Get-eventlog not working remotely

Welcome Forums General PowerShell Q&A Get-eventlog not working remotely

This topic contains 1 reply, has 2 voices, and was last updated by

1 year, 3 months ago.

  • Author
  • #85046

    Points: 0
    Rank: Member


    I am working on a script to pull specific eventID from Citrix broker servers running on Windows 2008R2 and 2012R2.
    I use a simple command to do this:
    get-eventlog -logname application -cn $server -after $date | ?{$_.eventid -eq "3013"} | select MachineName,EventID,TimeWritten,Message

    I run this remotely and it is working on most of the servers except few of the Windows Server 2012R2 OS servers. I get the following error:
    Cannot open log application on . Windows has not provided an error code

    The same command run flawlessly when run locally on that server.
    The user account has the exact same privileges on all the servers.
    Tried using get-winevent cmdlet — fails with similar error.
    Running get-service -computername also fails with an error, for not working servers.
    Remote-registry service is not working on all servers.
    Powershell remoting is not enabled in the environment, thus using Invoke-Command is not an option.

    What possible could be causing the issue? Is there an alternate way to read the event IDs off the remote server?

  • #85082

    Points: 1,811
    Helping HandTeam Member
    Rank: Community Hero

    I'd guess the necessary RPC stuff either isn't working or has been oddly locked-down. It's definitely related to the Remote Registry Service.

The topic ‘Get-eventlog not working remotely’ is closed to new replies.

denizli escort samsun escort muğla escort ataşehir escort kuşadası escort