Tag Archives: PowerShell

Automatically Move Archived Event Logs to another Location

Leave a reply

I have a client who requires security event logs be kept. They enabled archive log retention on the Security Event Logs, but it kept filling up their C: drive.

To remedy this, I created a PowerShell script that moves these files when they are 7 days old to another location, and then used Task Schedule to automate the process. Here are the steps to do that.

The source folder where these logs are stored: C:\Windows\System32\winevt\Logs
The destination folder where they want the logs moved to: E:\Windows-System32-winevt-Logs

Created a PowerShell script for this process:
get-childitem -Path “c:\windows\system32\winevt\logs” Archive-Security*.evtx | where-object {$_.LastWriteTime -lt (get-date).AddDays(-7)} | move-item -destination “E:\Windows-System32-winevt-Logs” -Verbose

Created a new Task Scheduler task called AutoMove Security Logs Its Actions are set to run PowerShell and execute the following: -ExecutionPolicy Bypass C:\support\AutoMove_SecurityLogs.ps1

Install VMware’s PowerCLI in Windows

Leave a reply

VMware PowerCLI is a very powerful tool to assist in automating tasks, advanced configurations and troubleshooting, etc. The following procedure can be used to install PowerCLI.
Downloading and installing PowerCLI is all done within Windows PowerShell itself.

  1. Open Windows PowerShell (Run as Admin)
  2. Run the following PowerShell Command to download the PowerCLI modules. (Path = wherever you save your PS modules). This Process may take a few mins. 
    Save-Module -Name VMware.PowerCLI -Path <path>

  3. Run the following PowerShell Command to Install the PowerCLI Modules

    Install-Module -Name VMware.PowerCLI

  4. Finally, you can test to make sure the modules installed properly by running the following: 
    Get-Module -ListAvailable -Name VMware*