Merge pull request #770 from naacbin/event-log-explorer

Add Event Log Explorer
mandiant · Dec 22, 2023 · 33468e5 · 33468e5
2 parents 8842a36 + 499e722
commit 33468e5
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 0 deletions.
diff --git a/packages/event-log-explorer.vm/event-log-explorer.vm.nuspec b/packages/event-log-explorer.vm/event-log-explorer.vm.nuspec
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="utf-8"?>
+<package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
+  <metadata>
+    <id>event-log-explorer.vm</id>
+    <version>5.4.1.20231207</version>
+    <authors>FSPro Labs</authors>
+    <description>Software solution for viewing, analyzing and monitoring events recorded in Microsoft Windows event logs.</description>
+    <dependencies>
+      <dependency id="common.vm" />
+    </dependencies>
+  </metadata>
+</package>
diff --git a/packages/event-log-explorer.vm/tools/chocolateyinstall.ps1 b/packages/event-log-explorer.vm/tools/chocolateyinstall.ps1
@@ -0,0 +1,13 @@
+$ErrorActionPreference = 'Stop'
+Import-Module vm.common -Force -DisableNameChecking
+
+$toolName = 'Event Log Explorer'
+$category = 'Forensic'
+
+$exeUrl = 'https://eventlogxp.com/download/elex_setup.exe'
+$exeSha256 = 'caae0c43db65ce23dedad3e045f8459a2de0abbc289a2b83b8c55926fcff22bd'
+
+$toolDir = Join-Path ${Env:ProgramFiles(x86)} $toolName
+$executablePath = Join-Path $toolDir "elex.exe"
+
+VM-Install-With-Installer -toolName $toolName -category $category -fileType "EXE" -silentArgs '/VERYSILENT /SUPPRESSMSGBOXES /NORESTART /SP- /MERGETASKS="!desktopicon"' -executablePath $executablePath -url $exeUrl -sha256 $exeSha256
diff --git a/packages/event-log-explorer.vm/tools/chocolateyuninstall.ps1 b/packages/event-log-explorer.vm/tools/chocolateyuninstall.ps1
@@ -0,0 +1,7 @@
+$ErrorActionPreference = 'Continue'
+Import-Module vm.common -Force -DisableNameChecking
+
+$toolName = 'Event Log Explorer'
+$category = 'Forensic'
+
+VM-Uninstall $toolName $category