I have an assignment where I have to pull information like "Audit Failure" & "Audit Success" from my Windows security log file and count the results of each ex. total attempts, # of successes, # of failures and most common event ID. I saved a .csv to my desktop to obtain the information from but i'm not sure how to get a running total of each. So far I've only imported the csv file.
My code so far:
$FileName=import-csv -Path "C:\Users\Robert\Desktop\Audit Count.csv"
$FileName | Select-Object | Format-List -Property "Keywords", "Event ID"
$AuditSuccess = "Audit Success"
$AuditSuccess.Count
Try Group-Object. Here is an example of grouping on property EntryType to get the count of successes and failures:
Get-EventLog -LogName Security | Group-Object -Property EntryType
Count Name Group
----- ---- -----
21911 FailureAudit {System.Diagnostics.EventLogEntry, System.Di...
14132 SuccessAudit {System.Diagnostics.EventLogEntry, System.Di...
来源:https://stackoverflow.com/questions/33550273/counting-log-results-in-powershell