Evaluating Windows Application log

I am trying to evaluate the Windows Application log. Specifically Source = Windows Backup. I am running the following Script which produces the results I am looking for.

$q = get-eventlog -logname application -source 'windows backup' -newest 1
$q | select-object -property entrytype, instanceid

This produces the desired results:

Now what I need to do is evaluate if Entrytype is anything other than "Information" or if InstanceID is anything other than "4098". If either evaluation is true then I send an email to myself to investigate. How do I do that evaluation? I already know how to send the email. Any help would be appreciated.

when it comes to evaluation, your friend should be If ( this ) {action}

$q = get-eventlog -logname application -source 'edgeupdate' -newest 1
if ($q.EntryType -like "Information"){
Write-Host "do whatever action"}

3 Replies

farismalaeb
Iron Contributor
Nov 08, 2020
philp1300
when it comes to evaluation, your friend should be If ( this ) {action}

$q = get-eventlog -logname application -source 'edgeupdate' -newest 1 if ($q.EntryType -like "Information"){ Write-Host "do whatever action"}
- philp1300
  Copper Contributor
  Nov 08, 2020
  ok thanks I think I can work with that.
  - farismalaeb
    Iron Contributor
    Nov 08, 2020
    philp1300
    Please click on the best response and give a like to mark this question as done.
    Thanks

Forum Discussion

Evaluating Windows Application log

3 Replies

Resources