Enduria

I have created a command in PowerShell which can gather the eventid’s from multiple servers:

gc computers.txt | %{Get-WinEvent -ComputerName $_ -LogName Security -MaxEvents 100} | Format-List -Property Message, ID, MachineName, UserID | out-File C:\Temp.txt

It reads from the file computers.txt the computers where the script connects to (can also be the localhost) in this case it gathers the events from the Security event log, but you can also add there the Application and System logs. The maxevents gathers the 100 latest events from these servers, which you can adjust to a size you like. It then creates an table, with the eventid, message, machinename and userid. But there a lot more property’s you can gather, just play with it (as I did, and you will find out soon).It then is being redirected to a file C:\Temp, which is a list of the latest 100 events, again you can adjust the location of this file (of course you need permissions to write the file there).If you have any questions, you can post a comment to this blog-post, and I will try to answer your question a.s.a.p

Here, I found also a nice free book about Windows PowerShell. This book is created by Microsoft Technology Advisor Frank Koch. You can find this book here:
Free Windows PowerShell book