PowerShell 7.3 - how to to Retrieve Specific Event Log Entries with Get-WinEvent and FilterHashtable
I'm optimizing some code but I'm not sure how to approach I'm integrating two systems and I'm deploying to production and I'm dealing with I've searched everywhere and can't find a clear answer..... I'm working with an scenario while trying to retrieve specific event log entries using the `Get-WinEvent` cmdlet in PowerShell 7.3. I want to filter events based on the provider name and a specific event ID, but it seems that the filtering isn't working as expected. Here's the code I'm currently using: ```powershell $filterHash = @{ ProviderName = 'Security'; Id = 4624 } $events = Get-WinEvent -FilterHashtable $filterHash -MaxEvents 10 $events | Format-Table TimeCreated, Id, Message -AutoSize ``` I expect this to return the last 10 occurrences of the event with ID 4624 from the Security event log. However, I'm receiving the following behavior message: ``` Get-WinEvent : A parameter want to be found that matches parameter name 'FilterHashtable'. ``` I've double-checked that `Get-WinEvent` supports the `-FilterHashtable` parameter, as I found references indicating that it should be available in PowerShell 5.1 and later. I've also tried running this script in Windows PowerShell and in a PowerShell Core terminal, but the same behavior continues. Additionally, I verified that the event ID 4624 does exist in the Security log. To troubleshoot further, I attempted to use the `-LogName` parameter instead, along with a simpler filter: ```powershell $events = Get-WinEvent -LogName 'Security' -MaxEvents 10 ``` This command works correctly and returns entries, but I still need to get the specific filtering to function. Any insights on what might be going wrong or how I can successfully filter the event log entries as intended? Thanks in advance! Any advice would be much appreciated. This is happening in both development and production on Linux. The project is a CLI tool built with Powershell. I'm open to any suggestions. Any ideas what could be causing this? This issue appeared after updating to Powershell stable. Thanks for taking the time to read this! I recently upgraded to Powershell LTS. Cheers for any assistance!