The windows event logs containing a lot of useful information and for example may help you to analyze software issues. By using the Windows PowerShell it is very easy to get the data of event logs and export this data for example into a CSV file.

By using the cmdlet get-eventlog you may read different log files. Use the following command to see a list of all log files:

Get-EventLog -list

The main operating system log files are: Application, Security and System. Therefore in most cases these logs will be exported.  For example the following command may be used to export the 100 newest messages of the Application log.

get-eventlog Application -newest 100 | convertto-csv | out-file c:\Temp\ApplicationEventLog.txt

But there is one issue with this CSV file. Some entries within the file, for example the message, may contain line feeds and/or new lines. These special signs are inside the field and therefore inside of quotes, but a lot of applications may have problems to read such files. You may easily solve this issue by replacing this special signs. The following command shows the full export function of the application log.

get-eventlog Application -newest 100 | convertto-csv | % {$_ -replace „`r`n|`r|`n“,““}  | out-file c:\Temp\ApplicationEventLog.txt