Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Get-WinEvent - Suggested enhancements

See original GitHub issue

Steps to reproduce

Get-WinEvent

Expected behavior

A user friendly error message when running from a non-elevated session, stating that elevated permissions is needed.

I would suggest that the behavior of the default parameter set prompts for required parameters rather than returning cryptic error messages. For example, prompt for the -LogName parameter if no parameters is supplied.

Actual behavior

Get-WinEvent : Could not retrieve information about the Security log. Error: Attempted to perform an unauthorized operation..
At line:1 char:1
+ Get-WinEvent
+ ~~~~~~~~~~~~
+ CategoryInfo          : NotSpecified: (:) [Get-WinEvent], Exception
+ FullyQualifiedErrorId : LogInfoUnavailable,Microsoft.PowerShell.Commands.GetWinEventCommand

Get-WinEvent : The data is invalid
At line:1 char:1
+ Get-WinEvent
+ ~~~~~~~~~~~~
+ CategoryInfo          : NotSpecified: (:) [Get-WinEvent], EventLogInvalidDataException
+ FullyQualifiedErrorId : The data is invalid,Microsoft.PowerShell.Commands.GetWinEventCommand

The “Get-WinEvent : The data is invalid” error is repeated many times, regardless of running elevated or not.

Environment data

Name                           Value
----                           -----
PSVersion                      6.2.3
PSEdition                      Core
GitCommitId                    6.2.3
OS                             Microsoft Windows 10.0.17763
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0