O'Reilly logo

Windows PowerShell™ Scripting Guide by Ed Wilson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Searching the Event Log

Exporting event logs to text, to XML, or to some other format before searching the data involves an extra step and is not as useful in the ebb and flow of production system operations as reading an online log. For this reason, it's important to brush up on your searching skills. The easiest way to search the event log involves using the Get-EventLog cmdlet. But rather than saving the data to an intermediate format, simply pipe the results into another cmdlet to perform the search. You'll soon learn several techniques for doing this. One of these techniques is the SearchByEventID.ps1 script, shown here.

Example 3-12. SearchByEventID.ps1

Get-EventLog -LogName system |
Where-Object { $_.eventID -eq 1129 }

To search the event ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required