PoShEvents Module

Description

PoShEvents is a PowerShell module for working with Event Logs.

PoShEvents Cmdlets

ConvertFrom-EventLogRecord

This function converts EventLogRecords into human readable output.

Get-GPOProcessingEvent

Queries the specific computer or group of computers for group policy processing events.

Get-KMSClientEvent

This function returns details from KMS client events.

Get-KMSHostEvent

This function queries a KMS host server for registration events.

Get-KMSHostLicenseCheckEvent

This function will search the provider Microsoft-Windows-Security-SPP for KMS Host license checks with Microsoft.

Get-LogonFailureEvent

This function searchs for logon failure events, those events with Ids of 4625 and 4771.

Get-OSVersionFromEvent

This function returns the OperatingSystem version.

Get-PrintDocumentEvent

This function will show you details for the successful print jobs that the system has processed.

Get-RemoteLogonEvent

This function queries the security log for EventIds 4624,4625,4634,4778,4779.

Get-ServiceEvent

This function will query the specified system for all service control manager events for service operations, stop, and start events.

Get-SystemRestartEvent

This function returns the details for system startup and shutdown events.