How to obtain all the Windows events log entries generated by Landesk during the current day using PowerShell

Version 4
    INTRODUCTION

     

    Sometimes for debugging purposes we need to obtain the events logged in the Windows Event Log generated by LANDesk.

    Obviously the Windows Event Log is not only used by LANDesk and if we want to exact only the LANDesk event generated in the current day this can be difficult using the GUI.

    The following script, written for PowerShell v2, simplifies the task and will print all the events generated by LANDesk in the current day

     

    THE SCRIPT

     

    $LDEventProviders=(get-winevent -listlog Application).providernames | where { $_ -match 'landesk'}
    foreach ($LDEventProvider in $LDEventProviders)
    {
    Write-Host -ForegroundColor DarkRed -nonewline "Event Provider: "
    Write-Host -ForegroundColor Green  $LDEventProvider
    Get-WinEvent -ea SilentlyContinue `
    -FilterHashtable @{ProviderName= $LDEventProvider; 
    LogName = "application"; StartTime = [datetime]::today}
    }
    

     

    NOTES

     

    This script has been tested only under PowerShell v2 and it is given AS IS without implied or expressed warranties. Use if as your own risk.

    The script is not signed so to run it you may need to sign it or to allow unsigned script to run in your PowerShell using the cmdlet Set-ExecutionPolicy.

    Example: set-executionpolicy -executionPolicy Unrestricted

    Setting a too permissive execution policy can represent a security risk. The old times when everyone was able to run every kind of scripts and batches is far away now.

    To have more information about the PowerShell script signing process you can refer to the Microsoft article http://go.microsoft.com/fwlink/?LinkID=113394  or this article that I wrote: http://community.landesk.com/support/docs/DOC-25237