Parse throught text and create event log

This topic contains 2 replies, has 2 voices, and was last updated by Profile photo of Don Jones Don Jones 1 year, 10 months ago.

  • Author
    Posts
  • #22049
    Profile photo of Rocky Cabral
    Rocky Cabral
    Participant

    I have a fax application that only logs to text files in a log directory. There are various log files for various things, such as; receive log, send log and etc...

    If I wanted to parse through say the send log for errors, such as; "Failed to send fax" : "select-string -path c:\fax\logs -pattern "failed", how would I create an event with the write-eventlog cmdlet that would include the rest of the string in the "failed" line?

    Eventually, once this can get accomplished, I can setup an alert in Splunk to notify when there is fax failure.

  • #22050
    Profile photo of Rocky Cabral
    Rocky Cabral
    Participant

    Failed to mention if there is a way to parse on new entries in the log and to check for new entries every 1 minute. I'm thinking setting it up in task scheduler.

  • #22051
    Profile photo of Don Jones
    Don Jones
    Keymaster

    Be careful not to post the first reply to your own posts; a lot of us look for "posts with no replies" as a sort of to-do list, and you fool us when you do that. See https://powershell.org/forums-tips/.

    Anyway.

    The output of Select-String would be a set of match objects – pipe it to Get-Member and you'll see. So, you would pipe those to (say) ForEach-Object. Within ForEach, you'd get $_ representing a single match, and that match will have properties that include the matched text. You could then use that for Write-EventLog. You may have to manipulate the text a bit to get exactly what you want, but that's all do-able within the ForEach-Object process script.

You must be logged in to reply to this topic.