Question
I need a query that returns the SourceName, Logfile, EventIdentifier, Type, NumberOfEvents from Win32_NTLogEvent where NumberOfEvents is the number of events that share common SourceName, LogFile and EventIdentifier (I am not sure about Type). I would like to use the query in a PowerShell script using Get-CimInstance.
Other solutions to the same problem that can be used in PowerShell is also much appreciated!
Solution
Try following:
https://stackoverflow.com/questions/15865395
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian$Logs = Get-WmiObject -class Win32_NTLogEvent -filter "(logfile='Application')"
Write-Host $logs
of course, filter you can change. If you prefer other "format" of result you can for example to something like:
$Logs | Format-Table EventCode, EventType, Message -auto
UPDATE: I just read your question again :) To do grouping just invoke:
$logs | Group-Object Type,LogFile,EventCode
