Here is powershell script example to extract data out of LogInsight into CSV files for multiple search items where /text/CONTAINS is required… you can easily adapt ‘/text/CONTAINS‘ in this script to use different matching criteria… just check out the documentation here.

So to the script..

So that I don’t keep being prompted for credentials I save the account user and password with the powershell Get-Credential command.

 

Script usage:

 

-Provider ‘ActiveDirectory’ for Active Directory users or ‘Local’ for Loginsight users

-LogInsightAddress FQDN or IP of Loginsight

-creds credentials file to use.

-SearchText array of items to search

-StartDate start date for the query

-EndDate end date for the query

-interval interval in minutes to extract logs (batches which helps get around the 20000 row export limit)

 

 

Hope this helps someone 🙂

vMan