PowerShell | Get-EventLog

Simple one today! We are going to playing around with getting logs.

Get-EventLog

simple done…. well almost

lets make it make it actually work for us

$Event = Get-EventLog -LogName System -Newest 1000

or

$Event = Get-EventLog -LogName Application -Newest 1000 

$Event

now lets sort these puppies

$Event | Group-Object -Property Source -NoElement | Sort-Object -Property Count -Descending | Format-Table *

Thats Much nicer output!

 

Last 7 days of logs

So thats nice however the -Newest isnt that helpful if you are doing this constantly so lets change it a bit

$Date = (Get-Date).AddDays(-7)

$Event = Get-EventLog -LogName System -After $Date EntryType Error, Warning

$Event | Group-Object -Property Source -NoElement | Sort-Object -Property Count -Descending | Format-Table *

Now lets output this to a txt file too

$DateFormatted = Get-Date -Format FileDate

$Event | Group-Object -Property Source -NoElement | Sort-Object -Property Count -Descending | Format-Table * | Out-File -FilePath “C:\Logs$DateFormatted.txt” 

 

This could be handy scheduled task for checking counts for events and seeing whats causing them and if an action is actually needed? Could also have them emailed to an email address too. PowerShell | Using Send-MailMessage to Send Email

 

I hope this is helpful!

Luke Keam

Luke Keam

Thank you for reading.

Any questions, comments or suggestions please leave a message below

Have a great day from

Luke Keam
techgeek.biz

 
 
Luke Keam

Latest posts by Luke Keam (see all)

Facebooktwittergoogle_plus