PSEventViewer-v3.4.0

Full Changelog: EventViewerX-v3.3.2...PSEventViewer-v3.4.0

PSEventViewer 3.3.2

What's Changed

• refactor(correlation): harden UTC parsing and token sizing by @PrzemyslawKlys in #230

Full Changelog: EventViewerX-v3.3.1...EventViewerX-v3.3.2

PSEventViewer 3.3.1

What's Changed

• Fix PowerShell Gallery preview badge by @PrzemyslawKlys in #228
• Add reusable named-events timeline correlation query API by @PrzemyslawKlys in #229

Full Changelog: EventViewerX-v3.3.0...EventViewerX-v3.3.1

EventViewerX-v3.3.0

What's Changed

• EventViewerX: explicit rule registry (AOT-friendly) by @PrzemyslawKlys in #214
• EventViewerX: honor Reflection mode when explicit factories exist by @PrzemyslawKlys in #215
• EventViewerX: report CallerComputerName for 4740 lockouts by @PrzemyslawKlys in #216
• feat(eventviewerx): security EVTX report builders by @PrzemyslawKlys in #217
• feat(eventviewerx): EVTX stats report builder by @PrzemyslawKlys in #218
• EventViewerX: add BuildFromEvents/AddRange helpers for security reports by @PrzemyslawKlys in #219
• feat(eventviewerx): QueryLogXPath for custom XPath consumers by @PrzemyslawKlys in #220
• feat(eventviewerx): reusable top rows + preview helpers for report builders by @PrzemyslawKlys in #221
• Refactor EventViewerX EVTX query contract and thin report entry points by @PrzemyslawKlys in #222
• feat(eventviewerx): add typed live/catalog query executors by @PrzemyslawKlys in #223
• Add typed EVTX stats/security query executors by @PrzemyslawKlys in #224
• Centralize shared query helper logic in EventViewerX by @PrzemyslawKlys in #225
• Promote EVTX security request normalization contract by @PrzemyslawKlys in #226
• Add typed EventViewerX failure descriptor resolver with neutral engine naming by @PrzemyslawKlys in #227

Full Changelog: EventViewerX-v3.2.0...EventViewerX-v3.3.0

EventViewerX-v3.2.0

chore: 🔧 Update version to `3.2.0` in project files

* Updated the version in `UpdateVersion.ps1` and `EventViewerX.csproj` to reflect the new release.
* Ensures consistency across project files for versioning.

EventViewerX-v3.1.0

What's Changed

• feat(search): ✨ Implement quick probing and session management for ev… by @PrzemyslawKlys in #211
• feat(Rules): ✨ Refactor event handling and introduce RuleHelpers by @PrzemyslawKlys in #212

Full Changelog: EventViewerX-v3.0.0...EventViewerX-v3.1.0

EventViewerX-v3.0.0

What's Changed

• Add Get-WinEventInformation cmdlet by @PrzemyslawKlys in #24
• Add Get-WinEventFilter cmdlet by @PrzemyslawKlys in #23
• Implement Set-WinEventSettings cmdlet by @PrzemyslawKlys in #26
• Add Get-WinEventSettings cmdlet by @PrzemyslawKlys in #25
• Add GitHub Actions test workflow by @PrzemyslawKlys in #28
• Fix file path for QueryFileInformation test by @PrzemyslawKlys in #30
• Add PowerShell CI workflow by @PrzemyslawKlys in #29
• Fix operation type mapping by @PrzemyslawKlys in #35
• Handle EventObject XML parsing errors by @PrzemyslawKlys in #34
• Fix message parsing for Windows newlines by @PrzemyslawKlys in #33
• Fix query log file missing check by @PrzemyslawKlys in #31
• Fix ObjectClass access by @PrzemyslawKlys in #32
• Add XML docs for NamedEvents by @PrzemyslawKlys in #36
• Implement user SID cache by @PrzemyslawKlys in #37
• Fix date edge cases in TimeHelper by @PrzemyslawKlys in #38
• Handle FQDN lookup errors by @PrzemyslawKlys in #40
• Parse colon separated fields from event XML by @PrzemyslawKlys in #41
• Add NTLMv1 event tracking by @PrzemyslawKlys in #42
• Add scriptblock callback support to WatchEvents by @PrzemyslawKlys in #44
• Optimize UAC translation by @PrzemyslawKlys in #39
• Expose NIC identifiers by @PrzemyslawKlys in #47
• Introduce KnownLog enum with QueryLog overloads by @PrzemyslawKlys in #45
• Add more WinEventFilter unit tests by @PrzemyslawKlys in #46
• Add dedicated Group Policy event classes by @PrzemyslawKlys in #52
• Fix DirectorySearcher disposal by @PrzemyslawKlys in #48
• Fix WriteEvent for null replacement strings by @PrzemyslawKlys in #49
• Add Remove-EVXSource cmdlet by @PrzemyslawKlys in #43
• Fix dictionary key lookups by @PrzemyslawKlys in #50
• Add PSD1 refresh step in PowerShell CI by @PrzemyslawKlys in #53
• Implement Get-EVXProviderList cmdlet by @PrzemyslawKlys in #51
• Add missing XML comments and enable nullable by @PrzemyslawKlys in #54
• Add Kerberos ticket event parser by @PrzemyslawKlys in #55
• Add ClientGroupPolicies event class by @PrzemyslawKlys in #56
• Add CertificateIssued rule by @PrzemyslawKlys in #57
• Implement ProviderMetadata caching by @PrzemyslawKlys in #58
• Add AuditPolicyChange rule by @PrzemyslawKlys in #59
• Add PowerShell script restore functions by @PrzemyslawKlys in #62
• Extend Find-WinEvent with message filtering by @PrzemyslawKlys in #60
• Fix XPath escaping by @PrzemyslawKlys in #67
• Validate event IDs before query by @PrzemyslawKlys in #66
• Fix message null handling by @PrzemyslawKlys in #65
• Add default cases in ConvertSize by @PrzemyslawKlys in #64
• Add CancellationToken support by @PrzemyslawKlys in #68
• Add Firewall Rule Change event by @PrzemyslawKlys in #69
• Add Windows update failure rule by @PrzemyslawKlys in #70
• Add BitLocker key change rule by @PrzemyslawKlys in #71
• Add Kerberos policy change rule by @PrzemyslawKlys in #72
• Replace string.Format usage with interpolation by @PrzemyslawKlys in #73
• Fix build by checking for PowerShell DLLs by @PrzemyslawKlys in #74
• Add DeviceRecognized event handling by @PrzemyslawKlys in #76
• Implement async enumerable for QueryLogsParallel by @PrzemyslawKlys in #75
• Add Windows scheduled task delete rule by @PrzemyslawKlys in #77
• Add rule for event 4660 by @PrzemyslawKlys in #79
• Add ScheduledTaskCreated rule for event ID 4698 by @PrzemyslawKlys in #80
• Add KerberosTGTRequest support by @PrzemyslawKlys in #81
• Implement IDisposable for EventWatcher by @PrzemyslawKlys in #85
• Add tests for GroupPolicyHelpers by @PrzemyslawKlys in #82
• Fix EventLogReader null query handling by @PrzemyslawKlys in #84
• Handle exceptions in Parallel.ForEach by @PrzemyslawKlys in #83
• Add ADUserPrivilegeUse for event ID 4672 by @PrzemyslawKlys in #86
• Handle user rights assignment events by @PrzemyslawKlys in #87
• Rebuild event named system by @PrzemyslawKlys in #88
• Handle null channel references by @PrzemyslawKlys in #91
• Rename Last1Hours to Last1Hour by @PrzemyslawKlys in #90
• Add validation for thread count by @PrzemyslawKlys in #89
• Wrap Process instances in using statements by @PrzemyslawKlys in #92
• Fix time helper to use local time by @PrzemyslawKlys in #93
• Validate category bounds by @PrzemyslawKlys in #94
• Add Hyper-V VM start rule by @PrzemyslawKlys in #96
• Add Hyper-V VM shutdown rule by @PrzemyslawKlys in #95
• Limit Start-EVXWatcher threads by @PrzemyslawKlys in #98
• Add missing XML docs by @PrzemyslawKlys in #97
• Add DFS Replication rule by @PrzemyslawKlys in #108
• Handle BitLocker suspension event by @PrzemyslawKlys in #107
• Add DeviceDisabled rule by @PrzemyslawKlys in #106
• Add WEF subscription utilities by @PrzemyslawKlys in #99
• Add Exchange store mount event rule by @PrzemyslawKlys in #105
• Capture DHCP lease events by @PrzemyslawKlys in #104
• Implement IIS site stop detection by @PrzemyslawKlys in #103
• Add BugCheck event rule by @PrzemyslawKlys in #101
• Implement checkpoint creation rule by @PrzemyslawKlys in #100
• Refactor generic parsing by @PrzemyslawKlys in #114
• Add DataTable helper by @PrzemyslawKlys in #113
• Add async query methods by @PrzemyslawKlys in #112
• Implement resume support for multiple jobs by @PrzemyslawKlys in #111
• Add IIS binding failure rule by @PrzemyslawKlys in #102
• Use concurrent collection and clean unused locks by @PrzemyslawKlys in #109
• Add keyword filter support by @PrzemyslawKlys in #116
• Skip chunk generation when no IDs by @PrzemyslawKlys in #117
• Fix watcher ID handling by @PrzemyslawKlys in #118
• Fix query filter formatting by @PrzemyslawKlys in #119
• Add SQL database creation rule by @PrzemyslawKlys in #120
• Add staging suppo...

v2.4.3

What's new

Full Changelog: v2.4.1...v2.4.3

v2.4.2

Make logger public in Settings class for broader access

v2.4.1

Make logger public in Settings class for broader access