Author Posts

March 14, 2017 at 9:49 am

Hi all

I am trying to create a simple script to fetch the 'error' and 'warning' log types for the System and Application event logs. My original version of the script worked, and the files created were hardcoded into the script (e.g. Out-File C:\Event_Logs\SystemWarningPC-XXXXX.txt.

I didn't like this, and so created some tidier variables. This worked fine for one entry, but of course as soon as I introduced more than one into the script, the files overwrote each other. Ideally, all of the logs will output to separate files, each with their own entry name depending on date/logtype/PC name.

I'm just starting out, but a colleague of mine suggested I used a 'For' loop, in order to avoid this issue. Is this the right tool to use?

If you need to see the script, by all means, but be gentle, I'm kinda' new to this!

Thanks 🙂

March 14, 2017 at 10:38 am

Hi Raffaele,

Could you please share your code with us so we can take a look at it?

Albert

March 14, 2017 at 11:58 am

Hi

Thanks for your response. The following is the first bit of the code, which works exactly as I need it to. The issue is then, of course, asking PS to also fetch 'Application -Warning' and then 'System -Warning/-Error' logs as well, without overwriting the file output of the first bit.

I am likely doing this all wrong, and I think I 'know' how to solve it, but doing so is a little beyond me.

***

$logDirectory = "C:\Event_logs\"

if (!(Test-Path $logDirectory)) {
# This will only execute if is true
Write-Output "[Info]: $logDirectory does not exist, creating directory $logDirectory"
# Your command here use new-item -type directory
New-Item -ItemType Directory $logDirectory
}

[dateTime]$days = (get-date).AddDays(-10)

$currentdate = Get-Date -Format "-dd-MM-yyyy"

$Outputfile = "${logDirectory}${Comp}${currentdate}.txt"

$Comp = "PC-06021"

$events = Get-EventLog -LogName Application -After $days -EntryType Error -ComputerName $Comp

Write-Output $events | Out-File -Force $Outputfile

***

Thanks 🙂

March 15, 2017 at 2:53 pm

so, just to be clear:

– You want to collect the error and warnings from the application and the system eventlog.
– You want to do this for multiple computers
– you want a separate file for each date/computer/logfile

Just to think with you, why do you want this in this format (seperate textfiles) and how are you going to use it?
If you have 100 computers, that is 100 computers x 2 logfiles per day = 200 seperate textfiles every day you have to do something with.

It is perhaps a better idea to put them in a database so you can do with it whatever you want? There is a ebook for using a database with powershell on this site and how to do it.

Albert