adr*_*ing 3 powershell event-log
这对我来说工作:
Get-WinEvent -FilterHashTable @{Logname = "ForwardedEvents" ; ID = 4625,4740}
(……我期望的结果……)
这有效:
$EventId = "4625"
Get-WinEvent -FilterHashTable @{Logname = "ForwardedEvents" ; ID = $EventId}
这不起作用:
$EventId = "4625,4740"
Get-WinEvent -FilterHashTable @{Logname = "ForwardedEvents" ; ID = $EventId}
错误...
Get-WinEvent : No events were found that match the specified selection criteria.
At line:1 char:13
+ Get-WinEvent <<<< -FilterHashTable @{Logname = "ForwardedEvents" ; ID = $EventIds}
+ CategoryInfo : ObjectNotFound: (:) [Get-WinEvent], Exception
+ FullyQualifiedErrorId : NoMatchingEventsFound,Microsoft.PowerShell.Commands.GetWinEventCommand
有人可以帮忙吗?
只需将其更改为$EventId = 4625,4740(删除引号)即可。查看和 的文档,Get-WinEvent-FilterHashTable我们看到:
Run Code Online (Sandbox Code Playgroud)-- ID=<Int32[]>
所以它需要一个数组而不是一个字符串。
| 归档时间: |
|
| 查看次数: |
15046 次 |
| 最近记录: |