6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"search in saved eventlog-file with powershell\",\"text\":\"

I have got some saved eventlogfiles (*.evtx).\\nI want to search the ml-data for a specific textstring.

\\n\\n

I found this solution for the current system eventlog:

\\n\\n

Get-EventLog -LogName APPLICATION -After 04/01/2018 | Where-Object { $_.Message -like '*AVAST*' }\\n

\\n\\n

Is it possible to search a saved eventlog file with this string?

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"Thomas Lang\"},\"upvoteCount\":1,\"answerCount\":1,\"acceptedAnswer\":null}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","powershell",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/powershell/1","children":"powershell"}]}],["$","span","filter",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/filter/1","children":"filter"}]}],["$","span","event-log",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/event-log/1","children":"event-log"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/f6c65abe5c42776eff3cb089a06966e6?s=256&d=identicon&r=PG","alt":"Thomas Lang","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/2378281/thomas-lang","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Thomas Lang"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",231]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"search in saved eventlog-file with powershell"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

I have got some saved eventlogfiles (*.evtx).\nI want to search the ml-data for a specific textstring.

\n\n

I found this solution for the current system eventlog:

\n\n

Get-EventLog -LogName APPLICATION -After 04/01/2018 | Where-Object { $_.Message -like '*AVAST*' }\n

\n\n

Is it possible to search a saved eventlog file with this string?

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",1]}],["$","p",null,{"children":["Views: ",4497]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",1,")"]}],[["$","div","52326019",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/f4f25183b46e274d2be38edb32a95531?s=256&d=identicon&r=PG&f=y&so-version=2","alt":"Nas","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/10307035/nas","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Nas"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",1263]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

Use the Get-WinEvent cmdlet,

\n\n

Get-WinEvent -Path C:\\file.evtx | Where-Object { $_.Message -like '*AVAST*' }\n

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",1]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","60297393",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/60297393","className":"text-blue-600 hover:underline","children":"Powershell Get-EventLog find event with the matching string in its message"}]}],["$","li","60287802",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/60287802","className":"text-blue-600 hover:underline","children":"Most efficient way to search event log messages"}]}],["$","li","56083896",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/56083896","className":"text-blue-600 hover:underline","children":"Powershell script to filter Windows Event Logs"}]}],["$","li","55341775",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/55341775","className":"text-blue-600 hover:underline","children":"Is there a way to filter Eventlog dynamically?"}]}],["$","li","47631674",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/47631674","className":"text-blue-600 hover:underline","children":"Filter EventLog based on date"}]}],["$","li","37053370",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/37053370","className":"text-blue-600 hover:underline","children":"Working with Windows Event Logs in PowerShell"}]}],["$","li","17195184",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/17195184","className":"text-blue-600 hover:underline","children":"How to set up Powershell where-object for filtering EventLog"}]}],["$","li","15443434",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/15443434","className":"text-blue-600 hover:underline","children":"Powershell Get-Eventlog Filter by Time"}]}],["$","li","13305331",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/13305331","className":"text-blue-600 hover:underline","children":"Use PowerShell to filter Event Logs and export to CSV"}]}],["$","li","10213451",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/10213451","className":"text-blue-600 hover:underline","children":"Powershell: filtering event logs"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

search in saved eventlog-file with powershell

Answers (1)

Related Questions