PowerShell.com
Library » Script Library » Windows 7 » Read all Event Logs in one step

Read all Event Logs in one step

Previous | Next | View all files | View Slideshow
posted by Tobias
12-06-2010
Downloads: 579
File size: 592 B
Views: 2,627
Embed
Read all Event Logs in one step
  1. # get all event log entries from all event logs 
  2. # that occured in the past hour: 
  3.  
  4. $from = (Get-Date) - (New-Timespan -hour 1) 
  5.  
  6. get-eventlog -List |  
  7.     Select-Object -ExpandProperty Log |  
  8.     Foreach-Object { Write-Progress 'Examining Eventlog' $_; $_} |  
  9.     Foreach-Object {$log = $_;   
  10.     try { Get-EventLog -after $from -LogName $log -ea stop |  
  11.     Add-Member NoteProperty EventLog $log -pass  }  
  12.     catch { Write-Warning "Unable to access $log : $_"} } |  
  13.     Sort-Object TimeGenerated -desc  |  
  14.     Select-Object EventLog, TimeGenerated, EntryType, Source, Message |  
  15.     Format-Table -Auto 
Demonstrates how to query which event logs exist and then query all of them for all events that occured within the past hour. Code incorporates simple error handling, a progress bar and adding the original event log name to the entry properties so you know where the events originally came from.
Concentrated Tech NSoftware Dell Compellent Sponsored by Idera and Concentrated Tech and NSoftware and Dell Compellent
Copyright 2011 PowerShell.com. All rights reserved.