Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ## Show possible event ids per event log provider
- Get-WinEvent -ListProvider * | Where-Object Events -ne $null | ForEach-Object `
- {
- $provider = $_
- ForEach( $event in $provider.events )
- {
- [int]$propertyCount = $null
- [string[]]$propertyNames = @()
- if( $event.PSObject.Properties[ 'template' ] -and $event.Template )
- {
- [xml]$template = $event.Template
- if( $template )
- {
- $propertyCount = $template.template.data.count
- $propertyNames = @( $template.template.data | Select-Object -ExpandProperty Name )
- }
- }
- Select-Object -InputObject $event -Property @{n='Provider';e={$provider.Name}},
- @{n='Log';e={$_.LogLink.LogName}},
- @{n='Id';e={$_.Id}},
- @{n='Properties';e={$propertyCount}} ,
- @{n='PropertyNames';e={ $propertyNames -join ',' }} ,
- @{n='Message';e={$_.description}}
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
