June 2017
Beginner to intermediate
742 pages
18h 29m
English
Content preview from Mastering Active Directory
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Reviewing events with PowerShell
We also can use PowerShell commands to review event logs or filter events from local and remote computers without any additional service configurations. Get-EventLog is the primary cmdlet we can use for this task:
Get-EventLog -List
The previous command will list down the details about the log files in your local system, including the log file name, max log file size, and number of entries:
Get-EventLog -LogName 'Directory Service' | fl
The previous command will list down all the events under the log file Directory Service. We also can limit the number of events we need to list down. As an example, if we only need to list down the latest 5 events from the Directory Service log file, we can use:
Get-EventLog ...