Managing the Event Viewer with PowerShell

An easy way to manage your windows event viewer is to use PowerShell. With some simple commands you can open all the events. Let’s have a look on that….

Get-EventLog *
(gives an overview of all the available event sources)

Get-EventLog -LogName”DNS Server”
(gives all the event logs in the DNS server log)

Get-EventLog -LogName “DNS Server” -Newest 10
(gives the newest 10 event logs in the DNS server log)

event_01    event_02    event_03

When you put the following commands into a PS1 file and schedule it on a specific server, you’ll receive the event logs in an e-mail! 🙂
(in this example you’ll receive an e-mail from eventviewer@e2k10.local with the 10 newest event logs)

$body = Get-EventLog -LogName “dns server” -Newest 10 | out-string
$From = “eventviewer@e2k10.local”
$to = “administrator@e2k10.local”
$server = “srv-exc2010.e2k10.local”
$subject = “Event Viewer – srv-exc2010.e2k10.local”
$msg = new-object System.Net.Mail.MailMessage $From, $to, $subject, $body
$client = new-object System.Net.Mail.SmtpClient $Server