PoShEvents Module
Description
PoShEvents is a PowerShell module for working with Event Logs.
PoShEvents Cmdlets
ConvertFrom-EventLogRecord
This function converts EventLogRecords into human readable output.
Get-GPOProcessingEvent
Queries the specific computer or group of computers for group policy processing events.
Get-KMSClientEvent
This function returns details from KMS client events.
Get-KMSHostEvent
This function queries a KMS host server for registration events.
Get-KMSHostLicenseCheckEvent
This function will search the provider Microsoft-Windows-Security-SPP for KMS Host license checks with Microsoft.
Get-LogonFailureEvent
This function searchs for logon failure events, those events with Ids of 4625 and 4771.
Get-OSVersionFromEvent
This function returns the OperatingSystem version.
Get-PrintDocumentEvent
This function will show you details for the successful print jobs that the system has processed.
Get-RemoteLogonEvent
This function queries the security log for EventIds 4624,4625,4634,4778,4779.
Get-ServiceEvent
This function will query the specified system for all service control manager events for service operations, stop, and start events.
Get-SystemRestartEvent
This function returns the details for system startup and shutdown events.