ConvertFrom-EventLogRecord
SYNOPSIS
This function converts EventLogRecords into human readable output.
SYNTAX
ConvertFrom-EventLogRecord [-Events] <EventLogRecord[]> [[-EventRecordType] <String>]
[[-GroupPolicy] <Object[]>] [<CommonParameters>]
DESCRIPTION
This function converts EventLogRecords into human readable output.
EXAMPLES
Example 1
PS C:\> Get-WinEvent -LogName System -MaxEvents 5 | ConvertFrom-EventLogRecord
Example 2
PS C:\> Get-WinEvent FilterHashTable = @{ProviderName = "Service Control Manager"} -MaxEvents 5 | ConvertFrom-EventLogRecord -EventRecordType ServiceEvent
PARAMETERS
-EventRecordType
Specifies the event record type which, in turn, determines the custom type and therefore the default properties of the output.
Type: String
Parameter Sets: (All)
Aliases:
Accepted values: PrintDocument, SystemRestartEvent, LogonFailureEvent, OSVersionFromEvent, RemoteLogonEvent, ServiceEvent, GPOProcessingEvent, KMSClientEvent, KMSHostEvent, KMSHostLicenseCheckEvent
Required: False
Position: 1
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-Events
One or more EventLogRecord objects.
Type: EventLogRecord[]
Parameter Sets: (All)
Aliases:
Required: True
Position: 0
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False
-GroupPolicy
Provide the function all group policy objects in order to have the friendly name presented in the event output. Usually, this can be set to ‘Get-GPO -All’.
Type: Object[]
Parameter Sets: (All)
Aliases:
Required: False
Position: 2
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).