I am using the following code to export errors and warnings from all event logs into one text file. It works but is very slow and some of the messages are truncated. I wondered if there was a more efficent way of coding it. I'm new to powershell so would appreciate your thoughts or ideas.
$Logs = Get-Winevent -ListLog *
foreach ($Log in $Logs) {
Get-WinEvent -LogName $Log.LogName -ErrorAction SilentlyContinue | ?{$_.Level -eq 1 -or $_.Level -eq 2 -or $_.Level -eq 3} | Sort-Object ProviderName, TimeCreated -descending | Out-String -Width 1000 | Format-Table -AutoSize | Tee-Object -file "c:\common\logs\Eventlog_Export.log" -Append
}
This took me about 30 seconds. You can filter by date too.
$Logs = Get-Winevent -ListLog *
foreach ($Log in $Logs) {
Get-WinEvent -filterhashtable @{logname = $Log.LogName; level=1,2,3} -ErrorAction SilentlyContinue |
select LogName,TimeCreated,Id,LevelDisplayName,Message |
export-csv -append log.csv
}
level=1,2,3 doesn't work over invoke-command for some reason.