Stack Overflow
Stack Overflow

Questions tagged [get-eventlog]

Get-EventLog is a powershell cmdlet that gets the events in an event log, or a list of the event logs, on the local or remote computers.

Get-EventLog is a powershell cmdlet that gets the events in an event log, or a list of the event logs, on the local or remote computers. Get-EventLog only works against the 'classic' event logs - it is compatible with Windows XP and 2003. It is deprecated.

According to get-eventlog

Get-EventLog uses a Win32 API that is deprecated. The results may not be accurate. Use the Get-WinEvent cmdlet instead.

See also

49 questions
1
vote
2 answers

How to exclude specific user in get-eventlog

I have the following script get-eventlog -LogName Security -InstanceId 4663 -after (Get-Date).AddMonths(-1) -before (Get-Date) | Select TimeWritten, @{Name="Account Name";Expression={ $_.ReplacementStrings[1]}}, @{Name="Object Name";e=…
NickPomroy
  • 65
  • 1
  • 8
1
vote
1 answer

Group eventlog entries and count errors

I have the following code which enumerates all event log sources and grabs the last few days worth of errors and warnings. Get-WinEvent -ListLog * -EA silentlycontinue | Where-Object { $_.recordcount } | ForEach-Object { Get-WinEvent…
Sentient
  • 11
  • 2
1
vote
1 answer

Get-Eventlog group by Event and Day

Get-EventLog -Logname system -Source "Microsoft-Windows-GroupPolicy" -EntryType "Information"| group-object -property source | sort-object -property Time -descending It does group everything together and counts it but I want the count to be also by…
Thevagabond
  • 323
  • 2
  • 9
  • 34
1
vote
1 answer

'GET-EVENTLOG' creating a full object list, then being filtered ? - is there quicker way?

The following Powershell script fetches all the System Error Events occuring today only - it works: Get-EventLog System -After ([datetime]::Today) | Where-Object { $_.EntryType -eq "Error" } But it can take several seconds to run : I suspect this…
monojohnny
  • 5,894
  • 16
  • 59
  • 83
1
vote
1 answer

Powershell script gives different results when run manually

I searched through the answers already on here, but didn't find anything I could say definitively answered my question. I have a script that should reach out to several servers as defined by a text file and report details from the EventLog. It also…
knowbody
  • 29
  • 3
1
vote
2 answers

Total number of event logs then piped out to a CSV

I've got the below Get-EventLog -LogName * -After (Get-Date).Adddays(-7) Which returns the information I require: Now when I export this information out with Export-Csv c:\temp\$([Environment]::MachineName).csv It returns the following under the…
Phil Skinner
  • 45
  • 1
  • 5
1
vote
1 answer

New to PowerShell

I am extremely new to PowerShell I am trying to create a script that will look thought the system event log and pull out the items that match Error, Verbose , and Warnings; Then I want to export them to a CSV file. I was able to get each of the…
Sean Donohue
  • 13
  • 2
1
vote
2 answers

Powershell Get-eventlog query. How to return X number of entries that meet criteria

I would like to find the single most recent occurrence of a list of certain event id's for multiple servers. I don't see a nice way to do this. If I use the -newest switch I have to play around with the number based on the relative size of each…
user1854377
  • 33
  • 2
  • 5
0
votes
0 answers

(Get-Date).AddDays(-$variable) formula not accepting Read-Host input

This script tells me how many times, in the last X amount of days, our workstations have been logged on. My code works fine when I write the number of days inside (Get-Date).AddDays(-$days). For example: $logins=(Invoke-Command -ComputerName…
Daniel Lopes
  • 1
  • 1
0
votes
1 answer

How to print process ıd in event log?

Im trying to get process id from my Get-Eventlog. I can not parse the process id from the message. How ı can get it from there ? I tried With Select string -Pattern but it did not worked. My powershell code : $directory = E:\BpLnfgDsc2.txt $message…
Faik SEVİM
  • 17
  • 4
0
votes
1 answer

getting eventlogs from Applications and Services log using python

I am trying to read event logs from Applications and Services log using python. However the output are not as expected. (Actual 10 vs output 838) I am using the following code. Was wondering if there is a mistake with the parameters. import…
user1204868
  • 606
  • 6
  • 15
  • 31
0
votes
1 answer

Powershell Filtering EventID with Where-Object

i am trying to Filter out some EventIDs from Get-Event log like this : ...More code here Get-EventLog -LogName $_ -EntryType Warning,Error | Where-Object {$_.EventID -ne '0|1|2|3|4|7|8|9|10|14|15|17...'} However i am running into trouble with the…
bill pi
  • 1
0
votes
3 answers

(PowerShell) How do I filter usernames with Get-EventLog

I'm working on a Powershell script to get all users who have logged in/out of a server in the past 7 days, where their name is not like "*-organization". The below works, but no matter what I try I'm not able to filter names $logs = get-eventlog…
Jeremiah Williams
  • 149
  • 3
  • 18
0
votes
1 answer

Export errors and warnings from all event logs using powershell

I am using the following code to export errors and warnings from all event logs into one text file. It works but is very slow and some of the messages are truncated. I wondered if there was a more efficent way of coding it. I'm new to powershell so…
Boyd Fields
  • 31
  • 6
0
votes
0 answers

Powershell Get-EventLog System -After -Before from remote nodes

I'm trying to get the EventLog systems from a list of nodes; I'm using psexec  and Get-EventLog. I would like to speed up the procedure by adding the After and Before parameters that I would like to read from a file. This is the piece of code that…
Emilio Russo
  • 1
1
2
3 4