Pregunta

I am writing a PowerShell Script that counts the number of 4624 EventIDs in a given day, but I am getting lost when I go to group the information by date. Is there anyone who could help me out? My output should have the date and the number of Logins for that day and nothing more.

Here is my Code:

Get-EventLog "Security" -Before ([DateTime]::Now) |
    Where -FilterScript {$_.EventID -eq 4624}
¿Fue útil?

Solución

Try this:

Get-EventLog Security -Before ([DateTime]::Now) | 
    Where {$_.EventID -eq 4624} | 
    Group @{e={$_.TimeGenerated.Date}} | 
    Sort Count -desc

The Group-Object command allows you to specify an expression for the property to group on. In this case you want to group on the date part of the DateTime. Also note that it is unnecessary to quote arguments unless they contain space or special characters like ;, @, {, $ and (.

Licenciado bajo: CC-BY-SA con atribución
No afiliado a StackOverflow
scroll top