Managing the Event Log

There are many components to manage when working with event logs. Probably the most important is the size of the log file. You want a log file that is large enough to contain the pertinent history of a particular system event, but not so large that it is cumbersome to work with.

Identifying the Sources

When working with event logs, it is important to know which log is being used for logging purposes. To identify this information, you need to determine the registered sources for the event log. An easy way to determine the sources for the event log is to use the WMI class Win32_NtEventLogFile. This is exactly what we do in the GetLogSources.ps1 script. We first define the $strLog variable, and assign the name of an event log ...

Get Windows PowerShell™ Scripting Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Windows PowerShell™ Scripting Guide by

Managing the Event Log

Identifying the Sources

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly