We help IT Professionals succeed at work.
Get Started
Powershell Event Error Details
I have over 100 Windows servers from Windows 2003 to Windows 2012
We need to review the Event logs and a daily basis. We must use event viewer review the application and system logs.
This takes a while to expand the event log using MMC or Server Manager views.
I be playing around with Powershell scripts to handle this which is faster
So I use this command which lists the application Warnings Only from the last twenty four hours.
I use Level=2 for Errors also do this for both the application and system event logs.
This outputs see below and that is ok
get-winevent -FilterHashTable @{LogName='Application'; Level=3; StartTime=(get-date).addho
TimeCreated ProviderName Id Message
----------- ------------ -- -------
10/2/2015 12:09:26 PM Microsoft-Windows-Certific
10/2/2015 4:09:25 AM Microsoft-Windows-Certific
10/1/2015 8:09:24 PM Microsoft-Windows-Certific
This looks good
My question is how do I display the details of Event Id 64 using power shell
I only want to view the last occurrence I have only been able to get a long list of all instances.
Our management here is not keen on elaborate scripts they like us to use command line so we remember the commands
Every day the events will be different so maybe a short script where I can just add the event id as input would be nice.
Thoughts
Thanks
We need to review the Event logs and a daily basis. We must use event viewer review the application and system logs.
This takes a while to expand the event log using MMC or Server Manager views.
I be playing around with Powershell scripts to handle this which is faster
So I use this command which lists the application Warnings Only from the last twenty four hours.
I use Level=2 for Errors also do this for both the application and system event logs.
This outputs see below and that is ok
get-winevent -FilterHashTable @{LogName='Application'; Level=3; StartTime=(get-date).addho
TimeCreated ProviderName Id Message
----------- ------------ -- -------
10/2/2015 12:09:26 PM Microsoft-Windows-Certific
10/2/2015 4:09:25 AM Microsoft-Windows-Certific
10/1/2015 8:09:24 PM Microsoft-Windows-Certific
This looks good
My question is how do I display the details of Event Id 64 using power shell
I only want to view the last occurrence I have only been able to get a long list of all instances.
Our management here is not keen on elaborate scripts they like us to use command line so we remember the commands
Every day the events will be different so maybe a short script where I can just add the event id as input would be nice.
Thoughts
Thanks
Why Experts Exchange?
Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.
Jim Murphy
Programmer at Smart IT Solutions
When asked, what has been your best career decision?
Deciding to stick with EE.
Mohamed Asif
Technical Department Head
Being involved with EE helped me to grow personally and professionally.
Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question
Connect with Certified Experts to gain insight and support on specific technology challenges including:
- Troubleshooting
- Research
- Professional Opinions
Did You Know?
We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE