Filter EventLog based on date

1.6k Views Asked by Mr I At 16 November 2025 at 23:14

I am trying to pull out some information from the eventlog through PowerShell based on the date today.

So far I have the code below:

$today = (Get-Date).ToString("dd/MM/yyyy")
Get-EventLog Security | where {$_.EventID -eq 4624} | where {$_.TimeGenerated -eq $today}

Now I have printed the result of today and can confirm that the outputted date is 04/12/2017, I have also printed the date of the TimeGenerated attriubute from the EventID object and that also shows the date in the same format.

Any ideas on where I am going wrong?

Original Q&A

There are 1 best solutions below

Ansgar Wiechers On 04 December 2017 at 11:06 BEST ANSWER

The TimeGenerated property holds a DateTime value, not a string, so don't compare it to a date string. Also, you should filter via Get-EventLog parameters whenever possible, because that filtering happens at the source. This is particularly relevant when querying remote eventlogs to reduce the amount of data that is transmitted over the network.

$today    = (Get-Date).Date
$tomorrow = $today.AddDays(1)

Get-EventLog -LogName Security -InstanceId 4626 -After $today -Before $tomorrow

Filter EventLog based on date

There are 1 best solutions below

Related Questions in POWERSHELL

Related Questions in GET-EVENTLOG

Trending Questions

Popular # Hahtags

Popular Questions