PowerShell: Search event log for text

Display Events with a particular Text

Administrators often have to stifle through Windows logs to troubleshoot problems with their systems or applications. However, manually going through heaps of system log information to find out the root cause of an event can be quite laborious.
 
However, with the help of the following PowerShell script, one can provide the text to search for as a parameter and display all the events that contain the text. 

Script

<#
.SYNOPSIS
This powershell script can be used to display events with a particular text.
.DESCRIPTION
This script can be used to display events with a particular text.
.EXAMPLE
C:\PS> C:\Script\Event_Log_Text.ps1 Bluetooth
Displays events containing bluetooth in its message.
#>
#Check if the event’s message matches with the given word.
param([String] $word)
Get-EventLog System | Where-Object { $_.Message -match $word }

 

Post navigation


    • Related Articles

    • Powershell Script to Find and Replace Text in a File

      To find and replace a particular word throughout a file on multiple computers is as laborious as one can imagine. However, with the help of the following PowerShell script, one can easily find a particular word and replace it with a word of choice.   ...

    • Display the Parent Process of a given Process

      The Get-Process command in PowerShell is a well-known cmdlet to return basic process information. However, what it does not return is the parent process of a particular process. With the following script, one can find out the parent process of a ...

    • Display maximum and minimum FreeSpace in a logical disk

      It is paramount for IT admins to check the available disk space in a particular system before pushing out an update or installing an application. However, to do so at scale can be intimidating, as it can quickly get out of hand.   With the following ...

    • Display the most recent error messages in the system logs

      Administrators often have to stifle through Windows logs to troubleshoot problems with their systems or applications. However, manually going through heaps of system log information is laborious. The following PowerShell script, when executed, will ...

    • Monitoring Active Directory Group Membership Changes

      For security reasons, users in an Active Directory (AD) network would be put in groups, and they will be granted or denied certain privileges according to the groups they belong to. This is done so that users do not have unnecessary access to ...