Checking The Event Log With PowerShell

Good administrators work really hard so that they don’t have to work really hard. Well, that’s an oxymoronic statement if I’ve ever written one. So what do I mean?

Smart administrators are willing to spend time automating as much of their routine work as possible. Why go through the hassle of manually checking a long list of servers on a periodic basis when you can configure a scheduled task to do it for you and report only the exceptions. Smart administrators know that the effort to set up these processes on the front-end will pay dividends on the back-end, freeing them up to handle the exceptions or to play with the latest and greatest technology.

Checking Event Logs With PowerShell

Let’s take a simple example using PowerShell.

It’s a good practice to regularly review the Windows Event Log on the your servers to make sure things are going smoothly. You could make a note to remind you to manually connect to each server and sift through its event log. But that would be cumbersome and time intensive.

That’s where PowerShell can help. The following one-line PowerShell script will check the Event Log on a server, looking for only the Errors that have occurred within the past week. It doesn’t report the informational and warning entries, only the errors.

Get-EventLog Application -EntryType Error -After (Get-Date).AddDays(-7);

You can schedule this to run daily, weekly, or some other interval by changing the -7 parameter on the AddDays method.

Emailing The Results

“That’s great, but it’d be even more convenient to have the result automatically delivered to my inbox.” You can do that.

$smtp_server = “mysmtpserver”;
$to = “joew@myemail.com”;
$from = “administrator@mycompany.com”;
$subject = “Event log from my server”;
$body = Get-EventLog Application -EntryType Error  `
-After (Get-Date).AddDays(-7);

send-mailmessage -to $to -from $from -subject `
$subject -body $body -smtpserver $smtp_server;

And there you have it: the beginning of a PowerShell script to automate a portion of your routine system checks.

About these ads

9 Responses to Checking The Event Log With PowerShell

  1. branchenbuch says:

    Please, can you PM me and tell me few more thinks about this, I am really fan of your blog… 34

  2. Hi, i just thought i’d post and let you know your blogs layout is really messed up on the K-Melonbrowser. Anyhow keep up the good work.

  3. Pingback: Weekly Link Post 166 « Rhonda Tipton's WebLog

  4. I would just like to let u know how much I learnt from your articles Bookmarked you.Hope to be back again for some more good stuff

  5. Awesome post this will really help me!

  6. Pingback: Using PowerShell To Search The Event Log « WebbTech Solutions

  7. source says:

    Hey, I just hopped over to your web page via StumbleUpon. Not somthing I would generally read, but I liked your views none the less. Thank you for creating something worth reading.

  8. I really like reading an article that can make men and women think. Also, thank you for allowing me to comment!

  9. 22Directory says:

    Having read this I believed it was very enlightening. I appreciate you taking the time and energy to put this information together. I once again find myself spending a significant amount of time both reading and posting comments. But so what, it was still worth it!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 31 other followers