$types = (Get-WinEvent -ListLog *).LogName
$start = Get-Date 10/08/2017
$end = Get-Date 11/08/2017
ForEach ( $type in $types )
{
Get-WinEvent -FilterHashtable @{logname=$type;StartTime=$start;EndTime=$end} | Export-clixml "c:\Backup\$type.xml"
}
Output only in CSV of XML
--------------------------------------------------------------------------------------------------------------------------
Non Time based:
$types = wevtutil el
ForEach ($type in $types)
{
wevtutil epl $type C:\Backup\$type.evtx
}
Output is in evt or evtx
--------------------------------------------------------------------------------------------------------------------------
$start = Get-Date 10/08/2017
$end = Get-Date 11/08/2017
ForEach ( $type in $types )
{
Get-WinEvent -FilterHashtable @{logname=$type;StartTime=$start;EndTime=$end} | Export-clixml "c:\Backup\$type.xml"
}
Output only in CSV of XML
--------------------------------------------------------------------------------------------------------------------------
Non Time based:
$types = wevtutil el
ForEach ($type in $types)
{
wevtutil epl $type C:\Backup\$type.evtx
}
Output is in evt or evtx
--------------------------------------------------------------------------------------------------------------------------
