Eventlogs: Unterschied zwischen den Versionen
Aus Wiki-WebPerfect
Admin (Diskussion | Beiträge) K |
Admin (Diskussion | Beiträge) |
||
| Zeile 4: | Zeile 4: | ||
<source lang="powershell">Get-EventLog -Newest 10 -LogName "Application"</source> | <source lang="powershell">Get-EventLog -Newest 10 -LogName "Application"</source> | ||
| − | + | === Spezielle EventLogs (Application and Services Logs) === | |
'''Beispiel ''Microsoft-Windows-Hyper-V-VMMS'' EventLogs:''' | '''Beispiel ''Microsoft-Windows-Hyper-V-VMMS'' EventLogs:''' | ||
<source lang="powershell">Get-WinEvent -ComputerName <Hostname> -ProviderName 'Microsoft-Windows-Hyper-V-VMMS' -MaxEvents 10 | ft -Property TimeCreated, MachineName, Id, LevelDisplayName, Message</source> | <source lang="powershell">Get-WinEvent -ComputerName <Hostname> -ProviderName 'Microsoft-Windows-Hyper-V-VMMS' -MaxEvents 10 | ft -Property TimeCreated, MachineName, Id, LevelDisplayName, Message</source> | ||
| + | |||
| + | |||
| + | == Beispiele / Tipps == | ||
| + | ==== Beispiel ''Microsoft-Windows-Hyper-V-VMMS'' EventLogs der letzten zwei Tage ==== | ||
| + | <source lang="powershell">Get-WinEvent -ComputerName <Hostname> -ProviderName 'Microsoft-Windows-Hyper-V-VMMS' | ? {$_.LevelDisplayName -eq "Error"} | ? {$_.TimeCreated -ge ((get-date).AddDays(-2))}</source> | ||
| + | |||
| + | ==== Eventlog mittels HashTable filtern ==== | ||
| + | <source lang="powershell">Get-WinEvent -FilterHashTable @{LogName ="Microsoft-Windows-Hyper-V-VMMS-Admin"} | ? {$_.LevelDisplayName -eq "Error"} | ? {$_.TimeCreated -ge ((get-date).AddDays(-2))}</source> | ||
| + | |||
| + | |||
Version vom 25. Juli 2017, 15:07 Uhr
Inhaltsverzeichnis
Standard EventLogs (Windows Logs)
Letze 10 Application EventLogs anzeigen
Get-EventLog -Newest 10 -LogName "Application"
Spezielle EventLogs (Application and Services Logs)
Beispiel Microsoft-Windows-Hyper-V-VMMS EventLogs:
Get-WinEvent -ComputerName <Hostname> -ProviderName 'Microsoft-Windows-Hyper-V-VMMS' -MaxEvents 10 | ft -Property TimeCreated, MachineName, Id, LevelDisplayName, Message
Beispiele / Tipps
Beispiel Microsoft-Windows-Hyper-V-VMMS EventLogs der letzten zwei Tage
Get-WinEvent -ComputerName <Hostname> -ProviderName 'Microsoft-Windows-Hyper-V-VMMS' | ? {$_.LevelDisplayName -eq "Error"} | ? {$_.TimeCreated -ge ((get-date).AddDays(-2))}
Eventlog mittels HashTable filtern
Get-WinEvent -FilterHashTable @{LogName ="Microsoft-Windows-Hyper-V-VMMS-Admin"} | ? {$_.LevelDisplayName -eq "Error"} | ? {$_.TimeCreated -ge ((get-date).AddDays(-2))}
