Author Posts

November 13, 2014 at 6:01 am

Hello All
I am trying to build a psobject aND just want to show the date and the fatal error message from the windowsupdate.log

Here's what I am using, it's returning a string I need help extrating the message I guess I'm looking for the proper method like substring split or replace select-string ..etc

Heres what i have so far

Get-Content C:\Windows\WindowsUpdate.Log | Where-Object { $_–like '*FATAL*'} -OutVariable WULog

$date = $WULog.Substring(0,10)


November 13, 2014 at 6:39 am

What you've got will pull the date off of the front of the line, but if you want to pull more than that, you'll have a lot of string manipulation going on. Try using the -split operator, (about_Split).

$tokens = $WULog -split '\s+', 6
"$($tokens[0]): $($tokens[5])"

And $WULog will be an array, so you'll want to use a ForEach-Object loop to loop through each line in it.

November 13, 2014 at 7:13 am

WIth the help of Kirk Murno, We came up with this

How can I incorporate this to survey multiple servers , and have it returun to a variable (custom object ), this what i have so far

Function Get-WindowsUpdateLog2 {
    Param (
        [string]$computerName = $env:computerName
    )

Invoke-Command -ComputerName $computerName -ScriptBlock {

$StartTimestamp = '11/12/2014 9:00:19'
$EndTimeStamp = '11/12/2014 11:59:19'
$filter = {($_.Date -ge $StartTimestamp) -and ($_.Date -le $EndTimeStamp)}
           
$wsuslog = Import-Csv C:\Windows\WindowsUpdate.log -Delimiter "`t" -Header Date,Time,PID,TID,Component,Text |
Where-Object {$_.Text -match 'FATAL' -or $_.Text -match 'WARNING'  } |   
Select-Object -Property @{Name='Date';Expression={[DateTime]"$($_.Date) $($_.Time -replace ':\d+$','Z')"}},Text

$wsuslog = $wsuslog | Where $filter

$data = New-Object -TypeName PSObject -Property @{

 Computer = $computerName
 Date = $wsuslog.Date
 Message =  $wsuslog.Text

}
write $data
} -Credential $cred 
    }


$d = $servers |Test-Online -Parameter server| foreach {
 Get-WindowsUpdateLog -computerName $_  }