Update login-notication.ps1

login-notication.ps1

@@ -1,64 +1,64 @@
-# =============================
-#        LOGIN LOGGER
-# =============================
-
-# --- Initialization ---
-$time        = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
-$username    = $env:USERNAME
-$hostname    = $env:COMPUTERNAME
-$remoteIp    = "Unknown"
-$asnInfo     = ""
-$locationInfo = ""
-$logPath     = "C:\LOGIN-OUT-ALERT\log.txt"
-$ntfyUrl     = "<your_ntfy_instance>"
-
-# --- Try to Get RDP Connection Info ---
-try {
-    $queryOutput = query session
-    $activeLine  = $queryOutput | Where-Object { $_ -match "$username" -and $_ -match "Active" }
-
-    if ($activeLine) {
-        # Normalize spacing and extract session ID
-        $clean     = $activeLine -replace '\s{2,}', ' '
-        $parts     = $clean.Split(' ')
-        $sessionId = $parts[2]
-
-        # Find established remote connections on RDP port
-        $rdpConns = Get-NetTCPConnection -LocalPort 3389 -State Established
-
-        foreach ($conn in $rdpConns) {
-            if ($conn.RemoteAddress -ne "127.0.0.1" -and $conn.RemoteAddress -ne "::1") {
-                $remoteIp = $conn.RemoteAddress
-                break
-            }
-        }
-
-        # --- IP Info Lookup ---
-        if ($remoteIp -ne "Unknown") {
-            $ipInfo = Invoke-RestMethod -Uri "https://ipinfo.io/$remoteIp/json"
-
-            if ($ipInfo) {
-                $asnInfo      = $ipInfo.org
-                $locationInfo = "$($ipInfo.city), $($ipInfo.region), $($ipInfo.country)"
-            }
-        }
-    }
-
-} catch {
-    $remoteIp = "Error: $($_.Exception.Message)"
-}
-
-# --- Construct Final Message ---
-$eventMessage = @"
-Time: [$time] 
-Who: $username logged into $hostname
-From: $remoteIp
-ASN: $asnInfo
-Location: $locationInfo
-"@
-
-# --- Write to Log File ---
-$eventMessage | Out-File $logPath -Append
-
-# --- Send to NTFY ---
-Invoke-RestMethod -Uri $ntfyUrl -Method Post -Body $eventMessage
+# =============================
+#        LOGIN LOGGER
+# =============================
+
+# --- Initialization ---
+$time        = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
+$username    = $env:USERNAME
+$hostname    = $env:COMPUTERNAME
+$remoteIp    = "Unknown"
+$asnInfo     = ""
+$locationInfo = ""
+$logPath     = "C:\<YOUR_DIRECTORY>\log.txt"
+$ntfyUrl     = "<your_ntfy_instance>"
+
+# --- Try to Get RDP Connection Info ---
+try {
+    $queryOutput = query session
+    $activeLine  = $queryOutput | Where-Object { $_ -match "$username" -and $_ -match "Active" }
+
+    if ($activeLine) {
+        # Normalize spacing and extract session ID
+        $clean     = $activeLine -replace '\s{2,}', ' '
+        $parts     = $clean.Split(' ')
+        $sessionId = $parts[2]
+
+        # Find established remote connections on RDP port
+        $rdpConns = Get-NetTCPConnection -LocalPort 3389 -State Established
+
+        foreach ($conn in $rdpConns) {
+            if ($conn.RemoteAddress -ne "127.0.0.1" -and $conn.RemoteAddress -ne "::1") {
+                $remoteIp = $conn.RemoteAddress
+                break
+            }
+        }
+
+        # --- IP Info Lookup ---
+        if ($remoteIp -ne "Unknown") {
+            $ipInfo = Invoke-RestMethod -Uri "https://ipinfo.io/$remoteIp/json"
+
+            if ($ipInfo) {
+                $asnInfo      = $ipInfo.org
+                $locationInfo = "$($ipInfo.city), $($ipInfo.region), $($ipInfo.country)"
+            }
+        }
+    }
+
+} catch {
+    $remoteIp = "Error: $($_.Exception.Message)"
+}
+
+# --- Construct Final Message ---
+$eventMessage = @"
+Time: [$time] 
+Who: $username logged into $hostname
+From: $remoteIp
+ASN: $asnInfo
+Location: $locationInfo
+"@
+
+# --- Write to Log File ---
+$eventMessage | Out-File $logPath -Append
+
+# --- Send to NTFY ---
+Invoke-RestMethod -Uri $ntfyUrl -Method Post -Body $eventMessage