Powershell – Scan Event Logs for Errors

 

This powershell script will scan the event log of all computers in AD and output errors in the system log to a CSV. You can modify the user specified variables to change the log searched and the type of event.

 

$datetime = Get-Date -Format “yyyyMMddhhmmss”;
$strCategory = “computer”;

###################

#User set Variables

$logname = “system”
$logtype = “Error”
$int_depth = 10

####################

# Create a Domain object. With no params will tie to computer domain
$objDomain = New-Object System.DirectoryServices.DirectoryEntry;

$objSearcher = New-Object System.DirectoryServices.DirectorySearcher; # AD Searcher object
$objSearcher.SearchRoot = $objDomain; # Set Search root to our domain
$objSearcher.Filter = (“(objectCategory=$strCategory)”); # Search filter

$colProplist = “name”;
foreach ($i in $colPropList)
{
$objSearcher.PropertiesToLoad.Add($i);
}

$colResults = $objSearcher.FindAll();

# Add column headers
Add-Content “$Env:USERPROFILE\eventlog_scan $datetime.csv” “Computer,Time,Entry Type,Source,Message”;

foreach ($objResult in $colResults)
{
$objComputer = $objResult.Properties;
$computer = $objComputer.name;

$ipAddress = $pingStatus.ProtocolAddress;
# Ping the computer
$pingStatus = Get-WmiObject -Class Win32_PingStatus -Filter “Address = ‘$computer'”;

if($pingStatus.StatusCode -eq 0)
{
Write-Host -ForegroundColor Green “Ping Reply received from $computer.”;

write-host “Connecting to $computer…”

$colItems = $objevent = Get-EventLog -logname $logname -EntryType $logtype -Newest $int_depth -ComputerName $computer

write-host “#############################”
write-host “Computer: ” $computer
write-host “#############################”
write-host
write-host

foreach ($objItem in $colItems)
{
write-host “Time Generated: ” $objItem.Time
$time = $objItem.TimeGenerated
write-host “Entry Type: ” $objItem.EntryType
$entrytype = $objItem.EntryType
write-host “Source: ” $objItem.Source
$source = $objItem.Source
write-host “Message: ” $objItem.Message
$message = $objItem.Message
write-host

# Need to add in a special character for ” as some of the values from the WMI query has commers in them that mess up the csv file
$sc = [char]34

Add-Content “$Env:USERPROFILE\eventlog_scan $datetime.csv” “$sc$computer$sc,$sc$time$sc,$sc$entrytype$sc,$sc$source$sc,$sc$message$sc”
}
}
else
{
Write-Host -ForegroundColor Red “No Ping Reply received from $computer.”;
}

}

 


online calculator
mortgage calculator
calculator
bmi calculator
money converter
conversion
loan calculator
love calculator
gpa calculator
temperature conversion
unit converter
calorie calculator
paycheck calculator
weight conversion
emi calculator
weight loss calculator
unit conversion
payroll calculator
tax refund calculator
calculate gpa
currency exchange
scientific calculator
percentage calculator
kalkulator
calculator online
salary calculator
tax calculator
graphing calculator
exchange rate calculator
auto loan calculator
car loan calculator
income tax calculator
texas instruments
fraction calculator
car payment calculator
retirement calculator
mortgage payment calculator
currency calculator
amortization calculator
subnet calculator
interest calculator
online graphing calculator
calculate bmi
compound interest calculator
home loan calculator
vat calculator
conversion calculator
factoring calculator
calc
payment calculator
body fat calculator
online scientific calculator
graphing calculator online
algebra calculator
tire size calculator
concrete calculator
google calculator
calculater
currency exchange rates
percent calculator
scientific calculator online
atar calculator
calculate gpa
mortgage repayment calculator
loan repayment calculator
savings calculator
finance calculator
mortgage loan calculator
financial calculator
stamp duty calculator
kalkulator online
car finance calculator
annuity calculator
investment calculator
sales tax calculator
interest rate calculator
caculator
free calculator
free online calculator
probability calculator
postage calculator
calculate percentage
loan payment calculator
ato tax calculator
personal loan calculator
psu calculator
bmi calculator male
budget calculator
tax calculator 2011
gfr calculator
day calculator
ip subnet calculator
fractions calculator
calculate
ratio calculator
tip calculator
weight calculator
mortgage amortization calculator
gst calculator
morgage calculator
mortage calculator
pay calculator
calculating bmi
online calculator free
calculating percentages
exchange rates calculator
texas instruments calculators
math calculator
bmi calculator women
tire calculator
present value calculator
mortgage rate calculator
volume calculator
home mortgage calculator
apr calculator
mortgage calculators
metric conversion calculator
calculator.com
currency converter calculator
trigonometry calculator
calculators
loan amortization calculator
simple interest calculator
car tax calculator
btu calculator
bmi calculation
future value calculator
car calculator
auto payment calculator
auto calculator
parlay calculator
roth ira calculator
college gpa calculator
calculation
currency converter
currency convertor


   5 Comments


  1. Jeffery Hicks
      May 27, 2011

    PowerShell 2.0 has a Test-Connection cmdlet you can use for the ping. Much easier. Getting the computer names from AD is nice. Even easier if you can leverage the Microsoft AD provider or use the free cmdlets from Quest. My last comment regards the CSV formatting. It appears you are spending a lot of time constructing a CSV line. I’d suggest using or creating an object for each entry and then pipe all of them to Export-CSV.

    The more you can incorporate objects and cmdlets, the easier it actually it is to write PowerShell scripts and functions.

    Keep up the good work.

    Jeffery Hicks
    Windows PowerShell MVP
    http://www.ScriptingGeek.com
    http://www.twitter.com/JeffHicks

    Now Available: Managing Active Directory with Windows PowerShell: TFM 2nd Ed.(SAPIEN Press 2011)

    • David Cearlock
        May 27, 2011

      Thank you for the feedback. I am always looking to improve.

  2. Jeffery Hicks
      May 27, 2011

    To start, take a look at Test-Connection with the -Quiet parameter. It returns True/False which makes it easy to use in an If statement.

    If (Test-Connection $computer -Quiet) {
    #connect to computer
    }
    else {
    Write-Warning “Failed to connect to $Computer”
    #add the computer to an error list
    $computer | Out-File Failed.txt -append
    }

  3. Jon Bjerke
      June 3, 2011

    I modified the script incorporating Jeffery’s suggestion.

  4. Christy
      November 9, 2012

    Hi eνeryone, it’s my first go to see at this website, and paragraph is in fact fruitful for me, keep up posting such articles.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Login with Facebook: