En esta nota vamos a listar y exportar solo los Events ID con error usando PowerShell.
Detalles:
Host type: Virtual Machine
Operating System:
Windows Server 2016
Type: Domain
Controller
Rol: ADDS
Aclaración:
Estaremos usando lo marcado en rojo de la consola de
Event Viewer.
Application
Get-WinEvent -Filterhashtable @{logname="application";level=2}
-MaxEvents 10
System
Get-WinEvent
-Filterhashtable @{logname="system";level=2} -MaxEvents 10
Exportar a txt
Get-WinEvent -Filterhashtable
@{logname="system";level=2} -MaxEvents 10 > c:\tmp\system.txt
DFS
Replication
Get-EventLog -LogName 'DFSR
Replication' -EntryType error -Newest 10 | select entrytype,eventid,source, timegenerated >
c:\tmp\dfsr.txt
Directory Service
Get-EventLog -LogName 'Directory
Service' -EntryType error -Newest 10 | select
entrytype,eventid,source, timegenerated > c:\tmp\ds.txt
DNS Server
Get-EventLog -LogName 'DNS Server'
-EntryType error -Newest 10 | select entrytype,eventid,source,
timegenerated > c:\tmp\dns.txt
Microsoft-Windows-GroupPolicy/Operational
Get-WinEvent -Filterhashtable @{logname="Microsoft-Windows GroupPolicy/Operational";level="2"} -MaxEvents 10 | select leveldisplayname,id,timecreated > c:\tmp\gpo.txt
Cuando no
encuentra ninguno con error muestra de la siguiente manera
Get-Event Log
Get-WinEvent
Reading from the Event Log
Event types