我编写了一个小脚本,用于在过去10天内从应用程序中检索事件日志但我收到错误。有关错误出现的任何想法吗?
Where-Object:无法绑定参数'FilterScript'。无法转换 输入值“False”以键入“System.Management.Automation.ScriptBlock”。 错误:“来自'System.Boolean'的无效转换为 'System.Management.Automation.ScriptBlock'。“
#Sets the application log to query
$Log ="Application"
$FilterHashTable = @{LogName=$Log}
#stores the computer name
$ComputerName = $env:COMPUTERNAME
#sets the date 10 days ago
$DeleteDate = Get-Date
$DeleteDate = $DeleteDate.AddDays(-10)
Write-Verbose $DeleteDate
#retrieve WMIevent and logs the information
$Winevent = Get-WinEvent -ComputerName $ComputerName -FilterHashTable $FilterHashTable -ErrorAction SilentlyContinue
# Filter on time
$Winevent | where-object ($_.timecreated -gt $DeleteDate)
答案 0 :(得分:3)
Where-Object需要一个scriptblock参数 - 使用大括号{...}而不是括号(...)来包含过滤器逻辑。
目前PS正在检查您的条件并返回一个布尔值,而不是将其应用为过滤器。