WindowsEventMonitor

0.0.4

EventMonitor/MiscellaneousEvents.psm1

                                <#PSScriptInfo

.AUTHOR Microsoft

.COMPANYNAME Microsoft Corporation

.COPYRIGHT (c) Microsoft Corporation

#>

<#

.SYNOPSIS

    ##############################################################################################################################

    # Send an entry to log analytics for miscellaneous event

    ##############################################################################################################################

#>

function Get-Miscellaneous_Events {

    param(

        [Parameter(Mandatory = $true)]

        [string] $logAnalyticsConString,

        [Parameter(Mandatory = $false)]

        [string] $sessionId,

        [Parameter(Mandatory = $true)]

        [DateTime] $TimeRangeForEventsBefore,

        [Parameter(Mandatory = $false)]

        [string] $specialEventId,

        [Parameter(Mandatory = $false)]

        [string] $specialEventLogType

    )

    Import-Module -Name "$PSScriptRoot\EMCommon.psm1"

    Import-Module -Name "$PSScriptRoot\Telemetry\AITelemetry.psm1"

    $LogFilePath = "$PSScriptRoot\Telemetry\Logs.txt";

    try {

        $events = Get-WinEvent -FilterHashtable @{logname="$specialEventLogType"; id="$specialEventId"} -ErrorAction Stop `

            | Where-Object { $_.TimeCreated -ge $TimeRangeForEventsBefore}

        $events | ForEach-Object { 

            $EvProps = New-Object 'system.collections.generic.dictionary[string, string]'

            $EvProps.Add("SessionId", $sessionId)

            $EvProps.Add("EventType", "Miscellaneous")

            Send-LogAnalyticsConnectEvents `

                -eventName "$($_.Id) Miscellaneous Event" `

                -Properties $EvProps `

                -sendEvent $sendEvent `

                -logAnalyticsConString $logAnalyticsConString;

        }

    }

    catch {

        if ($_ -notlike "*No events were found*") { 

            Add-Content -Path $LogFilePath -Value "$(get-date -UFormat %c) :: Exception Message: `n$_.Exception.Message"

            Add-Content -Path $LogFilePath -Value "$(get-date -UFormat %c) :: ScriptStackTrace: `n$_.ScriptStackTrace"

            $LASTEXITCODE = 1

            $ErrorProps = New-Object 'system.collections.generic.dictionary[string, string]'

            $ErrorProps.Add("SessionId", "$sessionId")

            $ErrorProps.Add("Function", "Get-Miscellaneous_Events")

            $ErrorProps.Add("EventId", "$specialEventId")

            $ErrorProps.Add("SpecialEventLogType", "$specialEventLogType")

            $ErrorProps.Add("Query Time Since", "$TimeRangeForEventsBefore")

            TrackException -ErrorRecord $_ -Properties $ErrorProps -logAnalyticsConString $logAnalyticsConString;    

         }

    }

    finally { }

}