Monitor Event Logs with PowerShell for Enhanced Security

Event logs provide vital information about the activities and security status of your IT environment. Effective monitoring of these logs allows IT administrators to quickly detect and respond to potential security breaches and system issues. With PowerShell, you can automate the process of monitoring event logs, ensuring no critical events go unnoticed. ServerEngine enhances this capability by offering centralized management and monitoring tools that streamline server and security operations.
The PowerShell script below helps automate the monitoring of Windows Event Logs for specific events. By customizing the event criteria, you can focus on security-related events or system warnings, ensuring proactive management of your IT infrastructure.

# PowerShell Script to Monitor Windows Event Logs
# Specify the event log and search criteria
$LogName = 'Security'
$EventID = 4625  # Failed logon event
# Function to monitor event logs
function Monitor-EventLog {
    param (
        [string]$log,
        [int]$id
    )
    # Retrieve the events from the specified log with the specified event ID
    $events = Get-EventLog -LogName $log -InstanceId $id -Newest 10
    # Process each event
    foreach ($event in $events) {
        # Display a summary of the event
        Write-Host "Event ID: $($event.EventID) occurred on $($event.TimeGenerated) by $($event.UserName)"
    }
}
# Execute the function
Monitor-EventLog -log $LogName -id $EventID