This article describes using PowerShell to read system logs, which can be filtered by a number of factors, such as journal name, log type, and time. A cmdlet called Get-eventlog is available in PowerShell that can be used to read system logs.
Run this Get-eventlog cmdlet and try:
Copy Code code as follows:
PS c:\users\zhanghong> Get-eventlog-logname System
Oh! If you feel like you've been hurt by a small, cmd window has been rolling non-stop, then press CTRL + C to stop it first. Then I explain that this happens because you have too much system log content. But if you are patient enough, you can always wait, it will always output and stop.
Well, if we're going to look at the logs like this, we'd rather die, wouldn't we?! So what to do, filter it. For example, I just want to see the error log in the system log.
Copy Code code as follows:
PS c:\users\zhanghong> get-eventlog-logname System-entrytype Error
Is it a little less than before? Oh, if you say your results are too much to see, the screen rolls endlessly. Then we'll sift through it further. For example, just look at today's error log. The current date of the Hongo is 2013-9-18, and that's what my order says:
Copy Code code as follows:
PS c:\users\zhanghong> get-eventlog-logname system-entrytype error-after 2013-9-18
There's not a lot of records. If it's really a lot of error logs, is it time to redo your system? Well, don't learn PowerShell, first redo the computer.
OK, about using PowerShell to read the system log, this article introduces so much, as to read out what use, uh, you say?