Reading the Event Logs

Once you have used Get-EventLog -list to identify the event logs that are installed on your computer, you can now use Get-EventLog to read the event logs. In the most basic form, you simply feed the name of the event log to the Get-EventLog cmdlet. This is shown in the following GetApplicationEventLog.ps1 script.

Example 3-2. GetApplicationEventLog.ps1

Get-EventLog application

When you run the command, the entire contents of the event log are dumped to the screen. The GetApplicationEventLog.ps1 script is a single line. Saving it as a script makes it easy to remember this command, and you can always add more commands to the script later. If we were to run the command that is contained in the script from the Windows PowerShell ...

Get Windows PowerShell™ Scripting Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Windows PowerShell™ Scripting Guide by

Reading the Event Logs

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly