The Get-EventLog cmdlet allows you to view event logs directly in your PowerShell terminal, similar to using Event Viewer.
Below are some quick examples to get started:
1. List Available Event Log Types
2. Show Events by Count
3. Filter Events by Message
4. View Full Message of an Event
1. List Available Event Log Types
# Get List of Event Logs Available Get-EventLog -List
2. Show Events by Count
# Show Events by Count Get-EventLog -LogName Application | Group-Object -Property Source -NoElement | Sort-Object -Property Count -Descending
3. Filter Events by Message
Retrieve the 10 newest events containing “MSSQLSERVER” in the message:
# Show Events by Message Name Get-EventLog -LogName Application -Newest 10 -Message *MSSQLSERVER*
4. View Full Message of an Event
Display the full message of the most recent event containing “MSSQLSERVER”:
# Show Full Message of an Event Get-EventLog -LogName Application -Newest 1 -Message *MSSQLSERVER* | Select Message
Hope some of this was useful for you!
Leave a Reply