可以通过事件查看器或通过那些获取事件的 cmdlet(例如 Get-EventLog cmdlet)查看此日志。默认情况下,Windows PowerShell 引擎和提供程序事件记录在事件日志中,但你可以使用事件日志首选项变量来自定义事件日志。 例如,可以添加有关 Windows PowerShell 命令的事件。
Gets the events in an event log, or a list of the event logs, on the local or remote computers. SYNTAX Get-EventLog [-LogName] <String> [[-InstanceId] <Int64[]>] [-After <DateTime>] [-AsBaseObject] [-Before <DateTime>] [-ComputerName <String[]>] [-EntryType {Error | Informat...
Gets the events in an event log, or a list of the event logs, on the local computer or remote computers. Syntax PowerShell Get-EventLog[-LogName] <String> [-ComputerName <String[]>] [-Newest <Int32>] [-After <DateTime>] [-Before <DateTime>] [-UserName <String[]>] [[-InstanceId...
[System.Net.Sockets.SocketType]::Dgram,[System.Net.Sockets.ProtocolType]::UDP);$s.Connect((New...
Now, click on the “Windows Logs”: option and check out the logs according to the desired: Access Event Logs Using PowerShell Users can view event logs using the following cmdlets in PowerShell: Get-EventLog -list OR Another command that is used to list the event logs is: Get-WinEvent...
Get-WinEvent -ListLog * | where {$_.RecordCount -gt 0} As you can see, Get-WinEvent is a clear winner when it comes to the amount of data it can access. While it means that you can access more information, it also means that it might take more effort to filter data. ...
You’re most likely to use Get-Eventlog most often. To view which event logs are available, run the command Get-EventLog-List Get-EventLog-LogName Security-Newest 10 To pull up event log entries that have a specific type, use the InstanceID parameter. For example, to see the last 10...
Get-WinEvent [[-LogName] <String[]>] [-MaxEvents <Int64>] [-ComputerName <String>] [-Credential <PSCredential>] [-FilterXPath <String>] [-Force] [-Oldest] [<CommonParameters>]PowerShell 复制 Get-WinEvent [-ListLog] <String[]> [-ComputerName <String>] [-Credential <PSCredential>]...
(Get-WinEvent -ListProvider TPM -ComputerName Server1).Events Keep in mind that both commands assume you are able to perform DNS name resolution for the remote computer and that you have permission to access the remote computer's event logs. ...
Get-WinEvent -LogName Application -MaxEvents 20 System, Application, Security, or Setup logs are the most common logs to query. You can also specify other log names. You can get a full list of event logs in Windows with the command: ...