使用Powershell Limit-Eventlog设置Windows最大内存大小

50pmv0ei  于 12个月前  发布在  Shell
关注(0)|答案(2)|浏览(236)

目标是编写脚本增加所有Windows Server的默认大小并更改一些其他属性。以前使用wevtutil执行此操作,但在2016年无法正常工作,因此切换到Powershell的Limit-Eventlog。使用最新更新安装全新的Windows Server 2016。
从默认日志属性开始:

PS> Get-Eventlog -List

+--------+--------+-------------------+---------+------------------------+
| Max(K) | Retain |  OverflowAction   | Entries |          Log           |
+--------+--------+-------------------+---------+------------------------+
|    300 |      0 | OverwriteAsNeeded |   2,599 | Application            |
| 20,480 |      0 | OverwriteAsNeeded |       0 | HardwareEvents         |
|    512 |      7 | OverwriteAsNeeded |       0 | Internet Explorer      |
| 20,480 |      0 | OverwriteAsNeeded |       0 | Key Management Service |
| 20,480 |      0 | OverwriteAsNeeded |  10,390 | Security               |
| 20,480 |      0 | OverwriteAsNeeded |   3,561 | System                 |
| 15,360 |      0 | OverwriteAsNeeded |     360 | Windows PowerShell     |
+--------+--------+-------------------+---------+------------------------+

字符串
一次更改一个日志,没有错误:

PS> Limit-Eventlog -Logname Application -MaximumSize 200MB -OverflowAction OverwriteAsNeeded
PS> Limit-Eventlog -Logname HardwareEvents -MaximumSize 200MB -OverflowAction OverwriteAsNeeded
PS> Limit-Eventlog -Logname "Internet Explorer" -MaximumSize 200MB -OverflowAction OverwriteAsNeeded
PS> Limit-Eventlog -Logname "Key Management Service" -MaximumSize 200MB -OverflowAction OverwriteAsNeeded
PS> Limit-Eventlog -Logname Security -MaximumSize 200MB -OverflowAction OverwriteAsNeeded
PS> Limit-Eventlog -Logname System -MaximumSize 200MB -OverflowAction OverwriteAsNeeded
PS> Limit-Eventlog -Logname "Windows Powershell" -MaximumSize 200MB -OverflowAction OverwriteAsNeeded
PS> Get-Eventlog -List

+---------+--------+-------------------+---------+------------------------+
| Max(K)  | Retain |  OverflowAction   | Entries |          Log           |
+---------+--------+-------------------+---------+------------------------+
| 204,800 |      0 | OverwriteAsNeeded |   2,599 | Application            |
| 204,800 |      0 | OverwriteAsNeeded |       0 | HardwareEvents         |
| 204,800 |      0 | OverwriteAsNeeded |       0 | Internet Explorer      |
| 204,800 |      0 | OverwriteAsNeeded |       0 | Key Management Service |
| 204,800 |      0 | OverwriteAsNeeded |  10,395 | Security               |
| 204,800 |      0 | OverwriteAsNeeded |   3,561 | System                 |
| 204,800 |      0 | OverwriteAsNeeded |     362 | Windows PowerShell     |
+---------+--------+-------------------+---------+------------------------+


我想避免对日志名称进行重编码。正如通过Get-Help Limit-EventLog -example看到的那样,ForEach有一种更好的方法。然而,这样做似乎只将Limit-Eventlog应用于第一个日志,并对其余6个日志失败。注意,我稍微改变了值(200MB到100MB),以便很容易看到它失败的地方。

$Logs = Get-Eventlog -List | Foreach {$_.log} 
 Limit-Eventlog -Logname $Logs -MaximumSize 100MB -OverflowAction OverwriteAsNeeded 
Get-Eventlog -List

+---------+--------+-------------------+---------+------------------------+
| Max(K)  | Retain |  OverflowAction   | Entries |          Log           |
+---------+--------+-------------------+---------+------------------------+
| 102,400 |      0 | OverwriteAsNeeded |   2,606 | Application            |
| 204,800 |      0 | OverwriteAsNeeded |       0 | HardwareEvents         |
| 204,800 |      0 | OverwriteAsNeeded |       0 | Internet Explorer      |
| 204,800 |      0 | OverwriteAsNeeded |       0 | Key Management Service |
| 204,800 |      0 | OverwriteAsNeeded |  10,399 | Security               |
| 204,800 |      0 | OverwriteAsNeeded |   3,563 | System                 |
| 204,800 |      0 | OverwriteAsNeeded |     369 | Windows PowerShell     |
+---------+--------+-------------------+---------+------------------------+


六个错误:

Limit-Eventlog : The value supplied for MaximumSize parameter has to be in the range of 64 KB to 4GB with an increment of 64 KB. Please enter a proper 
value and then retry.
At line:2 char:5
+     Limit-Eventlog -Logname $Logs -MaximumSize 100MB -OverflowAction  ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Limit-EventLog], Exception
    + FullyQualifiedErrorId : ValueOutofRange,Microsoft.PowerShell.Commands.LimitEventLogCommand

Limit-Eventlog : The value supplied for MaximumSize parameter has to be in the range of 64 KB to 4GB with an increment of 64 KB. Please enter a proper 
value and then retry.
At line:2 char:5
+     Limit-Eventlog -Logname $Logs -MaximumSize 100MB -OverflowAction  ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Limit-EventLog], Exception
    + FullyQualifiedErrorId : ValueOutofRange,Microsoft.PowerShell.Commands.LimitEventLogCommand

Limit-Eventlog : The value supplied for MaximumSize parameter has to be in the range of 64 KB to 4GB with an increment of 64 KB. Please enter a proper 
value and then retry.
At line:2 char:5
+     Limit-Eventlog -Logname $Logs -MaximumSize 100MB -OverflowAction  ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Limit-EventLog], Exception
    + FullyQualifiedErrorId : ValueOutofRange,Microsoft.PowerShell.Commands.LimitEventLogCommand

Limit-Eventlog : The value supplied for MaximumSize parameter has to be in the range of 64 KB to 4GB with an increment of 64 KB. Please enter a proper 
value and then retry.
At line:2 char:5
+     Limit-Eventlog -Logname $Logs -MaximumSize 100MB -OverflowAction  ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Limit-EventLog], Exception
    + FullyQualifiedErrorId : ValueOutofRange,Microsoft.PowerShell.Commands.LimitEventLogCommand

Limit-Eventlog : The value supplied for MaximumSize parameter has to be in the range of 64 KB to 4GB with an increment of 64 KB. Please enter a proper 
value and then retry.
At line:2 char:5
+     Limit-Eventlog -Logname $Logs -MaximumSize 100MB -OverflowAction  ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Limit-EventLog], Exception
    + FullyQualifiedErrorId : ValueOutofRange,Microsoft.PowerShell.Commands.LimitEventLogCommand

Limit-Eventlog : The value supplied for MaximumSize parameter has to be in the range of 64 KB to 4GB with an increment of 64 KB. Please enter a proper 
value and then retry.
At line:2 char:5
+     Limit-Eventlog -Logname $Logs -MaximumSize 100MB -OverflowAction  ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Limit-EventLog], Exception
    + FullyQualifiedErrorId : ValueOutofRange,Microsoft.PowerShell.Commands.LimitEventLogCommand

powershell

2条答案

按热度按时间
62lalag4

62lalag41#

我已经尝试了两种不同的方法,都像预期的那样工作.两者都在做同样的事情,只是使用不同的语法。
Limit-Eventlog传递一个日志名称数组:

$Logs = Get-Eventlog -List | select -ExpandProperty Log
Limit-Eventlog -Logname $Logs -MaximumSize 0.5Gb -OverflowAction OverwriteAsNeeded -WhatIf

字符串
使用foreach将每个日志名称单独传递给Limit-Eventlog

$Logs = Get-Eventlog -List | select -ExpandProperty Log
Foreach ($Log in $Logs) {
    Limit-Eventlog -Logname $Log -MaximumSize 0.5Gb -OverflowAction OverwriteAsNeeded -WhatIf
}


在不进行测试时,您需要删除-WhatIf

赞(0)分享  回复(0)举报  12个月前
0qx6xfy6

0qx6xfy62#

当然,总是有这样的:
get-eventlog -List|选择日志-扩展属性日志|foreach($){limit-eventlog -LogName $ -MaximumSize 20480KB -OverflowAction DoNotOverWrite}

赞(0)分享  回复(0)举报  12个月前
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com