New
#31
Let's also get the last 100 critical and error entries in the event log files:
# **********************INSTRUCTIONS**************************
# STEP 1 ** RUN POWERSHELL AS ADMINISTRATOR ******************
# ************************************************************
#
# WIN key | type POWERSHELL | do NOT hit ENTER |
# in the PROGRAMS list, right-click on WINDOWS POWERSHELL |
# choose "Run as administrator" |
# Click on the YES button (if such appears)
#
# WIN key = key with Microsoft log on top
#
# for the guru:
# WIN | type POWERSHELL | CTRL+SHIFT+ENTER key combo | ALT+Y keycombo
# ************************************************************
# STEP 2 ** COPY AND PASTE ***********************************
# ************************************************************
#
# COPY the script using CTRL+C,
# COPY every line of script down thru both EXIT statements
#
# PASTE into Powershell
#----Right-Click at the PowerShell Prompt
#----(Ctrl+V does not work)
#
# Start copying with first script line without a # at start of the line
# Note: Actually, you can paste the entire file if you rather
#-------Lines starting with a # are ignored by PowerShell
# ************************************************************
# STEP 3 ** SCRIPT OUTPUT & SCRIPT PURPOSE *******************
# ************************************************************
# --The script output and purpose is given at the very front of the script
#
# --The script output and purpose is given at the very front of the script
#
# ************************************************************
# ***************** NOTE - POWERSHELL VERSION*****************
# if you receive this error msg:
#--The system can not find the path specified
# you may need to update your PowerShell
# you must be using Powershell 2.0 or later.
#
# To determine your Powershell version:
#---Run PowerShell
#---enter $host.version
#---you should see at least:
# Major Minor Build Revision
# ----- ----- ----- --------
# 2......0......-1.....-1
#
# If you do not see the above, update your Vista/Win 7.
# ************************************************************
# *************** NOTE - EXECUTION POLICY*********************
# If you haven't set the execution policy, you may need to:
#---Run PowerShell
#---enter SET-EXECUTIONPOLICY -EXECUTIONPOLICY REMOTESIGNED
# ************************************************************
Script:# ************************************************************
# Places CRITICALandERROREVENTS.TXT on your DESKTOP
#
# Displays 100 most recent critical and error events in a Grid View
# Writes 100 most recent critical and error events to CriticalAndErrorEvents.txt
#
# Change the $MAX value for more or fewer events
# Change the $Lwidth value to 254 for example for longer lines
# **********************************************************
$MAX = 100
$LWidth = 132
$a = Get-WinEvent -FilterHashtable @{logname='*'; level=1,2} `
-max $MAX -verbose:$false -erroraction:silentlycontinue |
sort-object -property `
@{expression="level";Descending=$false}, `
@{expression="timecreated";Descending=$true} |
select-object -property leveldisplayname, timecreated, ID, Message
# $a | out-gridview -Title "Critical and Error Events"
$a | format-table @{Label = "Level"; Expression = {$_.leveldisplayname} }, timecreated, ID, Message -wrap -auto |
out-file $env:userprofile\Desktop\CRITICALandERROREVENTS.TXT -width $Lwidth
EXIT
EXIT
# ************************************************************
Quote