Displaying RDS Event Log Messages with PowerShell

Published on 07 Nov 2014
Tags #Event Log #PowerShell #RDS

When you are tracing issues in Remote Desktop Services (RDS), you will have to look for events across several event logs. This makes it very hard to bring the individual events in the appropriate order to analyze the issue at hand.

Although you can use Event Viewer to create a filter aggregating messages from different event logs, this cannot easily be moved to different systems. The following PowerShell onliner collects events from the appropriate logs, selects relevant fields and brings them in a chronological order. In the end, Out-GridView makes the output easily consumable.

Get-WinEvent -ListLog System,Application,Microsoft-Windows-RemoteDesktopServices-*,Microsoft-Windows-TerminalServices-* | Get-WinEvent | Where { $_.TimeCreated -gt '10/29/2014 9:00:00' } | Sort-Object -Property RecordId | select RecordId,TimeCreated,LogName,Id,Message | Out-GridView

This command can be easily used on different machines unlike of filters in Event Viewer.

Feedback is always welcome! If you'd like to get in touch with me concerning the contents of this article, please use Twitter.

Nicholas Dille

Displaying RDS Event Log Messages with PowerShell

Related Posts

Talk about automated dependency upates using #Renovate @devsmeetup31 Jan 2024

New two day workshop about #GitLab CI (German)30 Nov 2023

Workshop about operating #GitLab (German)23 Nov 2023