How to export all System event logs of a definite time period

windows windows-server-2008 windows-event-log powershell windows-server-2003

I am working on a Windows Server 2003 SP2 with Powershell v2, and I am looking for a way to export all System event logs of a definite time period, (say, from Saturday 2000 hours to Sunday 1100 hours).

I can export all existing System logs using Get-Eventlog command to a CSV file, then copy the entries in the said time window. Though, I am looking an easier way to do this with or without using powershell.


Solution 1:

Modify your Get-WinEvent with a filter.

$startTime = get-date "5/22/2012 20:00:00"
$endTime = get-date "5/23/2012 11:00:00"
Get-WinEvent -FilterHashtable @{Logname="System"; StartTime=$startTime; EndTime=$endTime} | Export-CSV -Path c:\temp\output.csv

Related

Google c2dm transient 401 errors on some AWS instances
Enterprise IPv6 Migration - End of proxypac ? Start of Point-to-Point ? +10K users
Track bandwith usage by application
SQL Server 2008 R2 cluster, "available storage" shows "offline"
Apache won't upgrade connection to TLS
Varnish config rules to cache large MP3 and PDF files?
Reset DRAC to factory defaults
Squid causing websocket issues
How to upgrade module located inside initramfs?
Offline WSUS delta updates
Add static route through DHCP
Windows 2003 Terminal Server not responding after reboots