Using Powershell to generate eventviewer statistics and event exports

During FIM health checks we need to have a good overview of the event viewer on the FIM Servers.
In almost any case the event viewer is a good measure of the server’s health.

The more red and yellow you see, the more errors and warnings, the more work you’ll have to get your server in a healthy state.

First goal is to have a general temperature of the health.
Second goal is to have the details to fix the issues.

I’ve created a Powershell to analyse the event viewer logs.

Instead of posting the Powershell in this blog, I’ve published it on TechNet Gallery, over here:

https://gallery.technet.microsoft.com/Powershell-Event-log-ab0ded45

There is a companion Wiki article with some guidance and configuration manual.

http://social.technet.microsoft.com/wiki/contents/articles/32204.powershell-event-viewer-statistics.aspx

In short, the Powerscript below is a modular script that offers following functions:

  • display the event log properties
  • analyse number of events per category
  • analyse number of events per severity
  • overview of error events with source, severity and sample message
  • detailed list of last event per eventID

You can configure the script:

  • choice of event logs
  • history length (period of events to report on)
  • enable/disable logging
  • enable/disable result export to file

 

Before you start

  • validate your script execution policy
  • copy the script to a separate folder where you can execute the script
  • validate the script parameters

Script configuration parameters

  • $enableLogging
    • $TRUE = create a transcript of the script during run (does not work in ISE)
    • $FALSE = do not create a verbose log
  • $ExportEnabled
    • $FALSE = do not export the result to file
    • $TRUE = export the results, statistics and event details to file
  • $EventLogList
    • Default: ‘System’,’Application’,’Setup’,’Forefront Identity Manager’,’Forefront Identity Manager Management Agent’
  • $startdate
    • Defines from which point in time the event logs must be analysed
    • HINT: on a system with a large size of event logs, it’s advised to limit the history to x days or x weeks. A large volume event log will impact the usage of script memory.

I’m more than happy if you would test the script and provide me feedback to improve the script.

 

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s