Resources for IT Professionals >
포럼 홈
>
Windows Server 2008 R2 Management
>
Powershell and the Security Event log
Powershell and the Security Event log
- I'm new to powershell and would like to find a solution to what I'm trying to do with powershell on Server 2008.
When I run
get-eventlog security | where {$_.Message -like ' *SomeUserName*' -and $_.EventID -match "4624"} | export-csv the Message column is just that, one big bloody mess to deal with. Not only would I like the traditional columns it creates I would also like to have the Message field part of the CSV so that columns like user account name appears, Ip address of where the event was located (all those nifty items found in the Message column)
Ideas?
Thanks!
모든 응답
- I'll need to try to find a sample message to look at it. If the fields are always in the same location (but if there lenght varies that's OK), then I could likely pull that information out.
What do you want in the end? You want additional fields in your CSV like "Message", "User account", "IP address"? That's all?
