PowerShell.com
Library » Script Library » Logs » GET Remote Event LOG in Powershell V1 (.NET method)

GET Remote Event LOG in Powershell V1 (.NET method)

Previous | Next | View all files | View Slideshow
posted by Sylvain LESIRE
10-27-2009
Downloads: 476
File size: 469 B
Views: 2,487
Embed
GET Remote Event LOG in Powershell V1 (.NET method)
  1. Function Get-RemoteEventLog
  2. param ([string]$Computername =$env:ComputerName, [string]$Logname = 0) 
  3. # connect .NET class to get eventlogs 
  4. $evt = [System.Diagnostics.EventLog]::GetEventLogs("$Computername"
  5.  
  6. # check if logname is asked 
  7. if ($logname -eq 0) {     
  8.          return $evt 
  9.         
  10.     Else
  11.     $val =
  12.     $evt | foreach
  13.             if ($_.log -contains $logname) { 
  14.                 $logindex=$val 
  15.                 
  16.             $val = $val +
  17.         
  18.      return $evt[$logindex].entries 
  19.     

This function permits to get event log from .NET from remote computer

This function was written to get eventlog for user in powershell V1 (not needed in powershell V2).

 

--------------------------------------------------------------------------------------------------------------------------------------------

command line reference

get-RemoteEventLog -ComputerName MyServer -LogName System


Index Time          Type Source                     EventID Message
----- ----          ----          ------                          ------- -------
 1807 sept. 03 0... Info Service Control M...     7036 Le service Service CO...
 1808 sept. 03 1... Info Service Control M...     7036 Le service Explorateu...
 1809 sept. 03 1... Info Service Control M...     7035 Un contrôle Démarrer ...
 1810 sept. 03 1... Info Service Control M...     7036 Le service Explorateu...
 1811 sept. 03 1... Info Service Control M...     7035 Un contrôle Démarrer ...
 1812 sept. 03 1... Info Service Control M...     7036 Le service Explorateu...
 1813 sept. 03 1... Info Service Control M...     7036 Le service Explorateu...
 1814 sept. 04 0... Info Service Control M...     7035 Un contrôle Démarrer ...
 1815 sept. 04 0... Info Service Control M...     7036 Le service Explorateu...

 

get-RemoteEventLog -ComputerName MyServer


 Max(K)     Retain OverflowAction        Entries Name
 ------          ------ --------------                ------- ----
    512        0 OverwriteAsNeeded         310 Application
    512        7 OverwriteOlder              0 Internet Explorer
    512        0 OverwriteAsNeeded       1 578 Sécurité
    512        0 OverwriteAsNeeded       2 147 Système
 15 360      0 OverwriteAsNeeded      16 583 Windows PowerShell

Concentrated Tech NSoftware Dell Compellent Sponsored by Idera and Concentrated Tech and NSoftware and Dell Compellent
Copyright 2011 PowerShell.com. All rights reserved.