Scripting Games 2012 Advanced Event 5

Advanced Event 5:

    This script reports information about error events on local and remote computers.
.PARAMETER Computers
    Name of the remote computer, if omitted localhost will be used.
    To collect information about error events from local computer, run the script without parameters.
    event5.ps1 "computer1","computer2"
    To collect information about error events on remote computers.
param (
    $identity  = [System.Security.Principal.WindowsIdentity]::GetCurrent()
    $principal = New-Object System.Security.Principal.WindowsPrincipal( $identity )
if (!($principal.IsInRole( [System.Security.Principal.WindowsBuiltInRole]::Administrator )))
    write-host "Warning: You're not running this script using elevated shell. You will not be able to access event logs that require Administrator permission."
Foreach ($server in $computers)
    Write-Host ""
    Get-WinEvent -listlog * -ea SilentlyContinue -ComputerName $server| Where-Object { $_.IsClassicLog -eq $true } | foreach {   
            write-host ($server + "  " + $_.logname) -BackgroundColor darkGray
            Get-WinEvent -ea silentlycontinue -ComputerName $Server -FilterHashtable @{logname = $_.logname ; level=2 } | `
                                              Group-Object Providername -NoElement | `
                                              Sort-Object Count -descending

No comments:

Post a Comment

Checking Cisco WSA For New Updates Availablity

In this post I will share my PowerShell code for querying the availability of new updates for Cisco WSA (Web Security Virtual Appliance). U...