From 89e0336754d496da551d07dc03c6bf6501755bbc Mon Sep 17 00:00:00 2001
From: Peter Wood <peter@peterwood.dev>
Date: Sat, 29 Mar 2025 13:03:06 -0400
Subject: [PATCH] feat: add scripts for event log size monitoring and old file
 removal

---
 powershell/event-log-size.ps1                 | 19 +++++++++++++++++++
 .../remove-files.ps1                          |  0
 2 files changed, 19 insertions(+)
 create mode 100644 powershell/event-log-size.ps1
 rename remove-files.ps1 => powershell/remove-files.ps1 (100%)

diff --git a/powershell/event-log-size.ps1 b/powershell/event-log-size.ps1
new file mode 100644
index 0000000..eea9a0f
--- /dev/null
+++ b/powershell/event-log-size.ps1
@@ -0,0 +1,19 @@
+$logs = Get-EventLog -list
+foreach ($log in $logs) {
+    $logName = $log.LogDisplayName
+    $logFilePath = Join-Path -Path $env:SystemRoot -ChildPath "System32\winevt\Logs\$($log.LogFileName).evtx"
+    
+    if (Test-Path $logFilePath) {
+        $fileSize = (Get-Item $logFilePath).Length / 1MB
+    } else {
+        $fileSize = 0
+    }
+    
+    # Skip if file size is less than 1 MB
+    if ($fileSize -lt 1) { continue }
+    
+    $maxSize = $log.MaximumKilobytes / 1024  # Convert KB to MB
+    $percentage = if ($maxSize -ne 0) { ($fileSize / $maxSize) * 100 } else { 0 }
+    
+    Write-Host ("Log Name: {0}`nFile Size: {1:N2} MB`nMaximum Size: {2:N2} MB`nPercentage Full: {3}%`n---" -f $logName, $fileSize, $maxSize, [math]::Round($percentage, 2))
+}
\ No newline at end of file
diff --git a/remove-files.ps1 b/powershell/remove-files.ps1
similarity index 100%
rename from remove-files.ps1
rename to powershell/remove-files.ps1