powershell - get-wmiobject to pull logs using Win32_NTLogEvent -
i have use get-wmiobject pull logs off of remote server. winevent doesn't work 2003 servers , i'm getting blocked using eventlog. when run following command in powershell works fine, when send output file different results , i'm not sure why?
get-wmiobject -computername $server -query "select * win32_ntlogevent (logfile='system') , (eventcode='19') , (timewritten>'$begindate')") the output in powershell:
category : 8 categorystring : installation eventcode : 19 eventidentifier : 19 typeevent : insertionstrings : {update microsoft .net framework 2.0 sp2 on windows server 2003 , windows xp x86 (kb2836941)} logfile : system message : installation successful: windows installed following update: update microsoft . net framework 2.0 sp2 on windows server 2003 , windows xp x86 (kb2836941) the output of same command made variable , moved ($x > file.txt) different.
servername\root\cimv2:win32_ntlogevent.logfile="system",recordnumber=89477 any ideas?
edit**
foreach($server in $servers) { $day = (get-date -uformat %d) $hour = (get-date -uformat %m) if ( $hour -lt "30") { $begindate=[system.management.managementdatetimeconverter]::todmtfdatetime((get-date).adddays(-30)) $log = (get-wmiobject -computername $server -query "select * win32_ntlogevent (logfile='system') , (eventcode='19') , (timewritten>'$begindate')") } $fulllog += $server + '= [{ "logfile":"' + $log + '" }]' + "`r`n" } clear-content updatelog.js $fulllog > updatelog.js
so answer variable contained log information couldn't combined other strings in variable.
$fulllog += $server + $log (would not work) $fulllog += $log (would work) solution? broke information:
foreach($server in $servers) { $begindate=[system.management.managementdatetimeconverter]::todmtfdatetime((get-date).adddays(-30)) $mylog = get-wmiobject win32_ntlogevent -filter "(logfile='system') , (eventcode='19') , (timewritten>'$begindate')" -computername $server $first = $server + '= [{ "successupdate":"' $last = '"}]' $first >> updatelog.js $mylog >> updatelog.js $last >> updatelog.js write-host $server "logs uploaded." }
Comments
Post a Comment