Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- param(
- [string]$Computer = "",
- [int]$maxAge = 1,
- [string]$unit = "",
- [int[]]$excludeIds = @(),
- [string[]]$excludeSource = @()
- )
- # get all event logs and prepare the result set
- $ResultSet = @();
- $EventLogs = (Get-WinEvent -ListLog *)
- Foreach($EventLog in $EventLogs){
- # set the filter according to the selected unit. If the unit parameter is ommitted, hours will be used.
- switch($unit){
- "seconds" { $eventFilter = @{ LogName = $EventLog.LogName; Level=3; StartTime=(get-date).AddSeconds(($maxAge * -1)) } }
- "minutes" { $eventFilter = @{ LogName = $EventLog.LogName; Level=3; StartTime=(get-date).AddMinutes(($maxAge * -1)) } }
- "hours" { $eventFilter = @{ LogName = $EventLog.LogName; Level=3; StartTime=(get-date).AddHours(($maxAge * -1)) } }
- "days" { $eventFilter = @{ LogName = $EventLog.LogName; Level=3; StartTime=(get-date).AddDays(($maxAge * -1)) } }
- default { $eventFilter = @{ LogName = $EventLog.LogName; Level=3; StartTime=(get-date).AddHours(($maxAge * -1)) } }
- }
- # select the current log and get all events with level 3 (error)
- $events = (Get-WinEvent -ErrorAction SilentlyContinue -FilterHashtable $eventFilter)
- Foreach($event in $events){
- if($excludeIds -notcontains $event.Id -and $excludeSource -notcontains $event.ProviderName){
- $Result = New-Object System.Object
- $Result | Add-Member -Type NoteProperty -Name LogName -Value $event.LogName
- $Result | Add-Member -Type NoteProperty -Name EventId -Value $event.Id
- $Result | Add-Member -Type NoteProperty -Name TimeStamp -Value $event.TimeCreated
- $Result | Add-Member -Type NoteProperty -Name Message -Value $event.Message
- $ResultSet += $Result
- }
- }
- }
- Write-Host ("{0}:{0} error entries found within the last {1} {2}." -f $ResultSet.Count,$maxAge,$unit);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
