Get-EventLog accessing Applications ans Servies Logs

All replies

• 

  

  9

  Sign in to vote

  this is right, because this eventlog cannot be read using Get-Eventlog cmdlet. To ensure you may type: Get-Eventlog -list. Instead you must use
  Get-WinEvent -PorivderName ' Microsoft-Windows-TerminalServices-Gateway'
  
  this requires PowerShell V2.
  

  ---

  [http://www.sysadmins.lv] As always enjoy the automation of tools within the Windows-based, .NET aware, WPF accessible, multi-processes on the same IP / Port usage, admin's automation tool, powershell.exe! © Flowering Weeds

  • Proposed as answer by MOW_ Tuesday, September 8, 2009 12:10 PM
  • Marked as answer by Marco Shaw Tuesday, September 8, 2009 3:28 PM

  Tuesday, September 8, 2009 9:20 AM
• 

  

  0

  Sign in to vote

  So can the contents of those event logs be read with Powershell by any other means, without version 2 of Powershell, which does not yet have a release version available for Server 2008 without installing R2?
  

  Tuesday, September 8, 2009 3:53 PM
• 

  

  0

  Sign in to vote

  Do you have .NET 3.5 installed?  Example:
  http://blogs.msdn.com/sergeim/archive/2008/12/10/how-to-do-etw-logging-from-net-application.aspx
  
  The above is in C#, but at least it provides some amount of promise...
  

  Tuesday, September 8, 2009 7:26 PM
• 

  

  0

  Sign in to vote

  Check this:

  $logname="application"
  $querystring="*[System/Level=2]"
  $eventsquery=new-object system.diagnostics.eventing.reader.eventlogquery $logname,"LogName",$querystring
  $entries=new-object system.diagnostics.eventing.reader.eventlogreader $eventsquery
  $entries.readevent()
  

  With help from:
  http://msdn.microsoft.com/en-us/library/bb671197.aspx
  
  Let me know if you have .NET 3.5 installed.  I can try to provide more code to help you out.

  Wednesday, September 9, 2009 4:00 PM