いくつか方法がある
$url="http://download.windowsupdate.com/c/msdownload/update/software/htfx/2014/08/windows8.1-kb2956577-v2-x64_44c65e7492177e35d5bad619812dcb76310a94cf.msu" wget $url -outfile $env:USERPROFILE\Desktop\windows8.1-kb2956577-v2.msu
C:\Windows\System32\dns\dns.log
4/7/2020 2:55:27 AM B48 Note: got GQCS failure on a dead socket context status=995, socket=524, pcon=000000678D9617F0, state=-1, IP=0.0.0.0 4/7/2020 2:55:27 AM B48 Note: got GQCS failure on a dead socket context status=995, socket=40800, pcon=000000678D962DF0, state=-1, IP=::
- if ( $_ -match "^\d\d" -AND $_ -notlike "*EVENT*") { + if ( $_ -match "^\d" -AND $_ -notlike "*EVENT*" -AND $_ -match "\[" ) { - if ($_ -match ":\d\d AM|:\d\d PM") { + if ($_ -match ":\d\d AM|:\d\d PM") {
$log_path="./event_application.csv" Get-WinEvent -LogName Application | Select timeCreated,levelDisplayName,providerName,id,@{name="message";expression={$_.message.Replace("`n",";")}}| Export-CSV $log_path -Encoding Default
$evtx_path="./security-20200217.evtx" $csv_path="./security-20200217.csv" Get-WinEvent -Path $evtx_path | Select timeCreated,levelDisplayName,providerName,id,@{name="message";expression={$_.message.Replace("`n",";")}}| Export-CSV $csv_path -Encoding Default