There are a few PowerShell EventLogs and some files containing your PowerShell history and the commands, script blocks, etc., that you have used. This can be very helpful if your computer or servers are hacked at your office. Or, if you just want to check things 😉 In this blog post, I will show you how to retrieve all those events locally and remotely and save those in an Excel sheet.
Logs
Searching Windows Event Logs using PowerShell
For many people, it's the last place you check while troubleshooting, but the Windows Event Log is always a good start to pinpoint issues on your system. In this blog post, I will show you how to search, find easily, and export Windows Event Log information.
Read IntuneManagementExtension logs using PowerShell
You have to read logs, but the Intune logs are difficult without tools like CMTrace on the user's device. (The formatting is not that nice without it) In this blog post, I will show you an easy way to read one or two specific logs, or all the logs at once, and each in its Out-Gridview console for easy filtering when searching for keywords.
Create a report on local DNS lookups using PowerShell
When troubleshooting a system, you sometimes need to know what DNS lookups are being done. This will give you a good insight into traffic from the systems to the local network or internet. You can do this with DNS auditing on your Windows server or in your local Pihole server, but that's not always available 😉 This blog post will show you an easy way to create a report without extra tools.
PowerShell and logging
Sometimes it's the last place that admins look... Logs 🙂 Something goes wrong, and you don't know why. Logs tell a lot! (When I deploy some Endpoint Manager packages and suddenly they don't work, I put in some logging and discover why things don't work) This blog post shows you a few ways to enable logging and how to read back all PowerShell actions on a device.