This PowerShell script automatically exports Windows event logs to CSV files that can be easily consumed by external programs.
- Download
export_log.ps1. - Decide where you want to store the log CSV data and create the directory if it does not already exist.
- Edit
export_log.ps1by setting the target directory for the exported log data. - Customize the types of events you want to export to CSV using
$EventTypesToExport. - At this point, you can either perform a one-time export by executing the script via PowerShell. Alternatively, you can create a scheduled task to do this daily.
The visualization above was created using Qlik Sense Desktop. Using a platform like this, you can easily see trends in your event data, such as spikes or errors or re-occurring errors. You can also monitor a specific type of error to determine if a fix was successful or not. These abilities are especially useful for intermittent errors.
Before executing this script, be sure you understand the volume of events logged on your system. Higher event volumes may result in a long script execution time and elevated disk usage.
If you schedule this script to run daily, consider also automating the cleanup of old log data.