I have a powershell script which is working as expected. I need some help with formatting the output.
$Date = (Get-Date).AddDays(-1)
Get-ChildItem –Path "D:\Log\" -Recurse | Where-Object {($_.LastWriteTime -lt $Date)} | Remove-Item
$filter = @{
LogName='Application'
StartTime=$Date
}
Get-WinEvent -FilterHashtable $filter | Select-Object TimeCreated,Message |
Where-Object { $_.Message -like '*renamed*' -and $_.Message -notlike "*csv*" } |
Out-File -FilePath D:\Log\DailyReport_$(get-date -Format yyyyddmm_hhmmtt).txt
The output is
TimeCreated Message
----------- -------
4/16/2020 4:03:30 AM 04712: renamed
I need the output to be
Date Time,File Name
4/16/2020 4:03:30 AM, 04712: renamed
The column header needs to be renamed with a comma. Any help will be greatly appreciated.
Thanks,
Arnab
You can rename the properties with Select-Object and convert to comma-separated values with ConvertTo-Csv or Export-Csv:
# ...
Get-WinEvent -FilterHashtable $filter |
Select-Object TimeCreated,Message |
Where-Object { $_.Message -like '*renamed*' -and $_.Message -notlike "*csv*" } |
Select-Object @{Name='Date Time';Expression='TimeCreated'},@{Name='File Name';Expression='Message'} |
Export-Csv D:\Log\DailyReport_$(get-date -Format yyyyddmm_hhmmtt).txt -NoTypeInformation