If we want to check the event log of a windows server from our linux console (without having to connect through terminal server, allowing us to grep the results, etc, etc, etc), here we have the tool!

We use psloglist with this parameters:
-d 1 so it shows just last day of logs (we don’t want to be flooded with logs)
-f we so just warning and errors will be shown (usually, only those are interesting)
$2 this is the second parameter. If we wnat to see just “application” or “system” logs (usually the only interesting) you just type it there.


#!/bin/bash

[ $# -lt 1 ] && echo "Error, I need at least one argument" && echo "Use: $0 server [system|security|application]" && exit 1
PROGPATH=echo $0 | /bin/sed -e 's,[\/][^\/][^\/]*$,,'
$PROGPATH/winpsexec.sh $1 "pstools\psloglist -d 1 -f we $2"