0
0
PowerShellscripting~30 mins

Event log reading in PowerShell - Mini Project: Build & Apply

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Event log reading
📖 Scenario: You are a system administrator who needs to check recent events on a Windows computer to understand system behavior and troubleshoot issues.
🎯 Goal: Build a PowerShell script that reads the Windows event log, filters events by a specific event ID, and displays the filtered events.
📋 What You'll Learn
Create a variable with the name logName and set it to the string 'System'.
Create a variable with the name eventId and set it to the number 6005.
Use Get-WinEvent with a filter hashtable to get events from logName with the specified eventId.
Store the filtered events in a variable called filteredEvents.
Print the filteredEvents variable to display the events.
💡 Why This Matters
🌍 Real World
System administrators often need to check event logs to diagnose system problems or monitor system health.
💼 Career
Knowing how to read and filter event logs is a key skill for IT support, system administration, and cybersecurity roles.
Progress0 / 4 steps
1
Set the event log name
Create a variable called logName and set it to the string 'System'.
PowerShell
Need a hint?

Use = to assign the string 'System' to the variable logName.

2
Set the event ID to filter
Create a variable called eventId and set it to the number 6005.
PowerShell
Need a hint?

Assign the number 6005 to the variable eventId.

3
Get filtered events from the event log
Use Get-WinEvent with a filter hashtable to get events from logName with the specified eventId. Store the result in a variable called filteredEvents.
PowerShell
Need a hint?

Use -FilterHashtable @{LogName=$logName; Id=$eventId} to filter events.

4
Display the filtered events
Print the variable filteredEvents to display the filtered event log entries.
PowerShell
Need a hint?

Simply type the variable name $filteredEvents to print its contents.