Skip to main content

Collect Windows Event Logs

Collect windows event logs based on their event names, and write them into a .csv file on a remote machine using the WinRM protocol.

For more information, visit the Microsoft Documentation.

If a host name is not provided in the connection, the host must be provided in the Host parameter.


Log NameThe name of the event log.
Max EventsThe number of event log entries to retrieve, Retrieves the most recent log as default.
Log Output DestinationThe absolute path of the logs output file, including the full filename.
Destination PathThe absolute path of the archived file, including the file name.
HostWhich host to connect to if one is not specified in the connection.
Can be an IP or a fully qualified domain name.

When using an HTTPS endpoint (encrypted communications),
make sure to use the specified format: https://<your-ip-or-domain>:<port-number>/wsman .
For example: https://windows-host:5986/wsman .

If the provided connection has a host specified, using this parameter results in a error.