parse the WindowsUpdate.log

Welcome Forums General PowerShell Q&A parse the WindowsUpdate.log

This topic contains 2 replies, has 2 voices, and was last updated by

4 years, 6 months ago.

  • Author
  • #20549

    Topics: 33
    Replies: 112
    Points: 0
    Rank: Member

    Hello All
    I am trying to build a psobject aND just want to show the date and the fatal error message from the windowsupdate.log

    Here's what I am using, it's returning a string I need help extrating the message I guess I'm looking for the proper method like substring split or replace select-string ..etc

    Heres what i have so far

    Get-Content C:\Windows\WindowsUpdate.Log | Where-Object { $_–like '*FATAL*'} -OutVariable WULog
    $date = $WULog.Substring(0,10)
  • #20553

    Topics: 6
    Replies: 61
    Points: 44
    Rank: Member

    What you've got will pull the date off of the front of the line, but if you want to pull more than that, you'll have a lot of string manipulation going on. Try using the -split operator, (about_Split).

    $tokens = $WULog -split '\s+', 6
    "$($tokens[0]): $($tokens[5])"

    And $WULog will be an array, so you'll want to use a ForEach-Object loop to loop through each line in it.

  • #20557

    Topics: 33
    Replies: 112
    Points: 0
    Rank: Member

    WIth the help of Kirk Murno, We came up with this

    How can I incorporate this to survey multiple servers , and have it returun to a variable (custom object ), this what i have so far

    Function Get-WindowsUpdateLog2 {
        Param (
            [string]$computerName = $env:computerName
    Invoke-Command -ComputerName $computerName -ScriptBlock {
    $StartTimestamp = '11/12/2014 9:00:19'
    $EndTimeStamp = '11/12/2014 11:59:19'
    $filter = {($_.Date -ge $StartTimestamp) -and ($_.Date -le $EndTimeStamp)}
    $wsuslog = Import-Csv C:\Windows\WindowsUpdate.log -Delimiter "`t" -Header Date,Time,PID,TID,Component,Text |
    Where-Object {$_.Text -match 'FATAL' -or $_.Text -match 'WARNING'  } |   
    Select-Object -Property @{Name='Date';Expression={[DateTime]"$($_.Date) $($_.Time -replace ':\d+$','Z')"}},Text
    $wsuslog = $wsuslog | Where $filter
    $data = New-Object -TypeName PSObject -Property @{
     Computer = $computerName
     Date = $wsuslog.Date
     Message =  $wsuslog.Text
    write $data
    } -Credential $cred 
    $d = $servers |Test-Online -Parameter server| foreach {
     Get-WindowsUpdateLog -computerName $_  } 

The topic ‘parse the WindowsUpdate.log’ is closed to new replies.

denizli escort samsun escort muğla escort ataşehir escort kuşadası escort