The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,575 other followers

Archive for the ‘Windows’ Category

Need to revisit osquery: SQL powered operating system instrumentation, monitoring, and analytics supports more platforms and also aggregates to central log locations

Posted by jpluimers on 2022/01/18

Almost two years ago, GitHub – facebook/osquery: SQL powered operating system instrumentation, monitoring, and analytics published from the automatic blog queue.

It was in the midst of my rectum cancer treatment, so I was glad the blog queue back then was still about 18 months deep.

This meant I looked into osquery in 2018, which I remember because I needed it on MacOS as I did not want to remember the syntax for MacOS specific commands on getting system information. It also coincides with how much my repository fork was behind: [Wayback: jpluimers/osquery commits/Archive: jpluimers/osquery commits].

Fast forward to now, the breath of systems I’m involved with has widened, so I was glad to see that Kristian Köhntopp mentioned it:

So time to try it again (:

The links he mentioned:

  • [Wayback/Archive] Welcome to osquery – osquery

    osquery is an operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. The tools make low-level operating system analytics and monitoring both performant and intuitive.

  • [Wayback/Archive] Welcome to osquery – osquery: High Level Features
    The high-performance and low-footprint distributed host monitoring daemon, osqueryd, allows you to schedule queries to be executed across your entire infrastructure. The daemon takes care of aggregating the query results over time and generates logs which indicate state changes in your infrastructure. You can use this to maintain insight into the security, performance, configuration, and state of your entire infrastructure. osqueryd‘s logging can integrate into your internal log aggregation pipeline, regardless of your technology stack, via a robust plugin architecture.
    The interactive query console, osqueryi, gives you a SQL interface to try out new queries and explore your operating system. With the power of a complete SQL language and dozens of useful tables built-in, osqueryi is an invaluable tool when performing incident response, diagnosing a systems operations problem, troubleshooting a performance issue, etc.
  • [Wayback/Archive] osqueryd (daemon) – osquery
  • [Wayback/Archive] osqueryi (shell) – osquery
  • [Wayback/Archive] Aggregating Logs – osquery
  • [Wayback/Archive] AWS Logging – osquery

Main site: [Wayback/Archive] osquery | Easily ask questions about your Linux, Windows, and macOS infrastructure

Repository: [Wayback/Archive] osquery/osquery: SQL powered operating system instrumentation, monitoring, and analytics.

–jeroen

Posted in *nix, *nix-tools, Apple, Development, DevOps, Facebook, Infrastructure, Mac, Mac OS X / OS X / MacOS, Power User, SocialMedia, Software Development, Windows | Leave a Comment »

A Redditor visits the iconic Windows XP “Bliss” hill in Microsoft Flight Simulator and recaptures the magic – NotebookCheck.net News

Posted by jpluimers on 2022/01/17

[Wayback] A Redditor visits the iconic Windows XP “Bliss” hill in Microsoft Flight Simulator and recaptures the magic – NotebookCheck.net News

XP:

2020:

Via: (note the wrong Windows version) [Archive.is] Stonehead on Twitter: “Zo ziet het Windows 95-bureaublad er tegenwoordig uit trouwens. Klimaatverandering is overal… “

–jeroen

Read the rest of this entry »

Posted in History, Power User, Windows, Windows XP | Leave a Comment »

Alexander Klöpping. Juist nu. on Twitter: “Is er een voice recorder app waarbij je met een druk op de knop tijdcodes kunt markeren omdat vlak voordat moment iets belangrijks gezegd werd? Zodat je achteraf makkelijk de belangrijke momenten kunt terugzoeken?” / Twitter

Posted by jpluimers on 2022/01/07

[Archive.is1/Archive.is2] Alexander Klöpping. Juist nu. on Twitter: “Is er een voice recorder app waarbij je met een druk op de knop tijdcodes kunt markeren omdat vlak voordat moment iets belangrijks gezegd werd? Zodat je achteraf makkelijk de belangrijke momenten kunt terugzoeken?” / Twitter

Selectie voor Android / Windows / MacOS:

–jeroen

Posted in Android Devices, Power User, Windows | Leave a Comment »

The Evolution of Windows Search | Windows Search Platform

Posted by jpluimers on 2022/01/03

Great post [WayBack] The Evolution of Windows Search | Windows Search Platform, covering some 3 decades of search:

  • 1991 (Cairo with WinFS)
  • 1996 (Windows NT 4.0)
  • 2000 (Windows 2000)
  • 2001 (Windows XP)
  • 2007 (Windows Vista)
  • 2009 (Windows 7)
  • 2012 (Windows 8.x)
  • 2015 (Windows 10)

It is part 1 of a series of 4 posts by [WayBack] Brendan Flynn, Author at Windows Search Platform:

  1. The Evolution of Windows Search  👈  You Are here
  2. Windows Search Configuration and Settings
  3. What’s in my index?
  4. How to make the most of search on Windows

When grabbing them, only the first two parts were available. Part two was about [WayBack] Configuration and Settings | Windows Search Platform with an in depth coverage of both the old style Control Panel applet as the new Windows 10 Settings page.

Via: [Archive.is] Immo Landwerth on Twitter: “If you like Raymond Chen’s The Old New Thing, then you might love this new developer focused blog too. It starts with an interesting history of Windows Search, by @brflynn_ms. Enjoy & subscribe!”

–jeroen

Posted in Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows NT, Windows Server 2000, Windows Vista, Windows XP | Leave a Comment »

Run the latest RDP session in full-screen

Posted by jpluimers on 2021/12/28

MSTSC.exe helptext

MSTSC.exe helptext

I created this small batch file:

:: start last RDP session (or new one with command-line parameters) full-screen
:: see https://interworks.com/blog/ijahanshahi/2012/01/02/mstsc-commands-and-creating-custom-remote-desktop-shortcut/
mstsc /f %*

It is based on [Wayback] MSTSC Commands and Creating a Custom Remote Desktop Shortcut | InterWorks, which has the helptext for MSTSC.exe (which stands for MicroSoft Terminal Services).

Later I found out a way easier method to get that helptext is to run MSTSC.exe /?, which shows a nice dialog:

[Window Title]
Remote Desktop Connection Usage

[Content]
MSTSC [] [/v:<server[:port]>] [/g:] [/admin] [/f[ullscreen]] [/w: /h:] [/public] | [/span] [/multimon] [/edit "connection file"] [/restrictedAdmin] [/remoteGuard] [/prompt] [/shadow: [/control] [/noConsentPrompt]]

"connection file" -- Specifies the name of an .RDP file for the connection.

/v:<server[:port]> -- Specifies the remote PC to which you want to connect.

/g: -- Specifies the RD Gateway server to use for the connection. This parameter is only read if the endpoint remote PC is specified with /v.

/admin -- Connects you to the session for administering a remote PC.

/f -- Starts Remote Desktop in full-screen mode.

/w: -- Specifies the width of the Remote Desktop window.

/h: -- Specifies the height of the Remote Desktop window.

/public -- Runs Remote Desktop in public mode.

/span -- Matches the remote desktop width and height with the local virtual desktop, spanning across multiple monitors, if necessary. To span across monitors, the monitors must be arranged to form a rectangle.

/multimon -- Configures the Remote Desktop Services session monitor layout to be identical to the current client-side configuration.

/edit -- Opens the specified .RDP connection file for editing.

/restrictedAdmin -- Connects you to the remote PC in Restricted Administration mode. In this mode, credentials won't be sent to the remote PC, which can protect you if you connect to a PC that has been compromised. However, connections made from the remote PC might not be authenticated by other PCs, which might impact application functionality and compatibility. This parameter implies /admin.

/remoteGuard -- Connects your device to a remote device using Remote Guard. Remote Guard prevents credentials from being sent to the remote PC, which can help protect your credentials if you connect to a remote PC that has been compromised. Unlike Restricted Administration mode, Remote Guard also supports connections made from the remote PC by redirecting all requests back to your device.

/prompt -- Prompts you for your credentials when you connect to the remote PC.

/shadow: -- Specifies the ID of the session to shadow.

/control -- Allows control of the session when shadowing.

/noConsentPrompt -- Allows shadowing without user consent.

[OK]

–jeroen

Posted in Batch-Files, Development, Power User, Remote Desktop Protocol/MSTSC/Terminal Services, Scripting, Software Development, Windows | Leave a Comment »

 
%d bloggers like this: