Improve company productivity with a Business Account.Sign Up

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 138
  • Last Modified:

Unable to display time in the powershell script parsing Event Log ?

Hi People,

Can anyone here please help as to why the script below can display the rest of the column but not the time column ?

Get-ADComputer -LDAPFilter "(&(objectCategory=computer)(userAccountControl:1.2.840.113556.1.4.803:=8192))" | Get-EventLog -LogName Security 4720,4722,4725 |
 Select-Object EventId, Time, @{ 
   e={ ($_.message -replace '\n', ' ') -replace '.*?account name:\t+([^\s]+).*', '$1' } 
 }, @{
   e={ ($_.message -replace '\n', ' ') -replace '.*account name:\t+([^\s]+).*', '$1' } 

Open in new window

Am I missing anything here ?
Senior IT System Engineer
Senior IT System Engineer
  • 2
  • 2
1 Solution
The events returned don't have a property "Time". Try "TimeGenerated" instead.
Senior IT System EngineerIT ProfessionalAuthor Commented:

Thanks for the clarification,

somehow the pipe does not work ?

Get-EventLog : The input object cannot be bound to any parameters for the command either because the command does not take pipeline input or the input and its properties do not match any of the parameters that take
pipeline input.
Sorry, didn't verify that part.
The ComputerName argument doesn't accept pipeline input, so you'll need a ForEach-Object:
Get-ADComputer -LDAPFilter "(&(objectCategory=computer)(userAccountControl:1.2.840.113556.1.4.803:=8192))" |
	ForEach-Object {
		"Processing $($_.DNSHostName) ..." | Write-Host
		Get-EventLog -ComputerName $_.DNSHostName -LogName Security 4720, 4722, 4725 |
		Select-Object -Property `
			@{n='AccountName'; e={ ($_.message -replace '\n', ' ') -replace '.*?account name:\t+([^\s]+).*', '$1' }},
			@{n='TargetAccount'; e={ ($_.message -replace '\n', ' ') -replace '.*account name:\t+([^\s]+).*', '$1' }}

Open in new window

Senior IT System EngineerIT ProfessionalAuthor Commented:
You are awesome man !
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now