Get all events from a period of time

Sometimes when troubleshooting a problem, all you have to go on is an approximate time it happened (for instance, a report that a service was running slowly).  Going through all of the event logs by hand can be time consuming, but luckily, PowerShell can do that for you!

I ran into this scenario this morning, so the times on my snippet will reflect that:

I've multi-lined it to make it more readable.  Basically, it's getting a list of all of the Event Logs that PowerShell has access to, then expanding that list (so I get a list of strings rather than objects), and passing it to foreach.  Then, I can pass the current log name to Get-EventLog using the current-item variable $_, and tell it that I want to see what happened between the -After and -Before times.

Note: if you don't run this as Administrator, you'll get an access denied error when it tries to read the Security log; however, if you don't suspect what you need is in there (it probably isn't), this is actually a good thing as Security can be rather noisy without much useful information.

New bear in town

PowerShell.  It's the darling language of Microsoft now, and I've been working with it for a couple of years at this point.  With it, you can automate all manner of Microsoft products, from desktops and servers, to Exchange, to website creation with IIS, to just about anything you put your mind to.  It's an incredibly powerful .NET language that is also incredibly easy to use.  But, if you're here, you probably already know that.

So, where do I fit in?  I'm just another scripting monkey (or bear, as the case may be), right?  There are lots of tech writers out there who cover just about every aspect of the language already, so why do I need to chip in?  Really, because I want to, that's why.  Maybe I'll bring a unique perspective to the table, which someone finds valuable.

Regardless of what that is, I'll be writing about the things I find, the things I try, and the things I enjoy.  I'll write about PowerShell itself, as well as technologies that hinge on it, such as Exchange, Lync, Active Directory, and whatever I'm playing or working with this week.  As a more or less solo SysAdmin, I get a chance to play with a lot of different things, and the first thing I ask when trying something new is "How would I do this in PowerShell?"  When I answer that question, I'll post about what I figure out.

I hope this is a journey that we'll all be able to enjoy and learn from.