PowerShell for Windows Admins

Jan 12 2015   11:41AM GMT

Event log dates

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Tags:
Powershell

You can use Get-EventLog to query the event logs on you system

Get-EventLog -LogName System

One frequent task is to check if events occurred during a specific timespan. You may feel that you need to use a where-object filter to do this but there is a simple method.

Get-EventLog -LogName System -After (Get-Date -Date ‘1/1/2015′)

Will return all events after the given date. if you don’t give a time your results start at midnight.

Get-EventLog -LogName System –Before (Get-Date -Date ’10/1/2015’)

Will return all events before 10 January 2015.

You ususally use –Before in conjunction with –After to specify a data range

Get-EventLog -LogName System -After (Get-Date -Date ‘1/1/2015′) -Before (Get-Date -Date ’10/1/2015′)

You can make these ranges quite specific

Get-EventLog -LogName System -After (Get-Date -Date ’10/1/2015 14:31:00′) -Before (Get-Date -Date ’10/1/2015 15:00:00’)

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: