I am working on a PowerShell script that will monitor a list of servers every minute and trigger on a specified event. While my script isn't completed, this is what I have so far;
$TimeAgo = (Get-Date).addMinutes(-1)
$servers = "server1","server2","server3","server4"
foreach ($server in $servers)
{
$events = Get-EventLog application -computername $server -after $TimeAgo
foreach ($event in $events)
{
$event
}
}
The foreach is doing it's job, I can see events from "server1" populate the screen, but then it locks up. It never quits server1 and it never moves onto server2.
Any ideas on what's going on?
For debugging, this works if I run it locally on the server:
$TimeAgo = (Get-Date).addMinutes(-1)
Get-EventLog application -after $TimeAgo
It's when -ComputerName is introduced that I get a blinking cursor and it does not move onto the 2nd server in the list.
Edit: It is working, it just takes about 6-7 minutes to complete the first server. This won't be ideal if I want to scan every minute.
Try using the -newest parameter and then look at the results for new events. The -after parameter parses the whole log. You can test times with measure-command for comparison.
measure-command {get-eventlog application -comp server1 -after (get-date).addminutes(-1))}
measure-command {get-eventlog application -comp server1 -newest 1}
On a remote server here the -after took 45 seconds and the -newest took 195 milliseconds.