Pull Event logs off Windows server every 30 minutes using powershell

# +---------------------------------------------------------------------------
# | File : EventLogs.ps1                                          
# | Version : 1.5                                         
# | Purpose : Export Remote Event Logs to CSV. 
# | Synopsis: Creates a CSV file containing all Errors and Warnings from the 
# |           "Application", "System" & "Operations Manager" Event Logs 
# | Usage : .\EventLogs.ps1 -days NUMDAYS
# +----------------------------------------------------------------------------
# | Maintenance History                                            
# | -------------------                                            
# | Name            Date         Version         Description        
# | ------------------------------------------------------------------------------
# | Craig Wilson    25/11/2011   1.0            Initial Release
# | Craig Wilson    28/11/2011   1.1            Added '$store' variable for Log Location 
# | Craig Wilson    28/11/2011   1.2            Added Help Infomration
# | Craig Wilson    28/11/2011   1.3            BUG FIX: added "-Credential $user" switch in for all logs
# | Craig Wilson    28/11/2011   1.4            Added filter for Events
# | Craig Wilson    01/12/2011   1.5*           Added Array to loop through all servers in array and removed Paramter for servers. 
# +-------------------------------------------------------------------------------
##################
## HELP SECTION ##
##################
<#
.SYNOPSIS 
Script to export specific events from remote event logs to a CSV file
.DESCRIPTION 
This script will read the event logs of the array of Servers and export all but 
all relevant logs to a CSV File for the specified server over the period of history
requested at the command line.
Logs can be filtered by modifing the Query for the appropriate log..
.EXAMPLE 
.\EventLogs.PS1 -days 7
.NOTES 
Script may error if there are no events to record and will prompt for the password.
NO username or password information is stored by this script and nothing is written back
to the server. 
#>
#  Specify Command Line parameters
param([string]$days=$(throw "Days cannot be null"))
$servers = @("dc1", "dc2", "vs-webhost", "ts5", "ts7", "ts8", "ts9")

#Set namespace and calculate the date to start from
$namespace = "root\CIMV2" 
$BeginDate=[System.Management.ManagementDateTimeConverter]::ToDMTFDateTime((get-date).AddDays(-$days))
$store = "E:\Serverlogs"  # No trailing slash, Folder must already exist
foreach ($computer in $servers)
{
    # Get the Application Log and export to CSV
    Get-WmiObject -ComputerName $computer `
        -Query "SELECT ComputerName,Logfile,Type,TimeWritten,SourceName,Message,Category,EventCode,User `
            FROM Win32_NTLogEvent WHERE (logfile='Application') AND (type!='Information') AND (EventCode!='1062') `
            AND (EventCode!='9001') AND (EventCode!='1517') AND (EventCode!='16434') AND (EventCode!='16435') `
            AND (EventCode!='30969') AND (EventCode!='1202') AND (EventCode!='1517')  AND (EventCode!='257') `
            AND (TimeWritten > '$BeginDate')" | `
            SELECT ComputerName,Logfile,Type,@{name='TimeWritten';Expression={$_.ConvertToDateTime($_.TimeWritten)}},SourceName,Message,Category,EventCode,User | `
            Export-Csv "$store\$computer-Application.csv" 
    # Get the System Log and export to CSV
    Get-WmiObject -ComputerName $computer `
        -Query "SELECT ComputerName,Logfile,Type,TimeWritten,SourceName,Message,Category,EventCode,User `
            FROM Win32_NTLogEvent WHERE (logfile='System') AND (type!='Information') AND (EventCode!='257') AND (TimeWritten > '$BeginDate')" | `
            SELECT ComputerName,Logfile,Type,@{name='TimeWritten';Expression={$_.ConvertToDateTime($_.TimeWritten)}},SourceName,Message,Category,EventCode,User | `
            Export-Csv "$store\$computer-System.csv" 
}