View Event Log Status in Windows PowerShell

View Event Log Status in Windows PowerShell

Q: How can I quickly see the state of the key Windows Event Log configurations and number of events by using Windows PowerShell?

A. The Get-EventLog cmdlet has a -List parameter that shows each event log, its maximum size and overflow action, and the number of entries currently in the log. See my example below, where entering the cmdlet returns the output beneath it:

PS C:\> Get-EventLog -List 

 Max(K) Retain OverflowAction        Entries Log                                                                           
  ------ ------ --------------        ------- ---                                                                           
     512      7 OverwriteOlder             149 ACEEventLog                                                                   
  20,480      0 OverwriteAsNeeded      	38,796 Application                                                                   
  20,480      0 OverwriteAsNeeded            0 HardwareEvents                                                                
     512      7 OverwriteOlder               0 Internet Explorer                                                             
  20,480      0 OverwriteAsNeeded            0 Key Management Service                                                        
  15,360      0 OverwriteAsNeeded      	12,655 Operations Manager                                                            
  20,480      0 OverwriteAsNeeded      	36,084 Security                                                                      
  20,480      0 OverwriteAsNeeded      	23,408 System                                                                        
  15,360      0 OverwriteAsNeeded      	18,305 Windows PowerShell




 

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish