In my home network, I run a Graylog Syslog instance in Docker for logging network and Linux events. But you can also log events from PowerShell scripts to Syslog for easy filtering or correlation. In this blog post, I will show you how that works.
Category: Logs
Using the Microsoft-Extractor-Suite PowerShell module for collecting Microsoft Online logs
Collecting logs from various Microsoft Endpoints, like Entra, 365 Services, and Azure, can be a hassle sometimes. The Microsoft-Extractor-Suite module from Joey Rentenaar and Korstiaan Tam can help you with that! In this blog post, I will show you how to use it
Using the Get-NetView PowerShell Module for Network Troubleshooting
Collecting enough logs and information from a system with networking issues can be difficult. You always need just one more to troubleshoot the problem. 😉 In this blog post, I will show you how the built-in Get-NetView module can help you collect all the necessary logs and information.
Use PowerShell to create report of a DTS Compliant NPS log
One of our customers had issues authenticating clients using NPS. One of the first things you do is... I read the NPS logs, and they were DTS Compliant formatted, a bit of a pain to read and search 🙁 So, I used PowerShell to create a nice log for me in either a GridView or an Excel file. In this blog post, I will show you how!
Retrieve local and remote PowerShell logs
There are a few PowerShell EventLogs and some files containing your PowerShell history and the commands, script blocks, etc., that you have used. This can be very helpful if your computer or servers are hacked at your office. Or, if you just want to check things 😉 In this blog post, I will show you how to retrieve all those events locally and remotely and save those in an Excel sheet.
Searching Windows Event Logs using PowerShell
For many people, it's the last place you check while troubleshooting, but the Windows Event Log is always a good start to pinpoint issues on your system. In this blog post, I will show you how to search, find easily, and export Windows Event Log information.
Read IntuneManagementExtension logs using PowerShell
You have to read logs, but the Intune logs are difficult without tools like CMTrace on the user's device. (The formatting is not that nice without it) In this blog post, I will show you an easy way to read one or two specific logs, or all the logs at once, and each in its Out-Gridview console for easy filtering when searching for keywords.
Create a report on local DNS lookups using PowerShell
When troubleshooting a system, you sometimes need to know what DNS lookups are being done. This will give you a good insight into traffic from the systems to the local network or internet. You can do this with DNS auditing on your Windows server or in your local Pihole server, but that's not always available 😉 This blog post will show you an easy way to create a report without extra tools.
PowerShell and logging
Sometimes it's the last place that admins look... Logs 🙂 Something goes wrong, and you don't know why. Logs tell a lot! (When I deploy some Endpoint Manager packages and suddenly they don't work, I put in some logging and discover why things don't work) This blog post shows you a few ways to enable logging and how to read back all PowerShell actions on a device.