When you receive events after a certain date, Get-WinEvent seems slower than Get-EventLog:
$SourceComputer = "MyServer" $LogName = "Security" $StartDate = (get-date).AddMinutes(-30) $hashquery = @{logname=$LogName; StartTime=$StartDate} (Measure-Command -Expression {Get-WinEvent -ComputerName $SourceComputer -FilterHashTable $hashquery}).TotalSeconds (Measure-Command -Expression {Get-EventLog -Computer $SourceComputer -LogName $Logname -After $StartDate}).TotalSeconds
Output:
Get-WinEvent: 128.8475308 Get-EventLog: 4.5299092
This seems strange since Get-WinEvent should work better than the older Get-EventLog function. Am I doing something wrong?
source share