Overview

This script retrieves all running event log subscriptions created by the Start-EventSubscription cmdlet, including both local and remote subscriptions. It then shows details about the configuration of each one.

Dependencies

• EventLog

Example Output

Status  : Running
System  : localhost
Logname : Security
Query   : *[System/EventID=4688] and *[EventData/Data[@Name='CommandLine']!='']
Id      : 1