Get-LMAuditLogs
Syntax
Range (Default)
Get-LMAuditLogs [-SearchString <String>] [-StartDate <DateTime>] [-EndDate <DateTime>] [-BatchSize <Int32>] [-ProgressAction <ActionPreference>] [<CommonParameters>]Id
Get-LMAuditLogs [-Id <String>] [-BatchSize <Int32>] [-ProgressAction <ActionPreference>] [<CommonParameters>]Filter
Get-LMAuditLogs [-Filter <Object>] [-BatchSize <Int32>] [-ProgressAction <ActionPreference>] [<CommonParameters>]Description
The Get-LMAuditLogs function retrieves audit logs from LogicMonitor based on the specified parameters. It supports retrieving logs by ID, by date range, or by applying filters. The function can retrieve up to 10000 logs in a single query.
Examples
Example 1
#Retrieve audit logs from the last weekGet-LMAuditLogs -StartDate (Get-Date).AddDays(-7)Example 2
#Search for specific audit logsGet-LMAuditLogs -SearchString "login" -StartDate (Get-Date).AddDays(-30)Parameters
-Id
The ID of the specific audit log to retrieve. This parameter is part of a mutually exclusive parameter set.
Type: StringParameter Sets: IdAliases:
Required: FalsePosition: NamedDefault value: NoneAccept pipeline input: FalseAccept wildcard characters: False-SearchString
A string to filter audit logs by. Only logs containing this string will be returned.
Type: StringParameter Sets: RangeAliases:
Required: FalsePosition: NamedDefault value: NoneAccept pipeline input: FalseAccept wildcard characters: False-StartDate
The start date for retrieving audit logs. Defaults to 30 days ago if not specified.
Type: DateTimeParameter Sets: RangeAliases:
Required: FalsePosition: NamedDefault value: NoneAccept pipeline input: FalseAccept wildcard characters: False-EndDate
The end date for retrieving audit logs. Defaults to current time if not specified.
Type: DateTimeParameter Sets: RangeAliases:
Required: FalsePosition: NamedDefault value: NoneAccept pipeline input: FalseAccept wildcard characters: False-Filter
A filter object to apply when retrieving audit logs. Part of a mutually exclusive parameter set.
Type: ObjectParameter Sets: FilterAliases:
Required: FalsePosition: NamedDefault value: NoneAccept pipeline input: FalseAccept wildcard characters: False-BatchSize
The number of results to return per request. Must be between 1 and 1000. Defaults to 1000.
Type: Int32Parameter Sets: (All)Aliases:
Required: FalsePosition: NamedDefault value: 1000Accept pipeline input: FalseAccept wildcard characters: False-ProgressAction
Fill ProgressAction Description
Type: ActionPreferenceParameter Sets: (All)Aliases: proga
Required: FalsePosition: NamedDefault value: NoneAccept pipeline input: FalseAccept wildcard characters: FalseCommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
None. You cannot pipe objects to this command.
Outputs
Returns LogicMonitor.AuditLog objects.
Notes
You must run Connect-LMAccount before running this command. Maximum of 10000 logs can be retrieved in a single query.