Hello,
I need to evaluate many machines across a network to determine what is causing slow boot times. I came across this: http://www.happysysadm.com/2014/07/windows-boot-history-and-boot.html and thought I could figure out how to pass a list of computer names (.txt or .csv) using Get-Content to then generate a report of boot durations. I’m new to Powershell and just purchased “Learn Windows PowerShell in a Month of Lunches”. Would this be the best approach for this task?
Yes it would.
I just happened to look at the help for get-wineventlog and saw Example 4 that do what you want.
PS C:\>ForEach-Object ($Server in $S) {$Server; Get-WinEvent -ListLog "Windows PowerShell" -Computername $Server}
In your case it might look like :
PS C:\>ForEach-Object ($Server in $S) {$Server; Get-WinEvent -Microsoft-Windows-Diagnostics-Performance }
I hope that helps
Wei-Yen,
Thank you for replying. I’ve attempted the following:
#get machine names
$MachineNames = Get-Content "\path of text file containing list\file.txt"
#array to store WinEvents
$WinEvents = @()
#loop through list of computers to get WinEvents
foreach ($machine in $MachineNames)
{
$WinEvents = $machine; Get-WinEvent -ComputerName $machine -FilterHashTable @{logname = "Microsoft-Windows-Diagnostics-Performance/Operational"; id=100}
}
That portion retrieves data as expected. How would I process each event for each machine in the list and export to a text or csv file for reporting? I’m working towards using SQL as recommended here: https://powershell.org/forums/topic/retrieve-event-logs-for-boot-time/ but I’m just learning Powershell.
The script in the first post works great if you are running on your local machine. I’m trying to figure out how to make it work on multiple machines. I think I should build separate functions to get machine names, get winevents, process events, and pipe to export data. Or Maybe keeping everything in a single script works too? Am I on the right track?
Hi flipt,
So sorry for replying late.
However I have a bit of time to reply. If you were going to do this in a term of a script I would use it the way that I am going to describe below…
The way to do is to make use of objects and adding it to a collection. Check out the following code:
#get machine names
$MachineNames = Get-Content "\path of text file containing list\file.txt"
#array to store WinEvents
$WinEvents = @()
#loop through list of computers to get WinEvents
foreach ($machine in $MachineNames)
{
$event = Get-WinEvent -ComputerName $machine -FilterHashTable @{logname = "Microsoft-Windows-Diagnostics-Performance/Operational"; id=100}
$prop = @{
'machine' = $machine
'winevent' = $event
}
$object = New-Object -TypeName psobject -Property @prop
$WinEvents += $object
}
$Winevents | Export-csv $path
Essentially I am keeping whatever you have written in the loop. However what I am doing is creating a hash table with all my properties that I want as hash table (in $props). This goes into each loop and then out of each hashtable I add that to an object.
Once I add that to an object I then add that to a collection. Once its in a collection its in a format that you can export to a CSV.
I hope that it makes sense…if you have any further questions let me know if I can help.