PowerShell has a terrific cmdlet in Get-Eventlog that makes it easy to find information in a system's event log. Since different systems may have different event logs, one of the first commands you'll want to use is this.
To get you started, here are five examples to type at the PS prompt type:
- get-command
- get-command *event
- get-Eventlog system
- get-Eventlog system -newest 100
- get-Eventlog system -newest 100 | where {$_.eventid -eq 20}
- get-eventlog -list
- get-eventlog powershell -newest 5 |format-list
- get-eventlog System -newest 5 |where {$_.EventID -eq 7036}
- $logs=get-eventlog System |where {$_.EventID -eq 7036}
