AlexAsplund/Get-EventInformation.ps1

## Get-EventInformation.ps1
$Publishers = wevtutil ep

# Mååånga fel, antagligen pga. att inte eventet är dokumenterat OK hos provider

$ErrorActionPreference = "SilentlyContinue" # Shh sh sh
$AllEventData = Foreach($Publisher in $Publishers){
    [XML]$Events = wevtutil gp $Publisher /ge /gm:true /f:xml
    $Events.provider.events.event | Foreach {
        [PSCustomObject]@{
            event_id = $_.value
            publisher = $Publisher
            channel = $_.channel
            task = $_.task
            level = $_.level
            message = $_.message
            short_message = $_.message -replace "(^[^.]+).*",'$1'
        }
    }
}

$AllEventdata | ConvertTo-CSV -NoTypeInformation | Out-File C:\temp\event_descriptions.csv
	$Publishers = wevtutil ep

	# Mååånga fel, antagligen pga. att inte eventet är dokumenterat OK hos provider

	$ErrorActionPreference = "SilentlyContinue" # Shh sh sh
	$AllEventData = Foreach($Publisher in $Publishers){
	[XML]$Events = wevtutil gp $Publisher /ge /gm:true /f:xml
	$Events.provider.events.event \| Foreach {
	[PSCustomObject]@{
	event_id = $_.value
	publisher = $Publisher
	channel = $_.channel
	task = $_.task
	level = $_.level
	message = $_.message
	short_message = $_.message -replace "(^[^.]+).*",'$1'
	}
	}
	}

	$AllEventdata \| ConvertTo-CSV -NoTypeInformation \| Out-File C:\temp\event_descriptions.csv