Category: Windows XP

VeeamON Virtual 2019

Experts Lounge at VeeamON Virtual 2019 Conference

I am happy to announce that I will be part of this year’s VeeamON Virtual Conference for Cloud Data Management. I will be part of the virtual expert’s lounge during the online event. As a Veeam Vanguard, this is a great opportunity and I am already looking forward to being part of this event. VeeamON Virtual will be on November 20, 2019, and you can find more information here.



PowerShell

PowerShell: How to export Windows Eventlogs with PowerShell

This is a little dirty Windows PowerShell script which exports or backups Windows Eventlogs. The script creates a .evt file which can be used with the Windows Eventlog Viewer.

# Config
$logFileName = "Application" # Add Name of the Logfile (System, Application, etc)
$path = "C:\temp\" # Add Path, needs to end with a backsplash
 
# do not edit
$exportFileName = $logFileName + (get-date -f yyyyMMdd) + ".evt"
$logFile = Get-WmiObject Win32_NTEventlogFile | Where-Object {$_.logfilename -eq $logFileName}
$logFile.backupeventlog($path + $exportFileName)

And with the next code it cleans up older exported Eventlogs.

# Deletes all .evt logfiles in $path
# Be careful, this script removes all files with the extension .evt not just the selfcreated logfiles
$Daysback = "-7"
 
$CurrentDate = Get-Date
$DatetoDelete = $CurrentDate.AddDays($Daysback)
Get-ChildItem $Path | Where-Object { ($_.LastWriteTime -lt $DatetoDelete) -and ($_.Extension -eq ".evt") } | Remove-Item

UPDATE: If you wanna clean the Eventlog after the export you can do that by using the Clear-Eventlog cmdlet. (Thanks to Michel from server-talk.eu)

Clear-Eventlog -LogName $logFileName

And here the whole “script”

# Config
$logFileName = "Application" # Add Name of the Logfile (System, Application, etc)
$path = "C:\temp\" # Add Path, needs to end with a backsplash
 
# do not edit
$exportFileName = $logFileName + (get-date -f yyyyMMdd) + ".evt"
$logFile = Get-WmiObject Win32_NTEventlogFile | Where-Object {$_.logfilename -eq $logFileName}
$logFile.backupeventlog($path + $exportFileName)
 
# Deletes all .evt logfiles in $path
# Be careful, this script removes all files with the extension .evt not just the selfcreated logfiles
$Daysback = "-7"
 
$CurrentDate = Get-Date
$DatetoDelete = $CurrentDate.AddDays($Daysback)
Get-ChildItem $Path | Where-Object { ($_.LastWriteTime -lt $DatetoDelete) -and ($_.Extension -eq ".evt") } | Remove-Item
Clear-Eventlog -LogName $logFileName

Also check out my blog post about deleting files older than a specific date using PowerShell.



Check NTFS Version

If you need to know which version of NTFS you are using you can do that with the fsutil.exe and the following command.

In my case I am testing my C:\ drive:

fsutil fsinfo ntfsinfo c:

fsutil

More on NTFS Versions on wikipedia.



Upgrading through every version of windows

Chain of Fools : Upgrading through every version of windows (HQ)