LawrenceHwang/Get-PSWindowsUpdateLog.ps1

## Get-PSWindowsUpdateLog.ps1
function Get-PSWindowsUpdateLog
{
<#
.Synopsis
Parsing WindowsUpdate.log to objects for easy reporting. Default will retrieve the most recent 100 entires only.
.DESCRIPTION
This function will retrieve and then parse the c:\windows\system32\WindowsUpdate.log on local or remote computers. Using the -all parameter, the full log will be retrieved but this could be lengthy.
.EXAMPLE
PS E:\_PSTemp> Get-PSWindowsUpdateLog -ComputerName localhost

        ComputerName : localhost
        Date         : 2016-04-22
        Time         : 07:27:27:348
        ID           : 484
        Code         : 22e0
        Category     : AU
        Message      : #########

        ComputerName : localhost
        Date         : 2016-04-22
        Time         : 07:27:27:348
        ID           : 484
        Code         : 22e0
        Category     : AU
        Message      : ##  END  ##  AU: Search for updates [CallId = {FF0D2B2F-11E7-406F-AE97-B2C601CED0B0}]

.OUTPUTS
Custom objects that are actually string array.

#>
[CmdletBinding()]
    [outputtype([string[]])]

    Param
    (
        [Parameter(Mandatory=$true,
                   ValueFromPipelineByPropertyName=$true,
                   Position=0)]
        [string[]]$ComputerName,

        # Log path on remote computers
        [string]$WUlogPath ='c$\windows\windowsupdate.log',

        # Number of the recent log entries to retrive. Default 100.
        [int]$TailLogEntry = 100,

        # Get the full log
        [switch]$all

    )

    Begin
    {
        [string[]]$result = ""
        Write-Verbose -Message "Computer is $ComputerName"
    }
    Process
    {
        foreach ($c in $ComputerName) {
            try {
                Write-Verbose -Message "checking $c"

                if ($all){
                    $result = get-content -Path "\\$c\$WUlogPath" -ErrorAction Stop
                }
                else
                {
                    $result = get-content -Path "\\$c\$WUlogPath" -Tail $TailLogEntry -ErrorAction Stop
                }

            }
            catch {
                Write-Warning "$c - Unable to get Windows update log."
                break
            }

            foreach ($r in $result){

                    if ($r.length -eq 0){
                        Write-Verbose 'hitting the blank'
                        continue
                    }

                    else{

                        Write-Verbose -Message "checking $r"

                        $token = $r -split '\s+', 6

                    $prop = [ordered]@{
                        'ComputerName' 		 = $c
                        'Date'			 = $token[0]
                        'Time' 			 = $token[1]
                        'ID' 			 = $token[2]
                        'Code'			 = $token[3]
                        'Category'		 = $token[4]
                        'Message' 		 = $token[5]
                    }

                    $WULogObj = New-Object -TypeName psobject -Property $prop
                    $WULogObj.psobject.TypeNames.Insert(0,'PS.WULogObj')

                    Write-Output $WULogObj
                }
            }
        }
    }
    End
    {
    }
}
	function Get-PSWindowsUpdateLog
	{
	<#
	.Synopsis
	Parsing WindowsUpdate.log to objects for easy reporting. Default will retrieve the most recent 100 entires only.
	.DESCRIPTION
	This function will retrieve and then parse the c:\windows\system32\WindowsUpdate.log on local or remote computers. Using the -all parameter, the full log will be retrieved but this could be lengthy.
	.EXAMPLE
	PS E:\_PSTemp> Get-PSWindowsUpdateLog -ComputerName localhost

	ComputerName : localhost
	Date : 2016-04-22
	Time : 07:27:27:348
	ID : 484
	Code : 22e0
	Category : AU
	Message : #########

	ComputerName : localhost
	Date : 2016-04-22
	Time : 07:27:27:348
	ID : 484
	Code : 22e0
	Category : AU
	Message : ## END ## AU: Search for updates [CallId = {FF0D2B2F-11E7-406F-AE97-B2C601CED0B0}]

	.OUTPUTS
	Custom objects that are actually string array.

	#>
	[CmdletBinding()]
	[outputtype([string[]])]

	Param
	(
	[Parameter(Mandatory=$true,
	ValueFromPipelineByPropertyName=$true,
	Position=0)]
	[string[]]$ComputerName,

	# Log path on remote computers
	[string]$WUlogPath ='c$\windows\windowsupdate.log',

	# Number of the recent log entries to retrive. Default 100.
	[int]$TailLogEntry = 100,

	# Get the full log
	[switch]$all

	)

	Begin
	{
	[string[]]$result = ""
	Write-Verbose -Message "Computer is $ComputerName"
	}
	Process
	{
	foreach ($c in $ComputerName) {
	try {
	Write-Verbose -Message "checking $c"

	if ($all){
	$result = get-content -Path "\\$c\$WUlogPath" -ErrorAction Stop
	}
	else
	{
	$result = get-content -Path "\\$c\$WUlogPath" -Tail $TailLogEntry -ErrorAction Stop
	}

	}
	catch {
	Write-Warning "$c - Unable to get Windows update log."
	break
	}

	foreach ($r in $result){

	if ($r.length -eq 0){
	Write-Verbose 'hitting the blank'
	continue
	}

	else{

	Write-Verbose -Message "checking $r"

	$token = $r -split '\s+', 6

	$prop = [ordered]@{
	'ComputerName' = $c
	'Date' = $token[0]
	'Time' = $token[1]
	'ID' = $token[2]
	'Code' = $token[3]
	'Category' = $token[4]
	'Message' = $token[5]
	}

	$WULogObj = New-Object -TypeName psobject -Property $prop
	$WULogObj.psobject.TypeNames.Insert(0,'PS.WULogObj')

	Write-Output $WULogObj
	}
	}
	}
	}
	End
	{
	}
	}