Eventlog and Powershell

Search the eventlog in powershell (the engine is somewhat slow..)

get-eventlog -LogName System -newest 1 -entrytype "error" |fl

Create a script to send you the logs you need by email

# -------------------------------------
# Powershell script to send an e-mail through the Event Viewer
# -------------------------------------
#
# To test this script you can use Powershell to write your own test error log entry in the following way:
# -------------------------------------
# New-EventLog –LogName Application –Source "Test"
# Write-EventLog –LogName Application –Source "Test" –EntryType Error –EventID 1 –Message "This is a test message."
 
$event = get-eventlog -LogName System -newest 1
#get-help get-eventlog will show there are a handful of other options available for selecting the log entry you want.
#example: -source "your-source"
 
# "Error" - send only error
if ($event.EntryType -eq "Error")
{
    $PCName = $env:COMPUTERNAME
    $EmailBody = $event | format-list -property * | out-string
    $EmailFrom = "$PCName <test@test.no>"
    $EmailTo = "test@test.no" 
    $EmailSubject = "New Event Log [System]"
    $SMTPServer = "server.mail.protection.outlook.com"
    Write-host "Sending Email"
    Send-MailMessage -From $EmailFrom -To $EmailTo -Subject $EmailSubject -body $EmailBody -SmtpServer $SMTPServer -UseSsl -Port 25
}
else
{
    write-host "No error found"
    write-host "Here is the log entry that was inspected:"
    $event
}

Schedule the script

The featured image in this article was computer generated using Dall-E

“DALL·E 2 is a new AI system that can create realistic images and art from a description in natural language”

Check it out at https://openai.com/dall-e-2/

More articles

Dynamic botnet filter

We can utilize dynamic botnet filters on firewalls and specific services can be called upon dynamically. On Github there are several

Read More »