Get-EventLog -Log "Microsoft-Windows-Ntfs/Operational" fails with "does not exist"

Get-EventLog only sees this

> get-eventlog -List

  Max(K) Retain OverflowAction        Entries Log
  ------ ------ --------------        ------- ---
  20’480      0 OverwriteAsNeeded      18’888 Application
  20’480      0 OverwriteAsNeeded           0 HardwareEvents
     512      7 OverwriteOlder              0 Internet Explorer
  20’480      0 OverwriteAsNeeded           0 Key Management Service
  15’360      0 OverwriteAsNeeded      19’094 Operations Manager
                                              Security
   8’192      0 OverwriteAsNeeded       7’012 Symantec Endpoint Protection Client
  20’480      0 OverwriteAsNeeded     102’800 System
  15’360      0 OverwriteAsNeeded      14’144 Windows PowerShell

In addition, the documentation also states

Get-EventLog uses a Win32 API that is deprecated. The results may not be accurate. Use the `Get-WinEvent? cmdlet instead.

Thus use Get-WinEvent, which works fine:

Get-WinEvent -LogName "Microsoft-Windows-Ntfs/Operational"


   ProviderName: Microsoft-Windows-Ntfs

TimeCreated                     Id LevelDisplayName Message
-----------                     -- ---------------- -------
21.06.2021 01:24:48            142 Information      Summary of disk space usage, since last event:...
21.06.2021 01:24:38            142 Information      Summary of disk space usage, since last event:...
21.06.2021 01:24:38            142 Information      Summary of disk space usage, since last event:...
20.06.2021 01:24:44            142 Information      Summary of disk space usage, since last event:...

Get-EventLog -Log "Microsoft-Windows-Ntfs/Operational" fails with "does not exist"

Related

Recent Posts