How to search string in Event Viewer XML Query?

I want to search all Events which contain LIKE 192.168.

Unfortunately I don't think that is directly possible, because:

Windows Event Log supports a subset of XPath 1.0. There are limitations to what functions work in the query. For instance, you can use the "position", "Band", and "timediff" functions within the query but other functions like "starts-with" and "contains" are not currently supported.

Source Advanced XML filtering in the Windows Event Viewer

However, as w32sh pointed out in a comment, it is possible with PowerShell. See this Stack Overflow question: Using XPath starts-with or contains functions to search Windows event logs

Related videos on Youtube

19 : 55

PowerShell Tutorials Event Viewer #1 : Get-EventLog

JackedProgrammer

875

27 : 58

PowerShell Tutorials Event Viewer #2 : Get-WinEvent (Filter by XML and XPATH)

JackedProgrammer

585

08 : 00

How To Use The Windows Event Viewer For Cyber Security Audit

Jon Good

42

01 : 42

How to search string in Event Viewer XML Query?

Roel Van de Paar

19

12 : 39

Get-EventLog - How to search for things in the Windows Eventlog using PowerShell

John Impallomeni

12

14 : 48

Oracle Retrieve data from XML Document using XMLQuery

Sridhar Raghavan

8

19 : 10

Bài 9 : Hướng dẫn custom query xml trong MyBatis

Che Cong Binh

1

Author by

SchoolforDesign

I need your Ask!

Updated on September 18, 2022