ScriptCenter has a very good article exploring the use of Windows PowerShell to analyze your eventlogs. Check it out at:
http://www.microsoft.com/technet/scriptcenter/topics/msh/cmdlets/get-eventlog.mspx
PSMDTAG:CMDLET: Get-EventLog
PSMDTAG:FAQ: EventLog – How do I find out what event logs exist? ANSWER: Get-EventLog -list
PSMDTAG:FAQ: EventLog – How can I get the most recent events? ANSWER: Get-EventLog System -Newest 100
PSMDTAG:FAQ: EventLog – how do I find all event with a particular ID? ANSWER: Get-EventLog System |where {$_.EventID -eq 7036}
PSMDTAG:FAQ: Eventlog – How can I find out which eventid has the most events? ANSWER: Get-EventLog System |group EventID |sort -desc count |select -first 10
Jeffrey Snover [MSFT]
Windows PowerShell/Aspen Architect
Visit the Windows PowerShell Team blog at: http://blogs.msdn.com/PowerShell
Visit the Windows PowerShell ScriptCenter at: http://www.microsoft.com/technet/scriptcenter/hubs/msh.mspx
0 comments