Checking The Event Log With PowerShell
October 13, 2010 10 Comments
Good administrators work really hard so that they don’t have to work really hard. Well, that’s an oxymoronic statement if I’ve ever written one. So what do I mean?
Smart administrators are willing to spend time automating as much of their routine work as possible. Why go through the hassle of manually checking a long list of servers on a periodic basis when you can configure a scheduled task to do it for you and report only the exceptions. Smart administrators know that the effort to set up these processes on the front-end will pay dividends on the back-end, freeing them up to handle the exceptions or to play with the latest and greatest technology.
Checking Event Logs With PowerShell
Let’s take a simple example using PowerShell.
It’s a good practice to regularly review the Windows Event Log on the your servers to make sure things are going smoothly. You could make a note to remind you to manually connect to each server and sift through its event log. But that would be cumbersome and time intensive.
That’s where PowerShell can help. The following one-line PowerShell script will check the Event Log on a server, looking for only the Errors that have occurred within the past week. It doesn’t report the informational and warning entries, only the errors.
Get-EventLog Application -EntryType Error -After (Get-Date).AddDays(-7);
You can schedule this to run daily, weekly, or some other interval by changing the -7 parameter on the AddDays method.
Emailing The Results
“That’s great, but it’d be even more convenient to have the result automatically delivered to my inbox.” You can do that.
$smtp_server = “mysmtpserver”;
$to = “joew@myemail.com”;
$from = “administrator@mycompany.com”;
$subject = “Event log from my server”;
$body = Get-EventLog Application -EntryType Error `
-After (Get-Date).AddDays(-7);
send-mailmessage -to $to -from $from -subject `
$subject -body $body -smtpserver $smtp_server;
And there you have it: the beginning of a PowerShell script to automate a portion of your routine system checks.
Please, can you PM me and tell me few more thinks about this, I am really fan of your blog… 34
Hi, i just thought i’d post and let you know your blogs layout is really messed up on the K-Melonbrowser. Anyhow keep up the good work.
Pingback: Weekly Link Post 166 « Rhonda Tipton's WebLog
I would just like to let u know how much I learnt from your articles Bookmarked you.Hope to be back again for some more good stuff
Awesome post this will really help me!
Pingback: Using PowerShell To Search The Event Log « WebbTech Solutions
Hey, I just hopped over to your web page via StumbleUpon. Not somthing I would generally read, but I liked your views none the less. Thank you for creating something worth reading.
I really like reading an article that can make men and women think. Also, thank you for allowing me to comment!
Having read this I believed it was very enlightening. I appreciate you taking the time and energy to put this information together. I once again find myself spending a significant amount of time both reading and posting comments. But so what, it was still worth it!
Great web site. Lots of helpful info here.
I’m sending it to a few friends ans additionally sharing in delicious.
And naturally, thank you on your effort!