Home > database >  How to convert Event Viewer data to XML for filtration and get rid of DocumentElement node error?
How to convert Event Viewer data to XML for filtration and get rid of DocumentElement node error?

Time:01-20

There was an answer posted here to one of my questions: enter image description here

the original answer posted in there also shows the same error if I remove -maxevents 1 which I need to do because I don't want to only see 1 event.

how can I make it work?

Update, using enter image description here

CodePudding user response:

Since you want the name/#text pairs to be an object instead, here's a way to convert it. I'm using the where-object form without the curly braces. The -notmatch regex expression pipe symbol means "or". This way you can treat all the data as one group.

foreach ($event in Get-WinEvent -FilterHashtable @{LogName='Security'}) {
  $xml = [xml]$event.toxml();
  $xml.event.eventdata.data | 
  foreach { $hash = @{} } { $hash[$_.name] = $_.'#text' } { [pscustomobject]$hash } |
  Where FilterOrigin -notmatch 'stealth|unknown|query user|default' 
}

Page link:https//www.codepudding.com/database/677915.html

Prev:ng-repeat fails on a p>div structure, but works for a div>div structure?
Next:Meaning of xslt match expression
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding