Get-WinEvent-Path C:\Users\ContosoAdmin\Desktop\SystemLog.evtx -FilterXPath 'Event/System/TimeCreated[@SystemTime="2019-12-13T08:24:27.5440626"]'Get-WinEvent-Path C:\Users\ContosoAdmin\Desktop\SecurityLog.evtx -FilterXPath '*/*/TimeCreated[(@SystemTime>"2020-02-26T00:00:00Z") and (@SystemTime<"2020-02-26T23:59:00Z")] and */*/EventID=4624 and */*/Data[@Name="TargetUserName"]="Eleanor"'wevtutil.exe qe /lf "c:\Users\ContosoAdmin\Desktop\SecurityLog.evtx"/q:"*/*/TimeCreated[(@SystemTime>'2020-02-26T00:00:00Z') and (@SystemTime<'2020-02-26T23:59:00Z')] /c:1"wevtutil.exe qe /lf "c:\Users\ContosoAdmin\Desktop\SecurityLog.evtx"/q:"Event/EventData/Data[@Name='TargetUserName']='Eleanor' and */*/EventID=4624"/c:1/rdwevtutil.exe qe /lf "%userprofile%/dedsktop/SecurityLog.evtx"/q:"*/*/TimeCreated[(@SystemTime>'2020-02-26T00:00:00Z') and (@SystemTime<'2020-02-26T23:59:00Z')] and */*/EventID=4624 and */*/Data[@Name='TargetUserName']='Eleanor'"Get-WinEvent-path C:\Users\ContosoAdmin\Desktop\ApplicationLog.evtx -FilterXPath "*/*/TimeCreated[@SystemTime>'2020-02-11T10:50:00:00Z' and (@SystemTime<'2020-02-11T11:10:00Z')] and */*/Provider[@Name='MsiInstaller']"Get-WinEvent-path C:\Users\ContosoAdmin\Desktop\Systemlog.evtx -FilterXPath "*/*/TimeCreated[@SystemTime>'2020-02-03T00:00:00:00Z' and (@SystemTime<'2020-02-03T23:59:00Z')] and */*/EventID=13"Get-WinEvent-path C:\Users\ContosoAdmin\Desktop\Securitylog.evtx -FilterXPath "*/*/TimeCreated[@SystemTime>'2020-02-26T00:00:00:00Z' and (@SystemTime<'2020-02-26T23:59:00Z')] and */*/EventID=4616 and */*/Data[@Name='SubjectDomainName']='NT Authority'"$test =Get-WinEvent-path C:\Users\ContosoAdmin\Desktop\Securitylog.evtx -FilterXPath "*/*/TimeCreated[@SystemTime>'2020-02-26T00:00:00:00Z' and (@SystemTime<'2020-02-26T23:59:00Z')] and */*/EventID=4624 and */*/Data[@Name='TargetUserName']='Network Service'"