powershellget-eventlog

Powershell Get-EventLog -before parameter not found

I have this snippet of code here:

    $currentDate = get-date
    $pastDate = $currentDate.addhours(-5)


    $errorCommand = get-eventlog -Before $currentDate -After $pastDate -logname   Application -source "ESENT" 
    $errorInfo = $errorCommand | out-string

I have a local machine that I run the entire script on, and it works 100% fine. When I run this code on Windows Server standard, via remote desktop, I get the following:

"Get-EventLog : A parameter cannot be found that matches parameter name 'before'" It refers to "$errorCommand =" and I cannot for the life of me figure out why it cannot find this parameter, is something setup incorrectly with my powershell?

Solution

  • It seems like the built-in Get-EventLog was overridden by a different function with the same name. Not only is it missing many of its standard parameters, but the command Get-Command Get-EventLog did not mention Microsoft.Powershell.Management like it should have:

    PS > Get-Command Get-EventLog

CommandType     Name             ModuleName                              
-----------     ----             ----------                              
Cmdlet          Get-EventLog     Microsoft.PowerShell.Management         


PS >

    You can use New-Alias to set the name back to the original cmdlet:

    $currentDate = get-date
$pastDate = $currentDate.addhours(-5)

#####################################################################
New-Alias Get-EventLog Microsoft.PowerShell.Management\Get-EventLog
#####################################################################

$errorCommand = get-eventlog -Before $currentDate -After $pastDate -logname   Application -source "ESENT" 
$errorInfo = $errorCommand | out-stringApplication -source "ESENT"

    See a demonstration below:

    PS > function Get-EventLog { 'Different' }  
PS > Get-EventLog  # This is a new function, not the original cmdlet
Different

PS > New-Alias Get-EventLog Microsoft.PowerShell.Management\Get-EventLog  
PS > Get-EventLog  # This is the original cmdlet
cmdlet Get-EventLog at command pipeline position 1
Supply values for the following parameters:
LogName:

    Although it might be better to investigate why the cmdlet was overridden in the first place and then fix that instead.