Pages

tirsdag 4. februar 2014

Windows: Read Event Log with PowerShell

Here are some examples of listing events from the last 30 days.

Total Errors per day
Get-EventLog -LogName 'Application' -EntryType Error -After ((Get-Date).Date.AddDays(-30))| ForEach-Object{$_|Add-Member -MemberType NoteProperty -Name LogDay -Value $_.TimeGenerated.ToString("yyyyMMdd") -PassThru} | Group-Object LogDay | Select-Object @{N='LogDay';E={[int]$_.Name}},Count | Sort-Object LogDay | Format-Table -Auto

Errors by Event ID
Get-EventLog -LogName 'Application' -EntryType Error -After ((Get-Date).Date.AddDays(-30))| Group-Object EventID | Sort-Object Count -Descending

Warnings by Event ID
Get-EventLog -LogName 'Application' -EntryType Warning -After ((Get-Date).Date.AddDays(-30))| Group-Object EventID | Sort-Object Count -Descending