jymcheong · February 19, 2025 15:25 · jymcheong · Apr 13, 2018 · bish0polis · Feb 19, 2025
diff --git a/autonxlog.ps1 b/autonxlog.ps1
 Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
 iex "choco install nxlog -y"
 $client = New-Object System.Net.WebClient

 # download & save the correct nxlog config which includes Sysmon, Nxlog WILL FAIL if Sysmon is not installed
 if ([System.IntPtr]::Size -eq 4) { # I also assumed no change in default install paths
    $url = "https://raw.githubusercontent.com/jymcheong/SysmonResources/master/6.%20Sample%20Data/nxlog.conf32.txt" 
    $path = "C:\Program Files\nxlog\conf\nxlog.conf"    
 } else {     
    $url = "https://raw.githubusercontent.com/jymcheong/SysmonResources/master/6.%20Sample%20Data/nxlog.conf64.txt" 
    $path = "C:\Program Files (x86)\nxlog\conf\nxlog.conf"
 }
 $client.DownloadFile($url, $path)

 # restart nxlog service
 Restart-Service -Name nxlog
	Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
	iex "choco install nxlog -y"
	$client = New-Object System.Net.WebClient

	# download & save the correct nxlog config which includes Sysmon, Nxlog WILL FAIL if Sysmon is not installed
	if ([System.IntPtr]::Size -eq 4) { # I also assumed no change in default install paths
	$url = "https://raw.githubusercontent.com/jymcheong/SysmonResources/master/6.%20Sample%20Data/nxlog.conf32.txt"
	$path = "C:\Program Files\nxlog\conf\nxlog.conf"
	} else {
	$url = "https://raw.githubusercontent.com/jymcheong/SysmonResources/master/6.%20Sample%20Data/nxlog.conf64.txt"
	$path = "C:\Program Files (x86)\nxlog\conf\nxlog.conf"
	}
	$client.DownloadFile($url, $path)

	# restart nxlog service
	Restart-Service -Name nxlog