PowerShell Protect

Examples integrating with PowerShell Protect.

Display Log Messages in PowerShell Universal

This example configures PowerShell Protect to send log messages to a PowerShell Universal instance. It sends HTTP POST requests to the configured server.

PowerShell Protect Configuration

This configuration checks to see if the user has included the string \\corp\human-resources anywhere in their script. If they do, it sends an HTTP POST to the URL http://localhost:8080/protect

The body of the HTTP request will contain the computer name and user name separated by a comma.

$Condition = New-PSPCondition -Property "script" -Contains -Value "\\corp\human-resources"
$Block = New-PSPAction -Http -Address "http://localhost:8080/protect" -Format "{computerName},{userName}" -Name 'Universal'
$Rule = New-PSPRule -Action $Block -Condition $Condition -Name "HR Share"
$Config = New-PSPConfiguration -Rule $Rule -Action $Block -License "<License></License>"
Set-PSPConfiguration -Configuration $Config -FileSystem

PowerShell Universal Configuration

This PSU configuration defines an endpoint to accept the POST data from PowerShell Protect. It then saves the data to a file. It also defines a dashboard that will read the data and display it in a table. This assumes that you have installed the PowerShell Universal module and server.

Start-PSUServer -Port 8080 -Configuration {
New-PSUEndpoint -Url "/protect" -Method POST -Endpoint {
$Data = "$Env:Temp\data.csv"
if (-not (Test-Path $Data))
{
"computer,user" | Out-File $Data
}
$Body | Out-File $Data
}​
New-PSUDashboard -Name "Protect" -Content {
New-UDDashboard -Title 'Protect' -Content {
$Data = Import-Csv -Path "$Env:Temp\data.csv"
New-UDTable -Data $Data
}
}
}

Here is an example of the output for the dashboard.