Hello,
I would like to be able to extract all hardware events/change info from win2k12 r2. I need to know when any system component is removed/added, etc. I have extracted the hardware related event providers but if anyone can share how they extract all of that type of hardware information I would greatly appreciate that. Then I will create custom alerting so that we will automatically be alerted if some hardware component changes.
Best regards,
Jason
The event providers are meant to be your point of call for this data. Doubtless they get their data directly from some Win32 API – that’s largely beyond the scope of PowerShell code and well into C# and .NET implementations. That said, if you could figure out what they were doing to pull that data, you absolutely could drop the C# code into a PowerShell script or a custom .dll and interact with it from PS, but I would be expecting a significantly greater degree of difficulty with pulling the raw data here than with most PS operations.
The event providers exist for a reason – generally because interfacing directly with that data is going to be a major pain.