1 min read Quickies

Powershell - Get-WinEvent initiated reboots, EventID 1074

Powershell - Get-WinEvent initiated reboots, EventID 1074

EDIT 2022-02-03

Got some nice feedback on improvement and updated the whole script, made it into a function, and improved handling and output.

So, we had a couple of servers being restarted and we needed a quick way to get the information from multiple machines.
So, i came up with this short script to fetch the events from machines eventlog.

You can run it from a machine which has ports open to them, or run it locally. You can add multiple entries to the "$Servers" variable and the script cycle through them and append the out-file with each.

Function Get-ServerRestartInformation{
    [cmdletbinding(SupportsShouldProcess=$True)]
    Param(
        [Parameter(Mandatory=$True)]
        [string[]]$Servers = '',

        [Parameter(Mandatory=$False)]
        $MaxEvents = '',

        [Parameter(Mandatory=$false)]
        $OutFileLocation,

        [Parameter(Mandatory=$false)]
        $OutFileName,

        [Parameter(Mandatory=$true)]
        $DaysBack
    )

    #Set get-winevent parameters and create hashtables
    Begin{
        $Date = (Get-Date).AddDays(-$DaysBack)
        
        $FilterHashTable = @{
            LogName='System'
            StartTime=$Date
            id=1074
        }

        $OutFile = $null
        If(![string]::IsNullOrEmpty($OutFileName) -and ($OutFileLocation)){
            $OutFile = "$OutfileLocation"+"\"+"$OutFileName"+".txt"
        }

        $EventLogInfo = $null
        $EventLogInfo = @{}
        $Events = $null
        $Events = @{}
    }

    #Get events
    Process{
        Foreach($Server in $Servers){
            Try{
                Write-Output "Fetching events for $Server"
                $Events = Get-WinEvent -ComputerName $Server -FilterHashTable $FilterHashTable | FT -AutoSize
                $EventLogInfo = foreach($event in $events){
                    $Event
                }
            }
            Catch{
                Write-Output $_.Exception.message
            }
        }
    }

    #Write-output and create file if used
    End{
        if(![string]::IsNullOrEmpty($OutFile)){
            $EventLogInfo | Out-File -FilePath $Outfile
        }
            Write-Output $EventLogInfo
    }
}

You might also like...

Mar
02
ConfigMgr - Generate ALOT of Applications for testing

ConfigMgr - Generate ALOT of Applications for testing

So, working on my "Delete-RetiredApplications"-tool awoke a new need, i had to have a way to generate applications with
3 min read
Feb
22
ConfigMgr - Test cm client port communications

ConfigMgr - Test cm client port communications

A quick script you can use to test communication between client and server over some typical CM ports. I also
1 min read
Feb
17

CMPivot - Get OS Licens information

This is a quick CMPivot to check device OS license information ComputerSystem | project Device | join SWLicensingProduct | where LicenseStatus == 1 | where
Jan
28

CMPivot - count bios version by model

Got asked if we could see what bios versions were out there, and how many, sorted by model, CMPivot to
Jan
22
ConfigMgr - Phased Deployment using only one Deployment

ConfigMgr - Phased Deployment using only one Deployment

The case was that i setup an IPU TS/Solution using OneVinn's TS Launcher, cause i find it really nice
4 min read