.com/PowerShell/DscResources/blob/master/StyleGuidelines.md) and [Best Practices](https://github.com/PowerShell/DscResources/blob/master/BestPractices.md). 48 | -------------------------------------------------------------------------------- /.github/stale.yml: -------------------------------------------------------------------------------- 1 | # Configuration for probot-stale - https://github.com/probot/stale 2 | 3 | limitPerRun: 30 4 | 5 | pulls: 6 | daysUntilStale: 14 7 | daysUntilClose: false 8 | exemptProjects: true 9 | exemptMilestones: true 10 | staleLabel: abandoned 11 | exemptLabels: 12 | - needs review 13 | - on hold 14 | - waiting for CLA pass 15 | 16 | markComment: > 17 | Labeling this pull request (PR) as abandoned since it has gone 14 days or more 18 | since the last update. An abandoned PR can be continued by another contributor. 19 | The abandoned label will be removed if work on this PR is taken up again. 20 | 21 | issues: 22 | daysUntilStale: 30 23 | daysUntilClose: 40 24 | exemptProjects: true 25 | exemptMilestones: true 26 | staleLabel: stale 27 | exemptLabels: 28 | - bug 29 | - enhancement 30 | - tests 31 | - documentation 32 | - resource proposal 33 | - on hold 34 | 35 | markComment: > 36 | This issue has been automatically marked as stale because 37 | it has not had activity from the community in the last 30 days. It will be 38 | closed if no further activity occurs within 10 days. If the issue is labelled 39 | with any of the work labels (e.g bug, enhancement, documentation, or tests) 40 | then the issue will not auto-close. 41 | 42 | closeComment: > 43 | This issue has been automatically closed because it is has not had activity 44 | from the community in the last 40 days. 45 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | DSCResource.Tests 2 | -------------------------------------------------------------------------------- /.vscode/analyzersettings.psd1: -------------------------------------------------------------------------------- 1 | @{ 2 | <# 3 | For the custom rules to work, the DscResource.Tests repo must be 4 | cloned. It is automatically clone as soon as any unit or 5 | integration tests are run. 6 | #> 7 | CustomRulePath = '.\DSCResource.Tests\DscResource.AnalyzerRules' 8 | 9 | IncludeRules = @( 10 | # DSC Resource Kit style guideline rules. 11 | 'PSAvoidDefaultValueForMandatoryParameter', 12 | 'PSAvoidDefaultValueSwitchParameter', 13 | 'PSAvoidInvokingEmptyMembers', 14 | 'PSAvoidNullOrEmptyHelpMessageAttribute', 15 | 'PSAvoidUsingCmdletAliases', 16 | 'PSAvoidUsingComputerNameHardcoded', 17 | 'PSAvoidUsingDeprecatedManifestFields', 18 | 'PSAvoidUsingEmptyCatchBlock', 19 | 'PSAvoidUsingInvokeExpression', 20 | 'PSAvoidUsingPositionalParameters', 21 | 'PSAvoidShouldContinueWithoutForce', 22 | 'PSAvoidUsingWMICmdlet', 23 | 'PSAvoidUsingWriteHost', 24 | 'PSDSCReturnCorrectTypesForDSCFunctions', 25 | 'PSDSCStandardDSCFunctionsInResource', 26 | 'PSDSCUseIdenticalMandatoryParametersForDSC', 27 | 'PSDSCUseIdenticalParametersForDSC', 28 | 'PSMisleadingBacktick', 29 | 'PSMissingModuleManifestField', 30 | 'PSPossibleIncorrectComparisonWithNull', 31 | 'PSProvideCommentHelp', 32 | 'PSReservedCmdletChar', 33 | 'PSReservedParams', 34 | 'PSUseApprovedVerbs', 35 | 'PSUseCmdletCorrectly', 36 | 'PSUseOutputTypeCorrectly', 37 | 'PSAvoidGlobalVars', 38 | 'PSAvoidUsingConvertToSecureStringWithPlainText', 39 | 'PSAvoidUsingPlainTextForPassword', 40 | 'PSAvoidUsingUsernameAndPasswordParams', 41 | 'PSDSCUseVerboseMessageInDSCResource', 42 | 'PSShouldProcess', 43 | 'PSUseDeclaredVarsMoreThanAssignments', 44 | 'PSUsePSCredentialType', 45 | 46 | <# 47 | This is to test all the DSC Resource Kit custom rules. 48 | The name of the function-blocks of each custom rule start 49 | with 'Measure*'. 50 | #> 51 | 'Measure-*' 52 | ) 53 | } 54 | -------------------------------------------------------------------------------- /.vscode/settings.json: -------------------------------------------------------------------------------- 1 | { 2 | "powershell.codeFormatting.openBraceOnSameLine": false, 3 | "powershell.codeFormatting.newLineAfterOpenBrace": false, 4 | "powershell.codeFormatting.newLineAfterCloseBrace": true, 5 | "powershell.codeFormatting.whitespaceBeforeOpenBrace": true, 6 | "powershell.codeFormatting.whitespaceBeforeOpenParen": true, 7 | "powershell.codeFormatting.whitespaceAroundOperator": true, 8 | "powershell.codeFormatting.whitespaceAfterSeparator": true, 9 | "powershell.codeFormatting.ignoreOneLineBlock": false, 10 | "powershell.codeFormatting.preset": "Custom", 11 | "files.trimTrailingWhitespace": true, 12 | "files.insertFinalNewline": true, 13 | "powershell.scriptAnalysis.settingsPath": ".vscode\\analyzersettings.psd1" 14 | } 15 | -------------------------------------------------------------------------------- /DSCResources/MSFT_xWinEventLog/MSFT_xWinEventLog.psm1: -------------------------------------------------------------------------------- 1 | function New-TerminatingError 2 | { 3 | param 4 | ( 5 | [Parameter(Mandatory = $true)] 6 | [String]$errorId, 7 | 8 | [Parameter(Mandatory = $true)] 9 | [String]$errorMessage, 10 | 11 | [Parameter(Mandatory = $true)] 12 | [System.Management.Automation.ErrorCategory]$errorCategory 13 | ) 14 | 15 | $exception = New-Object System.InvalidOperationException $errorMessage 16 | $errorRecord = New-Object System.Management.Automation.ErrorRecord $exception, $errorId, $errorCategory, $null 17 | throw $errorRecord 18 | } 19 | 20 | function Get-TargetResource 21 | { 22 | [CmdletBinding()] 23 | [OutputType([System.Collections.Hashtable])] 24 | param 25 | ( 26 | [Parameter(Mandatory = $true)] 27 | [System.String] 28 | $LogName 29 | ) 30 | 31 | try 32 | { 33 | $log = Get-WinEvent -ListLog $logName 34 | $returnValue = @{ 35 | LogName = [System.String]$LogName 36 | LogFilePath = [system.String]$log.LogFilePath 37 | MaximumSizeInBytes = [System.Int64]$log.MaximumSizeInBytes 38 | IsEnabled = [System.Boolean]$log.IsEnabled 39 | LogMode = [System.String]$log.LogMode 40 | SecurityDescriptor = [System.String]$log.SecurityDescriptor 41 | } 42 | 43 | return $returnValue 44 | } 45 | catch 46 | { 47 | write-Debug "ERROR: $($_ | Format-List * -force | Out-String)" 48 | New-TerminatingError -errorId 'GetWinEventLogFailed' -errorMessage $_.Exception -errorCategory InvalidOperation 49 | } 50 | } 51 | 52 | 53 | function Set-TargetResource 54 | { 55 | [CmdletBinding()] 56 | param 57 | ( 58 | [Parameter(Mandatory = $true)] 59 | [System.String] 60 | $LogName, 61 | 62 | [Parameter()] 63 | [System.Int64] 64 | $MaximumSizeInBytes, 65 | 66 | [Parameter()] 67 | [System.Boolean] 68 | $IsEnabled, 69 | 70 | [Parameter()] 71 | [ValidateSet("AutoBackup","Circular","Retain")] 72 | [System.String] 73 | $LogMode, 74 | 75 | [Parameter()] 76 | [System.String] 77 | $SecurityDescriptor, 78 | 79 | [Parameter()] 80 | [System.String] 81 | $LogFilePath 82 | ) 83 | 84 | try 85 | { 86 | $log = Get-WinEvent -ListLog $logName 87 | $update = $false 88 | 89 | if ($PSBoundParameters.ContainsKey('MaximumSizeInBytes') -and $MaximumSizeInBytes -ne $log.MaximumSizeInBytes) 90 | { 91 | Set-MaximumSizeInBytes -LogName $LogName -MaximumSizeInBytes $MaximumSizeInBytes 92 | } 93 | 94 | if ($PSBoundParameters.ContainsKey('LogMode') -and $LogMode -ne $log.LogMode) 95 | { 96 | Set-LogMode -LogName $LogName -LogMode $LogMode 97 | } 98 | 99 | if ($PSBoundParameters.ContainsKey('SecurityDescriptor') -and $SecurityDescriptor -ne $log.SecurityDescriptor) 100 | { 101 | Set-SecurityDescriptor -LogName $LogName -SecurityDescriptor $SecurityDescriptor 102 | } 103 | 104 | if ($PSBoundParameters.ContainsKey("IsEnabled") -and $IsEnabled -ne $log.IsEnabled) 105 | { 106 | Set-IsEnabled -LogName $LogName -IsEnabled $IsEnabled 107 | } 108 | 109 | if ($PSBoundParameters.ContainsKey("LogFilePath") -and $LogFilePath -ne $log.LogFilePath) 110 | { 111 | Set-LogFilePath -LogName $LogName -LogFilePath $LogFilePath 112 | } 113 | 114 | 115 | } 116 | catch 117 | { 118 | write-Debug "ERROR: $($_ | Format-List * -force | Out-String)" 119 | New-TerminatingError -errorId 'SetWinEventLogFailed' -errorMessage $_.Exception -errorCategory InvalidOperation 120 | } 121 | 122 | 123 | } 124 | 125 | 126 | function Test-TargetResource 127 | { 128 | [CmdletBinding()] 129 | [OutputType([System.Boolean])] 130 | param 131 | ( 132 | [Parameter(Mandatory = $true)] 133 | [System.String] 134 | $LogName, 135 | 136 | [Parameter()] 137 | [System.Int64] 138 | $MaximumSizeInBytes, 139 | 140 | [Parameter()] 141 | [System.Boolean] 142 | $IsEnabled, 143 | 144 | [Parameter()] 145 | [ValidateSet("AutoBackup","Circular","Retain")] 146 | [System.String] 147 | $LogMode, 148 | 149 | [Parameter()] 150 | [System.String] 151 | $SecurityDescriptor, 152 | 153 | [Parameter()] 154 | [System.String] 155 | $LogFilePath 156 | ) 157 | 158 | try 159 | { 160 | $log = Get-WinEvent -ListLog $logName 161 | if ($PSBoundParameters.ContainsKey("MaximumSizeInBytes") -and $log.MaximumSizeInBytes -ne $MaximumSizeInBytes) 162 | { 163 | return $false 164 | } 165 | if ($PSBoundParameters.ContainsKey("IsEnabled") -and $log.IsEnabled -ne $IsEnabled) 166 | { 167 | return $false 168 | } 169 | if ($PSBoundParameters.ContainsKey("LogMode") -and $log.LogMode -ne $LogMode) 170 | { 171 | return $false 172 | } 173 | if ($PSBoundParameters.ContainsKey("SecurityDescriptor") -and $log.SecurityDescriptor -ne $SecurityDescriptor) 174 | { 175 | return $false 176 | } 177 | if ($PSBoundParameters.ContainsKey("LogFilePath") -and $log.LogFilePath -ne $LogFilePath) 178 | { 179 | return $false 180 | } 181 | return $true 182 | } 183 | catch 184 | { 185 | write-Debug "ERROR: $($_ | Format-List * -force | Out-String)" 186 | New-TerminatingError -errorId 'TestWinEventLogFailed' -errorMessage $_.Exception -errorCategory InvalidOperation 187 | } 188 | 189 | } 190 | 191 | Function Set-MaximumSizeInBytes 192 | { 193 | [CmdletBinding()] 194 | param( 195 | [Parameter()] 196 | [System.String] 197 | $LogName, 198 | 199 | [Parameter()] 200 | [System.Int64] 201 | $MaximumSizeInBytes 202 | 203 | ) 204 | 205 | $log = Get-WinEvent -ListLog $logName 206 | $log.MaximumSizeInBytes = $MaximumSizeInBytes 207 | $log.SaveChanges() 208 | 209 | } 210 | 211 | Function Set-LogMode 212 | { 213 | [CmdletBinding()] 214 | param( 215 | [Parameter()] 216 | [System.String] 217 | $LogName, 218 | 219 | [Parameter()] 220 | [System.String] 221 | $LogMode 222 | ) 223 | 224 | $log = Get-WinEvent -ListLog $LogName 225 | $log.LogMode = $LogMode 226 | $log.SaveChanges() 227 | } 228 | 229 | Function Set-SecurityDescriptor 230 | { 231 | [CmdletBinding()] 232 | param( 233 | [Parameter()] 234 | [System.String] 235 | $LogName, 236 | 237 | [Parameter()] 238 | [System.String] 239 | $SecurityDescriptor 240 | ) 241 | 242 | $log = Get-WinEvent -ListLog $LogName 243 | $log.SecurityDescriptor = $SecurityDescriptor 244 | $log.SaveChanges() 245 | } 246 | 247 | 248 | Function Set-IsEnabled 249 | { 250 | [CmdletBinding()] 251 | param( 252 | [Parameter()] 253 | [System.String] 254 | $LogName, 255 | 256 | [Parameter()] 257 | [System.Boolean] 258 | $IsEnabled 259 | ) 260 | 261 | $log = Get-WinEvent -ListLog $LogName 262 | $log.IsEnabled = $IsEnabled 263 | $log.SaveChanges() 264 | 265 | } 266 | 267 | Function Set-LogFilePath 268 | { 269 | [CmdletBinding()] 270 | param( 271 | [Parameter()] 272 | [System.String] 273 | $LogName, 274 | 275 | [Parameter()] 276 | [System.String] 277 | $LogFilePath 278 | ) 279 | 280 | $log = Get-WinEvent -ListLog $LogName 281 | $log.LogFilePath = $LogFilePath 282 | $log.SaveChanges() 283 | } 284 | 285 | Export-ModuleMember -Function *-TargetResource 286 | 287 | 288 | 289 | -------------------------------------------------------------------------------- /DSCResources/MSFT_xWinEventLog/MSFT_xWinEventLog.schema.mof: -------------------------------------------------------------------------------- 1 | 2 | [ClassVersion("1.0.0.1"), FriendlyName("xWinEventLog")] 3 | class MSFT_xWinEventLog : OMI_BaseResource 4 | { 5 | [Key, Description("Name of the event log")] String LogName; 6 | [Write, Description("sizethat the event log file is allowed to be When the file reaches this maximum size it is considered full")] Sint64 MaximumSizeInBytes; 7 | [Write] Boolean IsEnabled; 8 | [Write, ValueMap{"AutoBackup","Circular","Retain"}, Values{"AutoBackup","Circular","Retain"}] String LogMode; 9 | [Write] String SecurityDescriptor; 10 | [Write] String LogFilePath; 11 | }; 12 | 13 | 14 | 15 | -------------------------------------------------------------------------------- /Examples/Demo1.ps1: -------------------------------------------------------------------------------- 1 | cls 2 | 3 | $before = Get-WinEvent -ListLog "Microsoft-Windows-MSPaint/Admin" 4 | configuration Demo1 5 | { 6 | Import-DscResource -module xWinEventLog 7 | 8 | xWinEventLog Demo1 9 | { 10 | LogName = "Microsoft-Windows-MSPaint/Admin" 11 | IsEnabled = $true 12 | LogMode = "AutoBackup" 13 | MaximumSizeInBytes = 20mb 14 | } 15 | } 16 | 17 | Demo1 -OutputPath $env:temp 18 | 19 | Start-DscConfiguration -Path $env:temp -ComputerName localhost -Verbose -wait -debug 20 | 21 | 22 | $after = Get-WinEvent -ListLog "Microsoft-Windows-MSPaint/Admin" 23 | $before,$after | format-table -AutoSize LogName,IsEnabled,MaximumSizeInBytes,ProviderLatency,LogMode 24 | Get-DscConfiguration 25 | #EOF 26 | 27 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2015 Microsoft Corporation. 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in 13 | all copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 21 | THE SOFTWARE. -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # **THIS MODULE HAS BEEN DEPRECATED** 2 | 3 | It will no longer be released. 4 | Please use the 'WinEventLog' resource in [ComputerManagementDsc](https://github.com/PowerShell/ComputerManagementDsc) 5 | instead. 6 | 7 | ## xWinEventLog 8 | 9 | [![Build status](https://ci.appveyor.com/api/projects/status/m6mpb7krr5ps31x3/branch/master?svg=true)](https://ci.appveyor.com/project/PowerShell/xwineventlog/branch/master) 10 | 11 | The **xWinEventLog** module contains the **xWinEventLog** DSC resource which configures the Windows Event Logs. 12 | 13 | This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). 14 | For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments. 15 | 16 | ### Contributing 17 | 18 | Please check out common DSC Resources [contributing guidelines](https://github.com/PowerShell/DscResource.Kit/blob/master/CONTRIBUTING.md). 19 | 20 | ### Resources 21 | 22 | #### xWinEventLog 23 | 24 | * **LogName**: Name of the event log. 25 | * **MaximumSizeInBytes**: Size that the event log file is allowed to be. When the file reaches this maximum size it is considered full. 26 | * **IsEnabled**: Specifies whether or not logging for the specified log is enabled. 27 | * **LogMode**: The log mode: { AutoBackup | Circular | Retained } 28 | * **SecurityDescriptor**: This is an SDDL string which configures access rights to the event log. 29 | 30 | ### Versions 31 | 32 | #### Unreleased 33 | 34 | ### 1.3.0.0 35 | 36 | * THIS MODULE HAS BEEN DEPRECATED. It will no longer be released. 37 | Please use the "WinEventLog" resource in ComputerManagementDsc instead. 38 | * Update appveyor.yml to use the default template. 39 | * Added default template files .codecov.yml, .gitattributes, and .gitignore, and 40 | .vscode folder. 41 | 42 | ### 1.2.0.0 43 | 44 | * Converted appveyor.yml to install Pester from PSGallery instead of from Chocolatey. 45 | * Fix PSSA errors. 46 | 47 | #### 1.1.0.0 48 | 49 | * MSFT_xWinEventLog: Added LogFilePath parameter to 50 | * Fixed tests 51 | * Fixed encoding 52 | 53 | #### 1.0.0.0 54 | 55 | * Fixed Set-TargetResource function in xWinEventLog resource not to reapply if resource is in desired state already. 56 | 57 | #### 0.0.1 58 | 59 | * Initial release with the following resource: 60 | * xWinEventLog 61 | 62 | ### Examples 63 | 64 | #### Configuring the MSPaint event log 65 | 66 | ```powershell 67 | $before = Get-WinEvent -ListLog "Microsoft-Windows-MSPaint/Admin" 68 | Configuration Demo1 69 | { 70 | Import-DscResource -module xWinEventLog 71 | xWinEventLog Demo1 72 | { 73 | LogName = "Microsoft-Windows-MSPaint/Admin" 74 | IsEnabled = $true 75 | LogMode = "AutoBackup" 76 | MaximumSizeInBytes = 20mb 77 | LogFilePath = "c:\logfolder\MSPaint.evtx" 78 | } 79 | } 80 | Demo1 -OutputPath $env:temp 81 | Start-DscConfiguration -Path $env:temp -ComputerName localhost -Verbose -wait -debug 82 | $after = Get-WinEvent -ListLog "Microsoft-Windows-MSPaint/Admin" 83 | $before,$after | format-table -AutoSize LogName,IsEnabled,MaximumSizeInBytes,ProviderLatency,LogMode 84 | Get-DscConfiguration 85 | ``` 86 | -------------------------------------------------------------------------------- /WinEvent.Tests.ps1: -------------------------------------------------------------------------------- 1 |  <# 2 | .NOTES 3 | 4 | #> 5 | 6 | Import-Module $PSScriptRoot\DSCResources\MSFT_xWinEventLog\MSFT_xWinEventLog.psm1 -Prefix WinEventLog -Force 7 | 8 | #Getting initial Value for Capi2 Log so we can test the ability to set Isenabled to False 9 | #and then set it back to its original value when we're done 10 | $Capi2Log = Get-WinEvent -ListLog 'Microsoft-Windows-CAPI2/Operational' 11 | if($Capi2Log.IsEnabled){ 12 | $Capi2Log.IsEnabled = $false 13 | $Capi2Log.SaveChanges() 14 | } 15 | 16 | Describe 'WinEventLog Get-TargetResource'{ 17 | 18 | Mock Get-WinEvent -ModuleName MSFT_xWinEventLog { 19 | $properties = @{ 20 | MaximumSizeInBytes = '999' 21 | IsEnabled = $true 22 | LogMode = 'Test' 23 | LogFilePath = 'c:\logs\test.evtx' 24 | SecurityDescriptor = 'TestDescriptor' 25 | } 26 | 27 | Write-Output (New-Object -TypeName PSObject -Property $properties) 28 | } 29 | 30 | $results = Get-WinEventLogTargetResource 'Application' 31 | 32 | It 'Should return an hashtable'{ 33 | $results.GetType().Name | Should Be 'HashTable' 34 | } 35 | 36 | It 'Should return a Hashtable name is Application'{ 37 | $results.LogName = 'Application' 38 | } 39 | 40 | It 'Should return a Hashatable with the MaximumSizeInBytes is 999'{ 41 | $results.MaximumSizeInBytes | Should Be '999' 42 | } 43 | 44 | It 'Should return a Hashtable where IsEnabled is true'{ 45 | $results.IsEnabled | should Be $true 46 | } 47 | 48 | It 'Should return a HashTable where LogMode is Test' { 49 | $results.LogMode | Should Be 'Test' 50 | } 51 | 52 | It 'Should return a HashTable where LogFilePath is c:\logs\test.evtx' { 53 | $results.LogFilePath | Should Be 'c:\logs\test.evtx' 54 | } 55 | 56 | It 'Should return a HashTable where SecurityDescriptor is TestDescriptor'{ 57 | $results.SecurityDescriptor | Should Be 'TestDescriptor' 58 | } 59 | } 60 | 61 | Describe 'WinEventLog Test-TargetResource'{ 62 | 63 | Mock Get-WinEvent -ModuleName MSFT_xWinEventLog { 64 | $properties = @{ 65 | MaximumSizeInBytes = '5111808' 66 | IsEnabled = $true 67 | LogMode = 'Circular' 68 | LogFilePath = 'c:\logs\test.evtx' 69 | SecurityDescriptor = 'TestDescriptor' 70 | } 71 | 72 | Write-Output (New-Object -TypeName PSObject -Property $properties) 73 | } 74 | 75 | $params = @{ 76 | LogName = 'Application' 77 | MaximumSizeInBytes = '5111808' 78 | LogMode = 'Circular' 79 | IsEnabled = $true 80 | LogFilePath = 'c:\logs\test.evtx' 81 | SecurityDescriptor = 'TestDescriptor' 82 | } 83 | 84 | 85 | It 'should return true when all properties match does not match'{ 86 | $testResults = Test-WinEventLogTargetResource @params 87 | $testResults | Should Be $True 88 | } 89 | 90 | It 'should return false when MaximumSizeInBytes does not match'{ 91 | $testResults = Test-WinEventLogTargetResource -LogName 'Application' -MaximumSizeInBytes '1' -IsEnabled $true -SecurityDescriptor 'TestDescriptor' -LogMode 'Circular' -LogFilePath 'c:\logs\test.evtx' 92 | $testResults | Should Be $False 93 | } 94 | 95 | It 'should return false when LogMode does not match'{ 96 | $testResults = Test-WinEventLogTargetResource -LogName 'Application' -MaximumSizeInBytes '5111808' -IsEnabled $true -SecurityDescriptor 'TestDescriptor' -LogMode 'AutoBackup' -LogFilePath 'c:\logs\test.evtx' 97 | $testResults | Should Be $false 98 | } 99 | 100 | It 'should return false when IsEnabled does not match'{ 101 | $testResults = Test-WinEventLogTargetResource -LogName 'Application' -MaximumSizeInBytes '5111808' -IsEnabled $false -SecurityDescriptor 'TestDescriptor' -LogMode 'Circular' -LogFilePath 'c:\logs\test.evtx' 102 | $testResults | Should Be $false 103 | } 104 | 105 | It 'Should return false when SecurityDescriptor does not match'{ 106 | $testResults = Test-WinEventLogTargetResource -LogName 'Application' -MaximumSizeInBytes '5111808' -IsEnabled $true -SecurityDescriptor 'TestDescriptorFail' -LogMode 'Circular' -LogFilePath 'c:\logs\test.evtx' 107 | $testResults | Should Be $false 108 | } 109 | 110 | It 'Should return false when LogFilePath does not match'{ 111 | $testResults = Test-WinEventLogTargetResource -LogName 'Application' -MaximumSizeInBytes '5111808' -IsEnabled $true -SecurityDescriptor 'TestDescriptor' -LogMode 'Circular' -LogFilePath 'c:\logs\wrongfile.evtx' 112 | $testResults | Should Be $false 113 | } 114 | 115 | It 'Should call Get-WinEventLog' { 116 | Assert-MockCalled Get-WinEvent -ModuleName MSFT_xWinEventLog -Exactly 6 117 | } 118 | } 119 | 120 | Describe 'WinEventLog Set-TargetResource'{ 121 | BeforeAll { 122 | New-EventLog -LogName 'Pester' -Source 'PesterTest' 123 | $Log = Get-WinEvent -ListLog 'Pester' 124 | $Log.LogMode = 'Circular' 125 | $Log.SaveChanges() 126 | New-Item -Path "$env:SystemDrive\tmp" -ItemType Directory -Force | Out-Null 127 | 128 | } 129 | 130 | Context 'When set is called and actual value does not match expected value'{ 131 | 132 | It 'Should update MaximumSizeInBytes' { 133 | Set-WinEventLogTargetResource -LogName 'Pester' -MaximumSizeInBytes '5111800' 134 | (Get-WinEvent -ListLog 'Pester').MaximumSizeInBytes | Should Be '5111800' 135 | } 136 | 137 | It 'Should update the LogMode'{ 138 | Set-WinEventLogTargetResource -LogName 'Pester' -LogMode 'AutoBackup' 139 | (Get-WinEvent -ListLog 'Pester').LogMode | Should Be 'AutoBackup' 140 | } 141 | 142 | It 'Should update IsEnabled to false' { 143 | Set-WinEventLogTargetResource -LogName 'Microsoft-Windows-CAPI2/Operational' -IsEnabled $false 144 | (Get-WinEvent -ListLog 'Microsoft-Windows-CAPI2/Operational').IsEnabled | Should Be $false 145 | } 146 | 147 | It 'Should update SecurityDescriptor' { 148 | Set-WinEventLogTargetResource -LogName 'Pester' -SecurityDescriptor 'O:BAG:SYD:(A;;0x7;;;BA)(A;;0x7;;;SO)(A;;0x3;;;IU)(A;;0x3;;;SU)(A;;0x3;;;S-1-5-3)(A;;0x3;;;S-1-5-33)(A;;0x1;;;S-1-5-32-573)' 149 | (Get-WinEvent -ListLog 'Pester').SecurityDescriptor = 'O:BAG:SYD:(A;;0x7;;;BA)(A;;0x7;;;SO)(A;;0x3;;;IU)(A;;0x3;;;SU)(A;;0x3;;;S-1-5-3)(A;;0x3;;;S-1-5-33)(A;;0x1;;;S-1-5-32-573)' 150 | } 151 | 152 | It 'Should update the LogFilePath'{ 153 | Set-WinEventLogTargetResource -LogName 'Pester' -LogFilePath 'c:\tmp\test.evtx' 154 | (Get-WinEvent -ListLog 'Pester').LogFilePath | Should Be 'c:\tmp\test.evtx' 155 | } 156 | } 157 | 158 | 159 | 160 | #Setting up mocks to validate code is never called... not sure if this is good practice 161 | Mock -CommandName Set-MaximumSizeInBytes -ModuleName MSFT_xWinEventLog -MockWith { 162 | return $true 163 | } 164 | 165 | Mock -CommandName Set-LogMode -ModuleName MSFT_xWinEventLog -MockWith { 166 | return $true 167 | } 168 | 169 | Mock -CommandName Set-SecurityDescriptor -ModuleName MSFT_xWinEventLog -MockWith { 170 | return $true 171 | } 172 | 173 | Mock -CommandName Set-IsEnabled -ModuleName MSFT_xWinEventLog -MockWith { 174 | return $true 175 | } 176 | 177 | Mock -CommandName Set-LogFilePath -ModuleName MSFT_xWinEventLog -MockWith { 178 | return $true 179 | } 180 | 181 | Context 'When desired value matches property'{ 182 | 183 | $Log = Get-WinEvent -ListLog 'Pester' 184 | Set-WinEventLogTargetResource -LogName $Log.LogName -SecurityDescriptor $log.SecurityDescriptor -LogMode $log.LogMode -IsEnabled $log.IsEnabled 185 | 186 | It 'Should not call Set-MaximumSizeInBytes'{ 187 | Assert-MockCalled -CommandName Set-MaximumSizeInBytes -ModuleName MSFT_xWinEventLog -Exactly 0 188 | } 189 | 190 | It 'Should not call Set-LogMode' { 191 | Assert-MockCalled -CommandName Set-LogMode -ModuleName MSFT_xWinEventLog -Exactly 0 192 | } 193 | 194 | It 'Should not call Set-SecurityDescriptor'{ 195 | Assert-MockCalled -CommandName Set-SecurityDescriptor -ModuleName MSFT_xWinEventLog -Exactly 0 196 | } 197 | 198 | It 'Should not call Set-IsEnabled'{ 199 | Assert-MockCalled -CommandName Set-IsEnabled -ModuleName MSFT_xWinEventLog -Exactly 0 200 | } 201 | 202 | It 'Should not call Set-LogFilePath'{ 203 | Assert-MockCalled -CommandName Set-LogFilePath -ModuleName MSFT_xWinEventLog -Exactly 0 204 | } 205 | } 206 | 207 | AfterAll { 208 | Remove-EventLog -LogName 'Pester' 209 | 210 | $log = Get-WinEvent -ListLog 'Microsoft-Windows-CAPI2/Operational' 211 | $log.IsEnabled = $Capi2Log.IsEnabled 212 | $log.SaveChanges() 213 | Remove-Item -Path "$env:SystemDrive\tmp" -Recurse -Force -ErrorAction SilentlyContinue 214 | } 215 | } 216 | -------------------------------------------------------------------------------- /appveyor.yml: -------------------------------------------------------------------------------- 1 | #---------------------------------# 2 | # environment configuration # 3 | #---------------------------------# 4 | 5 | version: 1.1.{build}.0 6 | environment: 7 | gallery_api: 8 | secure: 9ekJzfsPCDBkyLrfmov83XbbhZ6E2N3z+B/Io8NbDetbHc6hWS19zsDmy7t0Vvxv 9 | 10 | install: 11 | - git clone https://github.com/PowerShell/DscResource.Tests 12 | - ps: Write-Verbose -Message "PowerShell version $($PSVersionTable.PSVersion)" -Verbose 13 | - ps: Import-Module -Name "$env:APPVEYOR_BUILD_FOLDER\DscResource.Tests\AppVeyor.psm1" 14 | - ps: Invoke-AppveyorInstallTask 15 | 16 | #---------------------------------# 17 | # build configuration # 18 | #---------------------------------# 19 | 20 | build: false 21 | 22 | #---------------------------------# 23 | # test configuration # 24 | #---------------------------------# 25 | 26 | test_script: 27 | - ps: | 28 | Invoke-AppveyorTestScriptTask -CodeCoverage -CodeCovIo 29 | 30 | # scripts to run before deployment 31 | after_test: 32 | - ps: | 33 | Import-Module -Name "$env:APPVEYOR_BUILD_FOLDER\DscResource.Tests\AppVeyor.psm1" 34 | Invoke-AppveyorAfterTestTask 35 | 36 | #---------------------------------# 37 | # deployment configuration # 38 | #---------------------------------# 39 | 40 | deploy_script: 41 | - ps: | 42 | Invoke-AppVeyorDeployTask 43 | -------------------------------------------------------------------------------- /xWinEventLog.psd1: -------------------------------------------------------------------------------- 1 | # 2 | # Module manifest for module 'xWinEventLog' 3 | # 4 | # Generated by: Microsoft Corporation 5 | # 6 | # Generated on: 5/24/2014 7 | # 8 | 9 | @{ 10 | 11 | # Script module or binary module file associated with this manifest. 12 | # RootModule = '' 13 | 14 | # Version number of this module. 15 | moduleVersion = '1.3.0.0' 16 | 17 | # ID used to uniquely identify this module 18 | GUID = '5b4a0524-9c3f-44d6-933e-717c5c22b16a' 19 | 20 | # Author of this module 21 | Author = 'Microsoft Corporation' 22 | 23 | # Company or vendor of this module 24 | CompanyName = 'Microsoft Corporation' 25 | 26 | # Copyright statement for this module 27 | Copyright = '(c) 2014 Microsoft Corporation. All rights reserved' 28 | 29 | # Description of the functionality provided by this module 30 | Description = 'Configure Windows Event Logs. THIS MODULE HAS BEEN DEPRECATED. It will no longer be released. Please use the "WinEventLog" resource in ComputerManagementDsc instead.' 31 | 32 | # Minimum version of the Windows PowerShell engine required by this module 33 | PowerShellVersion = '4.0' 34 | 35 | # Name of the Windows PowerShell host required by this module 36 | # PowerShellHostName = '' 37 | 38 | # Minimum version of the Windows PowerShell host required by this module 39 | # PowerShellHostVersion = '' 40 | 41 | # Minimum version of Microsoft .NET Framework required by this module 42 | # DotNetFrameworkVersion = '' 43 | 44 | # Minimum version of the common language runtime (CLR) required by this module 45 | # CLRVersion = '' 46 | 47 | # Processor architecture (None, X86, Amd64) required by this module 48 | # ProcessorArchitecture = '' 49 | 50 | # Modules that must be imported into the global environment prior to importing this module 51 | # RequiredModules = @() 52 | 53 | # Assemblies that must be loaded prior to importing this module 54 | # RequiredAssemblies = @() 55 | 56 | # Script files (.ps1) that are run in the caller's environment prior to importing this module. 57 | # ScriptsToProcess = @() 58 | 59 | # Type files (.ps1xml) to be loaded when importing this module 60 | # TypesToProcess = @() 61 | 62 | # Format files (.ps1xml) to be loaded when importing this module 63 | # FormatsToProcess = @() 64 | 65 | # Modules to import as nested modules of the module specified in RootModule/ModuleToProcess 66 | NestedModules = '.\xWinEventLog.psm1' 67 | 68 | # Functions to export from this module 69 | FunctionsToExport = '*' 70 | 71 | # Cmdlets to export from this module 72 | CmdletsToExport = '*' 73 | 74 | # Variables to export from this module 75 | VariablesToExport = '*' 76 | 77 | # Aliases to export from this module 78 | AliasesToExport = '*' 79 | 80 | # List of all modules packaged with this module 81 | # ModuleList = @() 82 | 83 | # List of all files packaged with this module 84 | # FileList = @() 85 | 86 | # Private data to pass to the module specified in RootModule/ModuleToProcess. This may also contain a PSData hashtable with additional module metadata used by PowerShell. 87 | PrivateData = @{ 88 | 89 | PSData = @{ 90 | 91 | # Tags applied to this module. These help with module discovery in online galleries. 92 | Tags = @('DesiredStateConfiguration', 'DSC', 'DSCResourceKit', 'DSCResource') 93 | 94 | # A URL to the license for this module. 95 | LicenseUri = 'https://github.com/PowerShell/xWinEventLog/blob/master/LICENSE' 96 | 97 | # A URL to the main website for this project. 98 | ProjectUri = 'https://github.com/PowerShell/xWinEventLog' 99 | 100 | # A URL to an icon representing this module. 101 | # IconUri = '' 102 | 103 | # ReleaseNotes of this module 104 | ReleaseNotes = '* THIS MODULE HAS BEEN DEPRECATED. It will no longer be released. 105 | Please use the "WinEventLog" resource in ComputerManagementDsc instead. 106 | * Update appveyor.yml to use the default template. 107 | * Added default template files .codecov.yml, .gitattributes, and .gitignore, and 108 | .vscode folder. 109 | 110 | ' 111 | 112 | } # End of PSData hashtable 113 | 114 | } # End of PrivateData hashtable 115 | 116 | # HelpInfo URI of this module 117 | # HelpInfoURI = '' 118 | 119 | # Default prefix for commands exported from this module. Override the default prefix using Import-Module -Prefix. 120 | # DefaultCommandPrefix = '' 121 | 122 | } 123 | 124 | 125 | 126 | 127 | 128 | -------------------------------------------------------------------------------- /xWinEventLog.psm1: -------------------------------------------------------------------------------- 1 |  2 | function Show-xWinEventLogExamples 3 | { 4 | $path = Join-Path $PSScriptRoot 'Examples\*' 5 | if ($Host.Name -eq 'Windows PowerShell ISE Host') 6 | { 7 | psedit $path 8 | } 9 | else 10 | { 11 | $files = @() 12 | foreach ($f in dir $path) 13 | { 14 | $files += "$($f.FullName)" 15 | } 16 | PowerShell_ise -file $($files -join ",") 17 | } 18 | } 19 | --------------------------------------------------------------------------------