Mydraft

 # winrm service should be running on the machine where script is running for ciminstance query else change it to get-wmiobject # Get-Allrecentlogs -computername 'localhost' -startdateandtime '01/01/2005 00:00' -enddateandtime '07/07/2020 00:00' -logfilextension 'flv' # Get-Allrecentlogs -computername 'localhost' -startdateandtime '01/01/2005 00:00' -enddateandtime '07/07/2020 00:00' -logfilextension 'mp4' Function Get-Allrecentlogs{ param([string]$computername = 'localhost', [datetime]$startdateandtime, [datetime]$enddateandtime, [string]$logfilextension = 'log' ) if ($computername -eq 'localhost')     {     $location = (Get-CimInstance -ClassName Win32_logicaldisk -Filter "DriveTYpe = '3'").DeviceId     } else { $shares = Get-CimInstance -ComputerName $computername -ClassName Win32_share | Where-Object {$_.Path -match '^\w{1}:\\$'} [System.Collections.ArrayList]$location ...

 Function Get-AllEvents{ param([string]$computername = $env:COMPUTERNAME, [datetime]$startdateandtime, [datetime]$enddateandtime ) $logs= (Get-WinEvent -ListLog * | Where-Object {$_.recordcount}).logname $Filtertable = @{     StartTime = $startdateandtime     EndTime = $enddateandtime     LogName = $logs } Get-WinEvent -ComputerName $computername  -FilterHashtable $Filtertable -ErrorAction SilentlyContinue } Get-AllEvents -startdateandtime '07/06/2020 01:00' -enddateandtime '07/08/2020 11:00'