get all ecent logs

 # winrm service should be running on the machine where script is running for ciminstance query else change it to get-wmiobject

# Get-Allrecentlogs -computername 'localhost' -startdateandtime '01/01/2005 00:00' -enddateandtime '07/07/2020 00:00' -logfilextension 'flv'

# Get-Allrecentlogs -computername 'localhost' -startdateandtime '01/01/2005 00:00' -enddateandtime '07/07/2020 00:00' -logfilextension 'mp4'

Function Get-Allrecentlogs{

param([string]$computername = 'localhost', [datetime]$startdateandtime, [datetime]$enddateandtime, [string]$logfilextension = 'log' )

if ($computername -eq 'localhost')

    {

    $location = (Get-CimInstance -ClassName Win32_logicaldisk -Filter "DriveTYpe = '3'").DeviceId

    }

else

{

$shares = Get-CimInstance -ComputerName $computername -ClassName Win32_share | Where-Object {$_.Path -match '^\w{1}:\\$'}

[System.Collections.ArrayList]$location = @{}

        foreach ($share in $shares){

        $Share = "\\$computername\$($share.Name)"

        if (!(Test-Path $share)){

                Write-Warning -Message "Unable to access '$share' share on '$computername'"

                }else{

                    $location.Add($share) | Out-Null

                    }

        }

}

# build the hashtable to perform splatting on the get-chilitem

$GciParams = @{

    Path = $location

    Filter = "*.$logfilextension"

    Recurse = $true

    Force = $true

    ErrorAction = 'Silentlycontinue'

    File = $true

                }

                ##wher filter to simplify

                $wherefilter = {($_.LastWritetime -ge $startdateandtime) -and ($_.LastWritetime -le $enddateandtime) -and ($_length -ne 0)}

                # finding all logs

                Get-ChildItem @GCIparams | Where-Object $wherefilter

                }