You are using an ad blocker that is interfering with our web typography and internal javascript. Please whitelist our domain to live in a more beautiful world. No ads here, just really great software!

Explore and analyze meaningful Event Log entries on the device and get an overview on the presence of events that happened in the past.

Script Get Event Log

  • Version 1.0.0.0 – Initial release

Script Description

Returns a given number of entries from Windows Event Log and redirects the output to a text file that can be opened directly from the Finder by leveraging a Custom Action.
Useful for troubleshooting issues by analyzing events that occurred in the past.

Execution context and suggested scheduling

Run the script as local system. The script should be executed manually.

A timeout of 120 seconds is recommended.

Parameters

ID Label Description
1 Log Name This can be an Application, System or a custom log name
2 Provider Name The Provider Name registered with the event log as source of entries. Use ‘””‘ (two double-quotes) if you do not wish to use any ‘ProviderName’
3 Severity Level The severity level associated to the entries in the event log. The accepted values are Critical, Error, Warning and Information. When a level is specified, the script returns the events having either that severity level or a higher one. Use ‘””‘ (two double-quotes) if you do not wish to filter on the ‘SeverityLevel’
4 Event ID The ID used to define the uniquely identifiable events that a Windows computer can encounter. Use ‘””‘ (two double-quotes) if you do not wish to filter on the ‘EventID’
5 Output Dir Location where the output file will be created
6 Number Of Events The number of events that the script will return (up to 1000)

Outputs

ID Label Type Description
1 Output File String Full path of the output file

Restrictions

  • Maximum number of collected Windows Event Log entries is limited to 1000

Script Get Number Of Log Events

  • Version 1.0.0.0 – Initial release

Script Description

Returns the number of events that occurred in the last n minutes, categorized by event severity.
Useful for having an overview on the presence of meaningful events in a given time frame.

Execution context and suggested scheduling

Run the script as local system. The script should be executed manually.

A timeout of 120 seconds is recommended.

Parameters

ID Label Description
1 Log Name This can be an Application, System or a custom log name
2 Provider Name The Provider Name registered with the event log as source of entries. Use ‘””‘ (two double-quotes) if you do not wish to use Event Log provider
3 Event ID The ID used to define the uniquely identifiable events that a Windows computer can encounter. Use ‘””‘ (two double-quotes) if you do not wish to filter on the Event ID
4 During Last Minutes Number of minutes indicating the time frame under analysis

Outputs

ID Label Type Description
1 Number of information events Int Number of events with severity “Information” that occurred in the specified time frame
2 Number of warning events Int Number of events with severity “Warning” that occurred in the specified time frame
3 Number of error events Int Number of events with severity “Error” that occurred in the specified time frame
4 Number of critical events Int Number of events with severity “Critical” that occurred in the specified time frame

Content

Remote Actions

Required Modules

Nexthink Act

Platforms

Windows

Compatibility

V6.14 and later
Thank you!