When you display log entries with Get-WinEvent, you may see some empty lines with only three dots. This happens because the first line of the message is empty, and Windows wants to show that there is more data after this empty line. To see the whole message, pipe your events to the Format-List cmdlet.
In my last post, I showed you how to display and find specific events with the Get-WinEvent cmdlet. Whereas you can filter event messages easily with the Where-Object cmdlet, using the Data key from the FilterHashtable parameter is much faster. Contents of this article – Measuring the speed difference – Raw data structure of an […]
Searching in the event log is one of the most common tasks of a system administrator. With the help of the Get-WinEvent PowerShell cmdlet, you can easily display the Windows events that interest you. Content of this article: All available logs Events of a specific event log All events one page at a time A […]
itluke.online 