-1

I am pretty new to PowerShell and would like to find a way of listing all events from all logs. My idea is to index each event in Elasticsearch and perform queries on them. I am particularly interested in each event detail:

  • Message
  • process ID
  • Parent Image
  • ...

I know there are command to list the logs and events of a particular log file. I was curious to know if a guru has a short and sweet solution while I continue finding my own solution.

Ansgar Wiechers
  • 193,178
  • 25
  • 254
  • 328
user2449584
  • 73
  • 1
  • 11

1 Answers1

1

When in doubt, read the documentation:

Get-WinEvent

Module: Microsoft.PowerShell.Diagnostics

Gets events from event logs and event tracing log files on local and remote computers.

[…]

-LogName
Gets events from the specified event logs. Enter the event log names in a comma-separated list. Wildcards are permitted. You can also pipe log names to Get-WinEvent.

Emphasis mine. Related.

Ansgar Wiechers
  • 193,178
  • 25
  • 254
  • 328