From 329bb8728ade57570096700812ad3ccc507c2e83 Mon Sep 17 00:00:00 2001
From: Nathan Windisch <git@wnd.sh>
Date: Thu, 25 Jul 2024 14:24:40 +0100
Subject: [PATCH] chore: Update PSGraylog module installation instructions and
 improve code readability

---
 README.md | 28 +++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/README.md b/README.md
index 46a750d..85f6db6 100644
--- a/README.md
+++ b/README.md
@@ -2,27 +2,29 @@
 *A PowerShell interface for Graylog*
 
 # Getting Started
-1. First, install and import the module from your local PSGallery repo. 
-   You should be prompted to set up your Graylog host, and your credentials. 
-	 (You can always re-run this with `Initialize-GraylogServiceVault`)
+1. First, download the module to your PSModulePath. You should probably verify random scripts before downloading on the internet, so maybe check out the 
+   [Install.ps1](https://git.wnd.sh/n/PSGraylog/raw/branch/main/Install.ps1) file before running it? c:
+   ```pwsh
+	$URI = "https://git.wnd.sh/n/PSGraylog/raw/branch/main/Install.ps1"
+	$URI | Invoke-RestMethod | Invoke-Expression
+	 ```
+2. Next, import the module into your environment. You should be prompted to set up your Graylog host, and your credentials. (Note that you can always re-run 
+   this with `Initialize-GraylogServiceVault` later if you wish)
    ```pwsh
-	TODO: How to install from a repo
-	Install-Module PSGraylog
 	Import-Module PSGraylog
 	 ```
-2. Then, connect to Graylog.
+3. Then, connect to Graylog.
    ```pwsh
-	Connect-GraylogService
+	Connect-Graylog
 	 ```
-3. Finally, run a query (the default for the -LogName parameter is 'Windows Security', which is (in my environment, anyways) Active Directory logs):
+4. Finally, run a query (the default for the **-LogName** parameter is *'Windows Security'*, which is (in my environment, anyways) Active Directory logs):
    ```pwsh
 	$Query = "EventID:4740 && TargetUsername:ab123456" 
 	Search-Graylog $Query
 	 ```
-4. If you want to re-use the data, you can use the -AsJob parameter to return a GraylogSearchJob object. 
-   This object contains various identifers used to locate the search query, and is much quicker then 
-	 re-running the query.
+5. If you want to re-use the data, you can use the **-AsJob** parameter to return a GraylogSearchJob object. This object contains various identifers used to 
+   locate the search query, and is much quicker then re-running the entire query from scratch with new identifiers.
 	 ```pwsh
-	 $Job = Search-Graylog $Query -AsJob
-	 $Job | Receive-GraylogSearchJob
+	$Job = Search-Graylog $Query -AsJob
+	$Job | Receive-GraylogSearchJob
 	 ```