I am trying to run a powershell script that will pull application event logs from between 2 certain times. I have the following code:

$Begin = Get-Date -Date '2/04/2022 14:36:00'
$End = Get-Date -Date '2/04/2022 14:40:00'
Get-EventLog –LogName Application -After $Begin -Before $End

I keep receiving the following error.

Get-Date : Cannot bind parameter because parameter 'Date' is specified more 
than once. To provide multiple values to parameters that can accept multiple 
values, use the array syntax. For example, "-parameter value1,value2,value3".

Does anyone know what I am doing wrong?

CodePudding user response：

Get-Eventlog itself is depreciated.

You can use Get-Winevent like js2010 is suggesting. -filterhashtable is (I believe) the only way to specify a time period.

    $EventLogFilter = @{
        Logname = 'System'
        StartTime = [datetime]::Today.AddHours(-$Hours)
        EndTime = [datetime]::Today
    }

This would give you everything that happened in the last number of $hours you specify.

This is a list of key-value pairs.

CodePudding user response：

An example with get-winevent's filterhashtable. Any string that can be converted to a datetime would work. Searching every log would require a foreach-object loop.

get-winevent -filterhashtable @{logname = 'application'; starttime = '12:45 pm'; 
  endtime = '12:50 pm' }


   ProviderName: gupdate

TimeCreated                      Id LevelDisplayName Message
-----------                      -- ---------------- -------
2/7/2022 12:45:19 PM              0