Created
October 1, 2014 15:13
-
-
Save macmula/b5dcc2fe7f0965f6fd15 to your computer and use it in GitHub Desktop.
Event viewer report script.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Generates Event Report | |
Get-EventLog -LogName Application -Newest 600 -EntryType Error | Sort-Object -Descending Source | | |
Select-Object -Property EntryType, Source | ConvertTo-Html –title EventReport –pre Application_Errors| | |
Out-File A:\SA.adm\EvtReports\EventReport.htm | |
Get-EventLog -LogName Security -Newest 600 -EntryType FailureAudit | Sort-Object -Descending Source | | |
Select-Object -Property EntryType, Source | ConvertTo-Html –pre Security_Errors| | |
Out-File –append A:\SA.adm\EvtReports\EventReport.htm | |
Get-EventLog -LogName System -Newest 600 -EntryType Error | Sort-Object -Descending Source | | |
Select-Object -Property EntryType, Source |ConvertTo-Html –pre System_Errors | | |
Out-File –append A:\SA.adm\EvtReports\EventReport.htm | |
#Rename with current date. | |
$date = get-date -f yyMMdd | |
rename-item A:\SA.adm\EvtReports\EventReport.htm -newname ("EventReport_$date.htm") | |
############################################ | |
#Backup, rename with date and clear events.# | |
############################################ | |
# EventBUConfig/App | |
$logFileName = "Application" # Add Name of the Logfile (System, Application, etc) | |
$path = "A:\sa.adm\Logs\" # Add Path, needs to end with a backsplash | |
#backupEvent | |
$exportFileName = $logFileName + (get-date -f yyMMdd) + ".evt" | |
$logFile = Get-WmiObject Win32_NTEventlogFile | Where-Object {$_.logfilename -eq $logFileName} | |
$logFile.backupeventlog($path + $exportFileName) | |
# EventBUConfig/Sec | |
$logFileName = "Security" # Add Name of the Logfile (System, Application, etc) | |
$path = "A:\sa.adm\Logs\" # Add Path, needs to end with a backsplash | |
#backupEvent | |
$exportFileName = $logFileName + (get-date -f yyMMdd) + ".evt" | |
$logFile = Get-WmiObject Win32_NTEventlogFile | Where-Object {$_.logfilename -eq $logFileName} | |
$logFile.backupeventlog($path + $exportFileName) | |
# EventBUConfig/Sys | |
$logFileName = "System" # Add Name of the Logfile (System, Application, etc) | |
$path = "A:\sa.adm\Logs\" # Add Path, needs to end with a backsplash | |
#backupEvent | |
$exportFileName = $logFileName + (get-date -f yyMMdd) + ".evt" | |
$logFile = Get-WmiObject Win32_NTEventlogFile | Where-Object {$_.logfilename -eq $logFileName} | |
$logFile.backupeventlog($path + $exportFileName) | |
#Clears EventLogs | |
Clear-EventLog -LogName Application | |
Clear-EventLog -LogName Security | |
Clear-EventLog -LogName System |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment