sample

Get-WinEvent -FilterHashtable @{Path=”C:\Windows\System32\Winevt\Logs\security.evtx”;ID=4624,4634,4647;data=”test”,”administrator”} | % {
New-Object PSObject -Property @{
MachineName = $_.MachineName
EventID = $_.ID
TimeCreated = $_.TimeCreated
User = $_.Properties[5].Value
Domain = $_.Properties[6].Value
WorkstationName = $_.Properties[11].Value
Keywords = $_.KeywordsDisplayNames -join “;”

}
}
Select MachineName,TimeCreated,User,Domain,EventID,WorkstationName,Keywords,message | ft

http://www.guidingtech.com/67372/common-android-problems-solutions/?utm_source=More%20Posts%20Section&utm_medium=Post%20Snippets&utm_campaign=Testing%20More%20Posts

Advertisements