Get-WinEvent instead of Get-EventLog

[abyrd-mma]

Problem description

Get-EventLog is deprecated in favor of Get-WinEvent and when trying to use WindowsEventLog from ComputerManagemntDsc with GuestConfig Agent I am getting an error message like the following

Verbose logs

The term 'Get-EventLog' is not recognized as a name of a cmdlet, function, script file, or executable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. The PowerShell DSC resource '[WindowsEventLog]LOG_NAME' with SourceInfo 'E:\agent\_work\1212\dev\build\configurations\dev\WindowsEventLog_LOG_NAME.ps1::6::9::WindowsEventLog' threw one or more non-terminating errors while running the Test-TargetResource functionality. These errors are logged to the ETW channel called Microsoft-Windows-DSC/Operational. Refer to this channel for more details. The SendConfigurationApply function did not succeed. LCM failed to start desired state configuration manually.

DSC configuration

Configuration WindowsEventLog_LOG_NAME
{
    Import-DSCResource -Name WindowsEventLog -ModuleName ComputerManagementDsc -ModuleVersion 10.0.0
    Node localhost
    {
        WindowsEventLog LOG_NAME
        {
            LogName           = 'LOG_NAME'
            RegisteredSource  = 'LOG_NAME'
            IsEnabled         = $true 
        }
    }
}

WindowsEventLog_LOG_NAME -OutputPath .\mof-files\WindowsEventLog_LOG_NAME\

Suggested solution

Remove Get-EventLog from the following functions Get-WindowsEventLogRestrictGuestAccess and Set-WindowsEventLogRetentionDays

Replace 717 and 971 with the following code

$matchingEventLog = Get-WinEvent -ListLog $Logname -ErrorAction Stop

Operating system the target node is running

OsName               : Microsoft Windows Server 2019 Standard

PowerShell version and build the target node is running

PowerShell ver 7 is what our build and deploy pipeline are running

ComputerManagementDsc version

Version 10