Minimum ITScripts engine version required: 220.127.116.11
Modifies the target machine: No
Name: Get System Events
Outputs: CSV file of recent System Events
Purpose: Gather event logs from target systems
Script Version: 18.104.22.168
Target Type: Any
This script will get the last 10 events from the System Events on the target machine. Although no inputs are required, this script can be modified to get more than the last 10 events, or to pull from other Event logs like "Security". The script begins by detecting the OS of the target as access to the Event Viewer has changed on newer OSs. Using the WMI Get-WinEvent object the script collects the events from the target and writes them to a CSV file viewable in the ITScript Results view.
Possible OpsMon status include:
"Get-WmiObject failed. Machine may be offline."
"Log `'$eventlogname`' does not exist"
"Log `'$eventlogname`' on machine `'$ST_ComputerName`' contains zero entries"
"Error retrieving events"
Pre-Vista machines require the script to be run as a domain credential where newer OSs allow event logs to be accessed as a local admin credential.