Analyzing (All) Event Log Entries

by ps1Jun 22, 2015

You probably know Get-EventLog. This cmdlet can dump all entries from a given event log:

Get-EventLog -LogName System

However, Get-EventLog can only query one event log at a time. So if you wanted to find all errors in all event logs, you would create a loop and know the event log names.

Here is a simple trick that queries all event logs in one line:

Get-EventLog -List |
  Select-Object -ExpandProperty Entries -ErrorAction SilentlyContinue |
  Where-Object { $_.EntryType -eq 'Error' }

ReTweet this Tip!

Analyzing (All) Event Log Entries

Tags