Last active
April 22, 2016 19:04
-
-
Save LawrenceHwang/d2a1205aba55fc9009d80f7a74949abf to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-PSWindowsUpdateLog | |
| { | |
| <# | |
| .Synopsis | |
| Parsing WindowsUpdate.log to objects for easy reporting. Default will retrieve the most recent 100 entires only. | |
| .DESCRIPTION | |
| This function will retrieve and then parse the c:\windows\system32\WindowsUpdate.log on local or remote computers. Using the -all parameter, the full log will be retrieved but this could be lengthy. | |
| .EXAMPLE | |
| PS E:\_PSTemp> Get-PSWindowsUpdateLog -ComputerName localhost | |
| ComputerName : localhost | |
| Date : 2016-04-22 | |
| Time : 07:27:27:348 | |
| ID : 484 | |
| Code : 22e0 | |
| Category : AU | |
| Message : ######### | |
| ComputerName : localhost | |
| Date : 2016-04-22 | |
| Time : 07:27:27:348 | |
| ID : 484 | |
| Code : 22e0 | |
| Category : AU | |
| Message : ## END ## AU: Search for updates [CallId = {FF0D2B2F-11E7-406F-AE97-B2C601CED0B0}] | |
| .OUTPUTS | |
| Custom objects that are actually string array. | |
| #> | |
| [CmdletBinding()] | |
| [outputtype([string[]])] | |
| Param | |
| ( | |
| [Parameter(Mandatory=$true, | |
| ValueFromPipelineByPropertyName=$true, | |
| Position=0)] | |
| [string[]]$ComputerName, | |
| # Log path on remote computers | |
| [string]$WUlogPath ='c$\windows\windowsupdate.log', | |
| # Number of the recent log entries to retrive. Default 100. | |
| [int]$TailLogEntry = 100, | |
| # Get the full log | |
| [switch]$all | |
| ) | |
| Begin | |
| { | |
| [string[]]$result = "" | |
| Write-Verbose -Message "Computer is $ComputerName" | |
| } | |
| Process | |
| { | |
| foreach ($c in $ComputerName) { | |
| try { | |
| Write-Verbose -Message "checking $c" | |
| if ($all){ | |
| $result = get-content -Path "\\$c\$WUlogPath" -ErrorAction Stop | |
| } | |
| else | |
| { | |
| $result = get-content -Path "\\$c\$WUlogPath" -Tail $TailLogEntry -ErrorAction Stop | |
| } | |
| } | |
| catch { | |
| Write-Warning "$c - Unable to get Windows update log." | |
| break | |
| } | |
| foreach ($r in $result){ | |
| if ($r.length -eq 0){ | |
| Write-Verbose 'hitting the blank' | |
| continue | |
| } | |
| else{ | |
| Write-Verbose -Message "checking $r" | |
| $token = $r -split '\s+', 6 | |
| $prop = [ordered]@{ | |
| 'ComputerName' = $c | |
| 'Date' = $token[0] | |
| 'Time' = $token[1] | |
| 'ID' = $token[2] | |
| 'Code' = $token[3] | |
| 'Category' = $token[4] | |
| 'Message' = $token[5] | |
| } | |
| $WULogObj = New-Object -TypeName psobject -Property $prop | |
| $WULogObj.psobject.TypeNames.Insert(0,'PS.WULogObj') | |
| Write-Output $WULogObj | |
| } | |
| } | |
| } | |
| } | |
| End | |
| { | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment