Get Windows Event Log Data
Retrieve information from Windows Event Logs (according to a filter you define) and place it into a new or existing variable.
What are Windows Event Logs?
Any time your computer is running, Windows works in the background to monitor and log application and system messages – errors, warnings, and information. Windows Event Logs are the ongoing records of all these messages.
Windows maintains several different logs for tracking information from different sources (Windows components, software, hardware, etc.) To take a look at any or all of them, head to the Windows Event Viewer simply by typing event viewer from the Windows Start Menu. From the left column, choose the event log you wish to see.
These are the same event logs you can query using the Get Windows Event Log Data advanced command.
/Advanced Commands_182.png)
/Advanced Commands_183.png)
-
Define the filter for the events you would like to retrieve:
-
Name of the log to query
-
Time during which the events were logged
-
(Optional) Source of the event logged (i.e., the program or component that caused the event)
-
(Optional) Significance level of the event logged
-
(Optional) Free text filter
-
-
Enter the name of the variable into which you'd like to place the results.
-
Instruct the wizard how to handle any errors encountered. Read more about error handling.