50 questions
1
vote
2
answers
53
views
How can I resolve PowerShell script "cannot index null value" from line 6 of the code below
# Set the number of days to look back
$DaysBack = 7
# Get the current date and time
$EndDate = Get-Date
# Calculate the start date
$StartDate = $EndDate.AddDays(-$DaysBack)
# Get the list of users ...
0
votes
1
answer
57
views
Get-EventLog loop for psobjects, strange results
I've to collect certain events for sharing it by mail; I'm missing something because the script, take a lot of time for only 2 servers and, the result is absurd!
Server1 events count:
$Etype = @( &...
- 113
1
vote
1
answer
519
views
Filter get-eventlog by the subjects account name
I've created a little script that runs on our districts domain controllers that sends out an email any time a user is created in AD to our networking team. The script works great, but we want to ...
- 97
0
votes
1
answer
569
views
How to print process ıd in event log?
Im trying to get process id from my Get-Eventlog. I can not parse the process id from the message. How ı can get it from there ? I tried With Select string -Pattern but it did not worked. My ...
- 17
2
votes
1
answer
976
views
PowerShell - Grabbing user from security.etvx files
I'm not use to using PowerShell at all but so far I have the following code to grab a 4625 event
Get-WinEvent -MaxEvents 1 -FilterHashtable @{Path="C:\Users\ScriptTesting\Desktop\Security.evtx&...
- 135
1
vote
2
answers
1k
views
How to exclude specific user in get-eventlog
I have the following script
get-eventlog -LogName Security -InstanceId 4663 -after (Get-Date).AddMonths(-1) -before (Get-Date) |
Select TimeWritten, @{Name="Account Name";Expression={ $_....
- 77
0
votes
1
answer
508
views
getting eventlogs from Applications and Services log using python
I am trying to read event logs from Applications and Services log using python. However the output are not as expected. (Actual 10 vs output 838)
I am using the following code. Was wondering if there ...
- 606
0
votes
1
answer
822
views
Powershell Filtering EventID with Where-Object
i am trying to Filter out some EventIDs from Get-Event log like this :
...More code here
Get-EventLog -LogName $_ -EntryType Warning,Error |
Where-Object {$_.EventID -ne '0|1|2|3|4|7|8|9|10|14|15|17.....
- 1
0
votes
3
answers
8k
views
(PowerShell) How do I filter usernames with Get-EventLog
I'm working on a Powershell script to get all users who have logged in/out of a server in the past 7 days, where their name is not like "*-organization". The below works, but no matter what ...
1
vote
1
answer
2k
views
Export errors and warnings from all event logs using powershell
I am using the following code to export errors and warnings from all event logs into one text file.
It works but is very slow and some of the messages are truncated. I wondered if there was a more ...
- 41
0
votes
0
answers
214
views
Powershell Get-EventLog System -After -Before from remote nodes
I'm trying to get the EventLog systems from a list of nodes; I'm using psexec
and Get-EventLog.
I would like to speed up the procedure by adding the After and Before parameters that I would like to ...
2
votes
1
answer
6k
views
Powershell - Login/Logoff Events - Get-WinEvent vs Get-EventLog
I've been working on a script to pull logon/logoff history out of the Event logs. The issue is that almost every code example I found uses "Get-EventLog" which does work, but is extremely slow ...
- 51
0
votes
2
answers
4k
views
Powershell Get-EventLog from computers.txt and save data
I have some problems getting EventLog and save data. I am able to get my EventLogs but not logs from network computers.
Here is the code I am running:
$logFileName = "Application"
$path = $...
- 1
0
votes
1
answer
301
views
powershell get-eventlog add if more than 5 times
I am using:
"%windir%\system32\WindowsPowerShell\v1.0\powershell.exe" $log=Get-EventLog -LogName Security -InstanceID 4625 -After (Get-Date).AddDays(-60); if (($log)) {Write-Output $log[0].Message} ...
- 1
0
votes
1
answer
1k
views
Export Windows Logs with Precise Time
I am attempting to export Windows logs using the Get-WinEvent Powershell cmdlet. The following will get me the time precision I am looking for, but this only gets me the timestamp. I need to join the ...
