Scott Moss at myITforum.com

Operations Manager 2007: Get-Alert Commandlet

The get-alert commandlet has several parameters available for filtering its output. The examples below will only use the –criteria parameter. I’m using the measure-object commandlet to show some output, it’s not practical to display 4 or 5 pages of alerts per example. The alerts can just as easily be piped to the convert-csv commandlet or displayed to the screen.

To show all alerts for Computer ADDC01 and pipe the output to the export-csv commandlet.
>get-alert -criteria 'NetbiosComputerName = ''ADDC01'''| export-csv c:\alert.csv

To show all Resolved alerts for computer ADDC01
>get-alert -criteria 'NetbiosComputerName = ''ADDC01'' AND ResolutionState = ''255'''

Get a count of all alerts whose names start with AD.
>get-alert -criteria 'Name Like ''AD%''' | measure-object
Count    : 4 

Get a count of how many alert names that have the string SQL in them.
>get-alert -criteria 'Name Like ''%SQL%'''| measure-object
Count    : 47

Get a count of how many new alerts there are:
>get-alert -criteria 'ResolutionState = ''0''' | measure-object
Count    : 192  

To display a count of all alerts whose time last modified is grater than or equal to 3/13/2008
>get-alert -criteria 'LastModified >= ''3/13/2008''' | measure-object
Count    : 54 

To display a count of all alerts whose time last modified is grater than or equal to 3/13/2008 10:00:00 AM and whose severity is warning.
>get-alert -criteria 'LastModified >= ''3/13/2008 10:20:00 AM'' AND Severity = ''1''' | measure-object
Count    : 17

To display a count of all alerts whose owner is JoeOMAdmin@mycompany.com
>get-alert | where-object {$_.Owner -eq "JoeOMAdmin@mycompany.com"} | measure-object
Count    : 1