Backup-EventLogs advanced PowerShell Function backs up Event logs for a single server, list of servers or servers in a text file. The function supports event logs backup for Windows Server 2003 (.evt); Windows Server 2008 and Windows Server 2012 (.evtx).
- At least PoWerShell 2.0 on all servers you wish to backup and the PC you are running the function.
- WinRM service running and configured to accept remote connections
- Full administrative privileges for the account used to run the function.
- A folder share to store event logs backed up. The user running Backup-EventLogs function MUST have rights to create folders and files on the share.
Functionalities / Features
- The function has the following features:
- Supports event logs backup for Windows Server 2003 (.evt); Windows Server 2008 and Windows Server 2012 (.evtx).
- Can backup event logs on a single server or a list of servers separated in periods or a list of servers in a text file.
- Support backup of a single event loge for example Application, security; or backup of all event logs of a server or list of servers.
- Allows you to backup all event logs in a central location – The function creates a folder for each server in the backup location; it also creates a folder with the date of the backup under the server name.
- Supports the cleanup of older log files from the central backup location. This is an optional feature. Ensures that older log files can be deleted based on number of days.
- Support clearing of events logs after it has been successfully backed up and copied into the central backup location.
- Displays tasks performed as function is running. This will help you troubleshooting and error handling. It also logs errors in a folder called Errorlogs in the BackUpLocation folder specified.
- Checks that a server is online before it attempts to back up the event log. If server is offline, it skips it; if server is online, it checks that WinRM service is running and configured to accept connections. If WinRM service is not accepting connections, the server is skipped.
- Includes a function Backup-EventLogsSchedule that can be scheduled to run automatically using Windows Task Scheduler.
- Includes full help and examples
To download the function and accompanying documents and files, click download Backup-EventLogs.zip