Learn about Windows PowerShell
Summary: In Beginner Event 7, you are required to display a list of all enabled logs on the computer that contain at least one entry.
About this event
Date of Event
4/10/2012 12:01 AM
4/17/2012 12:01 AM
On a Windows 7 computer, nearly 500 logs provide auditing and troubleshooting capabilities. Many of these logs do not record any information unless an administrator enables them. You were recently discussing this information with your boss, and he asked a rather logical question:
“What logs actively record information on a Windows 7 computer at any given time?”
You were, of course, somewhat taken aback, and headed off to TechNet to find the answer. After about fifteen minutes of searching and clicking around, you were no closer to the answer than when you began. Your boss came over to you and suggested that you use Windows PowerShell to find the answer. The following image represents an acceptable type of output.
2012 Scripting Games: All Links on One Page
I invite you to follow me on Twitter and Facebook. If you have any questions, send email to me at email@example.com, or post your questions on the Official Scripting Guys Forum. Good luck as you compete in this year’s Scripting Games. We wish you well.
Ed Wilson, Microsoft Scripting Guy
This one was pretty fun. Just like all of the other events, I have learned something new every day!
@SoCalDavis awesome! I am glad you are finding the events fun, and are learning something new each day!
This event has been great, been rocking beginner and having a great time. Looking forward to seeing the posted solutions so I can use the ideas presented here for training opportunities for my team. Thanks for doing this!
Hmmm... Two of the design points have me over-thinking this. It's going to gnaw at me :) Good thing I have 7 days to think it over.
What permission level do we need to run the script? Can we assume that we're admins?
@ZoomZoomDude you do not have to be an admin to run the script, but keep in mind the design requirements.
Hello Ed, Two question i have on this event:
1) Should the solution be capable of running on remote computer?
2) Should we hide all errors INCLUDING Terminating Erros?
Thanks for your feedback, this will help me submitt event 7
by '•Your code should not display any errors when run' does this mean we need to add error handeling or simple if you do it right there will be no errors to handle
Regarding the following points (below), I see two possible ways to filter (Enabled AND Count > 0) vs (Enabled OR Count > 0). To me, the event scenario leans toward the first ("logs actively record"), but inorder to display all logs with entries, the later would be needed. Does the "enabled only" design point take presidence over the "all logs with entries"? Mr Ed, would you clarify?
* Your code should display all logs that have entries in them.
* Your code should display only logs that are enabled.
@Brad you probably want to add a bit of code to supress the errors. I am not looking for structured error handling, but just something so you get a clean output.
@Daniel-D you want logs that are enabled AND have a record entry count that is greater than 0. If there is an enabled log with NO entries in it, then do not display that log.
@Get-Exchange No, I am not checking for remote connectivity on this event. Do not return errors from the command.
Thanks for your answer on my previous question. Have another one for you: Given the "one-liner" design point, are you implying that aliases are acceptable, or will points be deducted if aliases are used since you did not state that they are explicitly acceptable?
@Daniel-D a onelinner is acceptable, and it is permissible to use aliases in the one linner. If you want to make DOUBLE SURE then include a comment with the "long version" of your command.
DOH!! Clicked submit and realized I had left a Measure-Object for debugging at the end of my line..... 1 star :(