-
-
Save clr2of8/470e1bf3e05449e8b1a1e77e334b7fa5 to your computer and use it in GitHub Desktop.
Tail an event log through PowerShell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## PowerShell Eventing lets you tail an event log: | |
| ## http://powershellcookbook.com/recipe/IMyz/respond-to-automatically-generated-events | |
| $watcher = New-Object System.Diagnostics.Eventing.Reader.EventLogWatcher "Microsoft-Windows-PowerShell/Operational" | |
| Register-ObjectEvent $watcher EventRecordWritten -Action { | |
| $event = $eventArgs.EventRecord | |
| if($event.ProcessId -ne $pid) | |
| { | |
| ## Save the last event into a variable in the PowerShell sesssion if you want to explore its properties, | |
| ## as the eventing actions run in their own runspace | |
| # $GLOBAL:lastEvent = $event | |
| $event | Select Id, LogName, TimeCreated, @{ Label = "Message"; Expression = { $_.FormatDescription() } } | | |
| Format-Table -Wrap | Out-Host | |
| } | |
| } | |
| $watcher.Enabled = $true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment