Grep Windows logs

PowerShell is a very powerful shell for Windows, and by using Select-String cmdlet you can easily search for specific items within a log.

 

For more info about this cmdlet, when you are in a PowerShell window run the following:

man select-string

or

man select-string -detailed

 

For an example of how to grep your cluster logs, you can run the following

Select-String -Path c:\windows\cluster\cluster.log -Pattern ERR

This will bring everything back that matches the pattern ERR.

 

If you want some context around this error, you can also include a number of lines before and after each of the matches using the -context switch.

Select-String -Path c:\windows\cluster\cluster.log -Pattern ERR -Context (3,3)

This will bring everything back that matches the pattern ERR, and the 3 lines before as well as the 3 lines after.

 

You can also use pipes to filter the logs further

Select-String -Path c:\windows\cluster\cluster.log -Pattern ERR | Select-String -Pattern Database

This will bring back everything that matches the pattern ERR and then from the results, bring back everything with the pattern Database.