January 25, 2019

good bye Get-EventLog

when retrieveing logs especialy from remote computers performance is deffinetly a big matter. With Get-EventLog you may have to wait very long time just because you want to read some logs happened in a small time frame. I am not going to discuss here the reasons for that and in any way; Microsoft is recommending to use Get-WinEvent instead as decleared here.

What I want to point here, is the powerfulness of combining the command Get-WinEvent with the -FILTERHASHTABLE as that will enhance your search result and let you filter your result more accurately. In my next artickle I am showing some examples I use combining Get-WinEvent with the -FILTERHASHTABLE. Feel free to explore here



