There are numerous Windows event logs and you now have full control using Get-WinEvent in PowerShell v.2. Instead of searching for specific event logs, you can search for specific event providers to determine which event logs they maintain. For example, to find all event logs related to policies, try this:
Get-WinEvent -ListProvider *policy*
Likewise, to find all providers related to PowerShell, replace "policy" with "PowerShell." Once you have identified a useful provider, this is how you dump all event log entries created by a specific provider:
Get-WinEvent -ProviderName PowerShell
ReTweet this Tip!
Posted
Sep 25 2009, 08:00 AM
by
ps1