System Event Log Monitor

This PowerShell script is designed to monitor the Windows system event logs for specified event IDs and report any occurrences. System administrators can use this tool to quickly identify critical events that may need attention, improving their capability to respond to issues efficiently. When utilized alongside ServerEngine, this monitoring script helps maintain a healthy server environment and enhances operational visibility.

param (
    [int[]]$eventIdsToMonitor = @(6005, 6006, 1014),  # Example event IDs for system startup and shutdown
    [string]$outputFilePath = "C:\EventLogMonitor.csv"
)
# Initialize an array to store log entries
$eventLogEntries = @()
foreach ($eventId in $eventIdsToMonitor) {
    # Get the specific events from System log
    $events = Get-WinEvent -LogName System | Where-Object { $_.Id -eq $eventId }
    foreach ($event in $events) {
        $eventLogEntries += [PSCustomObject]@{
            TimeCreated = $event.TimeCreated
            EventId = $event.Id
            Message = $event.Message
        }
    }
}
# Export the events to a CSV file
$eventLogEntries | Export-Csv -Path $outputFilePath -NoTypeInformation
Write-Output "Event log monitoring completed. Report saved to $outputFilePath."