2012 Scripting Games Beginner Event 7: Display a List of Enabled Logs

2012 Scripting Games Beginner Event 7: Display a List of Enabled Logs

  • Comments 18
  • Likes

 2012 Scripting Games badge

Summary: In Beginner Event 7, you are required to display a list of all enabled logs on the computer that contain at least one entry.


About this event



Date of Event

4/10/2012 12:01 AM

Due Date

4/17/2012 12:01 AM


Event scenario

On a Windows 7 computer, nearly 500 logs provide auditing and troubleshooting capabilities. Many of these logs do not record any information unless an administrator enables them. You were recently discussing this information with your boss, and he asked a rather logical question:

“What logs actively record information on a Windows 7 computer at any given time?”

You were, of course, somewhat taken aback, and headed off to TechNet to find the answer. After about fifteen minutes of searching and clicking around, you were no closer to the answer than when you began. Your boss came over to you and suggested that you use Windows PowerShell to find the answer. The following image represents an acceptable type of output.

Image of command output

Design points

  • Your code should not display any errors when run.
  • Your code should display all logs that have entries in them.
  • Your code should display only logs that are enabled.
  • Your code should display any enabled hidden logs that contain entries in them.
  • You should display the complete log name, and the number of entries in the log.
  • The number of entries in the logs should be displayed in descending order (the log with the most entries in it should appear on the first line of the output).
  • You do not need to display a total count of the number of enabled logs that have entries.
  • The requirements for this scenario can be met with a “one liner” (a one line logical command). Depending on the width of your Windows PowerShell console and the screen resolution, it may occupy more than one physical line).
  • You do not need to write comment-based Help or accept command-line parameters (or anything like this). Your goal is simply to provide a bit of information to your boss—a “one liner” is perfectly acceptable.

2012 Scripting Games links

2012 Scripting Games: All Links on One Page

I invite you to follow me on Twitter and Facebook. If you have any questions, send email to me at scripter@microsoft.com, or post your questions on the Official Scripting Guys Forum. Good luck as you compete in this year’s Scripting Games. We wish you well.

Ed Wilson, Microsoft Scripting Guy 

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • This one was pretty fun. Just like all of the other events, I have learned something new every day!

  • @SoCalDavis awesome! I am glad you are finding the events fun, and are learning something new each day!

  • This event has been great, been rocking beginner and having a great time.  Looking forward to seeing the posted solutions so I can use the ideas presented here for training opportunities for my team.  Thanks for doing this!

  • Hmmm... Two of the design points have me over-thinking this. It's going to gnaw at me :) Good thing I have 7 days to think it over.

  • What permission level do we need to run the script?  Can we assume that we're admins?

  • @ZoomZoomDude you do not have to be an admin to run the script, but keep in mind the design requirements.

  • Hello Ed, Two question i have on this event:

    1) Should the solution be capable of running on remote computer?

    2) Should we hide all errors INCLUDING Terminating Erros?

    Thanks for your feedback, this will help me submitt event 7

  • by '•Your code should not display any errors when run'   does this mean we need to add error handeling or simple if you do it right there will be no errors to handle

  • Regarding the following points (below), I see two possible ways to filter (Enabled AND Count > 0) vs (Enabled OR Count > 0). To me, the event scenario leans toward the first ("logs actively record"), but inorder to display all logs with entries, the later would be needed. Does the "enabled only" design point take presidence over the "all logs with entries"? Mr Ed, would you clarify?

    * Your code should display all logs that have entries in them.

    * Your code should display only logs that are enabled.


  • @Brad you probably want to add a bit of code to supress the errors. I am not looking for structured error handling, but just something so you get a clean output.

  • @Daniel-D you want logs that are enabled AND have a record entry count that is greater than 0. If there is an enabled log with NO entries in it, then do not display that log.

  • @Get-Exchange No, I am not checking for remote connectivity on this event. Do not return errors from the command.

  • Thanks for your answer on my previous question. Have another one for you: Given the "one-liner" design point, are you implying that aliases are acceptable, or will points be deducted if aliases are used since you did not state that they are explicitly acceptable?

  • @Daniel-D a onelinner is acceptable, and it is permissible to use aliases in the one linner. If you want to make DOUBLE SURE then include a comment with the "long version" of your command.

  • DOH!! Clicked submit and realized I had left a Measure-Object for debugging at the end of my line..... 1 star :(