Important Notice: On February 29th, this community was put into read-only mode. All existing posts will remain but customers are unable to add new posts or comment on existing. Please feel to join our Community Discord for any questions and discussions.

Viewing logs from remote machines

Hey folks. Every now and then I come upon the need to look at a log file on a remote machine. For me usually the top offenders are the Windows Update log, the FoG log (machine imaging), and DISM. So this script is a bit tailored for my environment. 


The skinny is this:

Get-Log -Computername computer1 -LogType WindowsUpdate

This command will use PSRemoting to connect to the specified computer, and open the Windows Update log and show the contents of that log in your console window. After it is done reading the log, it will close the PSRemoting session to the target machine.


The script can be modified to suit your needs, there are instructions in code comments on what you need to do.

Script: (Sorry it is ugly, Pasting kills my formatting.)

Function Get-Log{
Gather log files from remote computers.

This script will gather the log files from remote computers by supplying a computer name and the type of log file you wish to collect.

.PARAMETER ComputerName
The target computer you wish to gather logs from.

The log type you wish to gather from the remote computer.

Get-Log -ComputerName computer1 -LogType WindowsUpdate
Pulls the Windows Update Log from computer1 into your console for review.
Get-Log -ComputerName computer1 -LogType DISM -Verbose
Pulls the DISM log into your console from computer1, and uses verbose output
to tell you what is happening on each part of the script.



#You can change/add to/remove items between the () in lines 33-36 to suit your needs.
#Make sure you wrap your text in "".

Write-Verbose -Message "Testing WSMan connection and creating session..."
#Test-WSMan Connection
try {
If(Test-WSMan -ComputerName $ComputerName){

$Session = New-PSSession -ComputerName $ComputerName

catch {

Write-Error -Message "Unable to contact remote computer via WinRM, is Powershell Remoting enabled?"


Write-Verbose -Message "Gathering requested log file(s)"
switch ($LogType) {
#For each log type you specified starting on line 35, construct a line just like below.
#Log files are static in where they are kept, so hard-coding location is typically fine.
"WindowsUpdate" { Invoke-Command -Session $Session -ScriptBlock { Get-Content C:\Windows\WindowsUpdate.log } }
"FoG" { Invoke-Command -Session $Session -ScriptBlock { Get-Content C:\fog.log } }
"DISM" { Invoke-Command -Session $Session -ScriptBlock { Get-Content C:\Windows\Logs\DISM\dism.log } }

Write-Verbose -Message "Cleaning up remote session."
Get-PSSession | Remove-PSSession