sr10952

## .readme
Prerequisites
Ensure that the 'Microsoft-Windows-DriverFrameworks-UserMode/Operational' event log is enabled on your system.
Identify the serial number of the USB device you want to monitor. You can use the wmic command to get this information.


Script
The script uses a $Query variable that contains a filter expression that selects events with EventID 2003 from the 'Microsoft-Windows-DriverFrameworks-UserMode/Operational' event log.

The script then retrieves the most recent event that matches the filter using the Get-WinEvent cmdlet.
	Prerequisites
	Ensure that the 'Microsoft-Windows-DriverFrameworks-UserMode/Operational' event log is enabled on your system.
	Identify the serial number of the USB device you want to monitor. You can use the wmic command to get this information.


	Script
	The script uses a $Query variable that contains a filter expression that selects events with EventID 2003 from the 'Microsoft-Windows-DriverFrameworks-UserMode/Operational' event log.

	The script then retrieves the most recent event that matches the filter using the Get-WinEvent cmdlet.