Releases: EvotecIT/PSEventViewer
Releases · EvotecIT/PSEventViewer
PSEventViewer-v3.4.0
Full Changelog: EventViewerX-v3.3.2...PSEventViewer-v3.4.0
PSEventViewer 3.3.2
What's Changed
- refactor(correlation): harden UTC parsing and token sizing by @PrzemyslawKlys in #230
Full Changelog: EventViewerX-v3.3.1...EventViewerX-v3.3.2
PSEventViewer 3.3.1
What's Changed
- Fix PowerShell Gallery preview badge by @PrzemyslawKlys in #228
- Add reusable named-events timeline correlation query API by @PrzemyslawKlys in #229
Full Changelog: EventViewerX-v3.3.0...EventViewerX-v3.3.1
EventViewerX-v3.3.0
What's Changed
- EventViewerX: explicit rule registry (AOT-friendly) by @PrzemyslawKlys in #214
- EventViewerX: honor Reflection mode when explicit factories exist by @PrzemyslawKlys in #215
- EventViewerX: report CallerComputerName for 4740 lockouts by @PrzemyslawKlys in #216
- feat(eventviewerx): security EVTX report builders by @PrzemyslawKlys in #217
- feat(eventviewerx): EVTX stats report builder by @PrzemyslawKlys in #218
- EventViewerX: add BuildFromEvents/AddRange helpers for security reports by @PrzemyslawKlys in #219
- feat(eventviewerx): QueryLogXPath for custom XPath consumers by @PrzemyslawKlys in #220
- feat(eventviewerx): reusable top rows + preview helpers for report builders by @PrzemyslawKlys in #221
- Refactor EventViewerX EVTX query contract and thin report entry points by @PrzemyslawKlys in #222
- feat(eventviewerx): add typed live/catalog query executors by @PrzemyslawKlys in #223
- Add typed EVTX stats/security query executors by @PrzemyslawKlys in #224
- Centralize shared query helper logic in EventViewerX by @PrzemyslawKlys in #225
- Promote EVTX security request normalization contract by @PrzemyslawKlys in #226
- Add typed EventViewerX failure descriptor resolver with neutral engine naming by @PrzemyslawKlys in #227
Full Changelog: EventViewerX-v3.2.0...EventViewerX-v3.3.0
EventViewerX-v3.2.0
chore: 🔧 Update version to `3.2.0` in project files * Updated the version in `UpdateVersion.ps1` and `EventViewerX.csproj` to reflect the new release. * Ensures consistency across project files for versioning.
EventViewerX-v3.1.0
What's Changed
- feat(search): ✨ Implement quick probing and session management for ev… by @PrzemyslawKlys in #211
- feat(Rules): ✨ Refactor event handling and introduce RuleHelpers by @PrzemyslawKlys in #212
Full Changelog: EventViewerX-v3.0.0...EventViewerX-v3.1.0
EventViewerX-v3.0.0
What's Changed
- Add Get-WinEventInformation cmdlet by @PrzemyslawKlys in #24
- Add Get-WinEventFilter cmdlet by @PrzemyslawKlys in #23
- Implement Set-WinEventSettings cmdlet by @PrzemyslawKlys in #26
- Add Get-WinEventSettings cmdlet by @PrzemyslawKlys in #25
- Add GitHub Actions test workflow by @PrzemyslawKlys in #28
- Fix file path for QueryFileInformation test by @PrzemyslawKlys in #30
- Add PowerShell CI workflow by @PrzemyslawKlys in #29
- Fix operation type mapping by @PrzemyslawKlys in #35
- Handle EventObject XML parsing errors by @PrzemyslawKlys in #34
- Fix message parsing for Windows newlines by @PrzemyslawKlys in #33
- Fix query log file missing check by @PrzemyslawKlys in #31
- Fix ObjectClass access by @PrzemyslawKlys in #32
- Add XML docs for NamedEvents by @PrzemyslawKlys in #36
- Implement user SID cache by @PrzemyslawKlys in #37
- Fix date edge cases in TimeHelper by @PrzemyslawKlys in #38
- Handle FQDN lookup errors by @PrzemyslawKlys in #40
- Parse colon separated fields from event XML by @PrzemyslawKlys in #41
- Add NTLMv1 event tracking by @PrzemyslawKlys in #42
- Add scriptblock callback support to WatchEvents by @PrzemyslawKlys in #44
- Optimize UAC translation by @PrzemyslawKlys in #39
- Expose NIC identifiers by @PrzemyslawKlys in #47
- Introduce KnownLog enum with QueryLog overloads by @PrzemyslawKlys in #45
- Add more WinEventFilter unit tests by @PrzemyslawKlys in #46
- Add dedicated Group Policy event classes by @PrzemyslawKlys in #52
- Fix DirectorySearcher disposal by @PrzemyslawKlys in #48
- Fix WriteEvent for null replacement strings by @PrzemyslawKlys in #49
- Add Remove-EVXSource cmdlet by @PrzemyslawKlys in #43
- Fix dictionary key lookups by @PrzemyslawKlys in #50
- Add PSD1 refresh step in PowerShell CI by @PrzemyslawKlys in #53
- Implement Get-EVXProviderList cmdlet by @PrzemyslawKlys in #51
- Add missing XML comments and enable nullable by @PrzemyslawKlys in #54
- Add Kerberos ticket event parser by @PrzemyslawKlys in #55
- Add ClientGroupPolicies event class by @PrzemyslawKlys in #56
- Add CertificateIssued rule by @PrzemyslawKlys in #57
- Implement ProviderMetadata caching by @PrzemyslawKlys in #58
- Add AuditPolicyChange rule by @PrzemyslawKlys in #59
- Add PowerShell script restore functions by @PrzemyslawKlys in #62
- Extend Find-WinEvent with message filtering by @PrzemyslawKlys in #60
- Fix XPath escaping by @PrzemyslawKlys in #67
- Validate event IDs before query by @PrzemyslawKlys in #66
- Fix message null handling by @PrzemyslawKlys in #65
- Add default cases in ConvertSize by @PrzemyslawKlys in #64
- Add CancellationToken support by @PrzemyslawKlys in #68
- Add Firewall Rule Change event by @PrzemyslawKlys in #69
- Add Windows update failure rule by @PrzemyslawKlys in #70
- Add BitLocker key change rule by @PrzemyslawKlys in #71
- Add Kerberos policy change rule by @PrzemyslawKlys in #72
- Replace string.Format usage with interpolation by @PrzemyslawKlys in #73
- Fix build by checking for PowerShell DLLs by @PrzemyslawKlys in #74
- Add DeviceRecognized event handling by @PrzemyslawKlys in #76
- Implement async enumerable for QueryLogsParallel by @PrzemyslawKlys in #75
- Add Windows scheduled task delete rule by @PrzemyslawKlys in #77
- Add rule for event 4660 by @PrzemyslawKlys in #79
- Add ScheduledTaskCreated rule for event ID 4698 by @PrzemyslawKlys in #80
- Add KerberosTGTRequest support by @PrzemyslawKlys in #81
- Implement IDisposable for EventWatcher by @PrzemyslawKlys in #85
- Add tests for GroupPolicyHelpers by @PrzemyslawKlys in #82
- Fix EventLogReader null query handling by @PrzemyslawKlys in #84
- Handle exceptions in Parallel.ForEach by @PrzemyslawKlys in #83
- Add ADUserPrivilegeUse for event ID 4672 by @PrzemyslawKlys in #86
- Handle user rights assignment events by @PrzemyslawKlys in #87
- Rebuild event named system by @PrzemyslawKlys in #88
- Handle null channel references by @PrzemyslawKlys in #91
- Rename Last1Hours to Last1Hour by @PrzemyslawKlys in #90
- Add validation for thread count by @PrzemyslawKlys in #89
- Wrap Process instances in using statements by @PrzemyslawKlys in #92
- Fix time helper to use local time by @PrzemyslawKlys in #93
- Validate category bounds by @PrzemyslawKlys in #94
- Add Hyper-V VM start rule by @PrzemyslawKlys in #96
- Add Hyper-V VM shutdown rule by @PrzemyslawKlys in #95
- Limit Start-EVXWatcher threads by @PrzemyslawKlys in #98
- Add missing XML docs by @PrzemyslawKlys in #97
- Add DFS Replication rule by @PrzemyslawKlys in #108
- Handle BitLocker suspension event by @PrzemyslawKlys in #107
- Add DeviceDisabled rule by @PrzemyslawKlys in #106
- Add WEF subscription utilities by @PrzemyslawKlys in #99
- Add Exchange store mount event rule by @PrzemyslawKlys in #105
- Capture DHCP lease events by @PrzemyslawKlys in #104
- Implement IIS site stop detection by @PrzemyslawKlys in #103
- Add BugCheck event rule by @PrzemyslawKlys in #101
- Implement checkpoint creation rule by @PrzemyslawKlys in #100
- Refactor generic parsing by @PrzemyslawKlys in #114
- Add DataTable helper by @PrzemyslawKlys in #113
- Add async query methods by @PrzemyslawKlys in #112
- Implement resume support for multiple jobs by @PrzemyslawKlys in #111
- Add IIS binding failure rule by @PrzemyslawKlys in #102
- Use concurrent collection and clean unused locks by @PrzemyslawKlys in #109
- Add keyword filter support by @PrzemyslawKlys in #116
- Skip chunk generation when no IDs by @PrzemyslawKlys in #117
- Fix watcher ID handling by @PrzemyslawKlys in #118
- Fix query filter formatting by @PrzemyslawKlys in #119
- Add SQL database creation rule by @PrzemyslawKlys in #120
- Add staging suppo...
v2.4.3
What's new
Full Changelog: v2.4.1...v2.4.3
v2.4.2
Make logger public in Settings class for broader access
v2.4.1
Make logger public in Settings class for broader access