Home/PowerShell/Powershell : How to get Application and Systems Logs From Event Viewer

Powershell : How to get Application and Systems Logs From Event Viewer

I would like to show how-to work with events under Applications and system Logs using Powershell. Whether it’s an error report, a warning, or just an informational log, one of the most common places for Windows to write logging information is to the event logs. Let we some of the reason to view the window’s log,

  • Checking for errors after an unexpected restart.
  • To check the reason for service stop.

The Get-Eventlog cmdlet is a powerful and flexible way of pulling data out of the event logs, both in interactive sessions and in scripts. The below code will execute and output the system and application error from the local computer

Example:

OUTPUT:

Get-EventLog cmdlet :

Get-EventLog : Gets the events in an event log, or a list of the event logs, on the local or remote computers.

Syntax:

Execution on Remote Computers:

We don’t have credential parameter in the Get-EventLog. So Instead of the  Get-EventLog you may use the Get-WinEvent ,which support param the -Credential or use the  Get-WmiObject and class Win32_NTLogEvent

EX :

 

 

Leave a Reply