Get-WinEvent from multiple servers Super Fast!

In the past I created a script to pull event log errors and warnings into a file and email the results.

This script stopped working, and after some digging I found that it added all the same events in every log file and combined that in to one file, which got very big. So big that it didn't get delivered to my mailbox, it got up to 75MB way above our send/receive quota. It also ran for 2 hours, while this one runs under 2 minutes!

I found several scripts/howto's and kb article's to get what I wanted and combined those in one script.
There seems to be a strange problem with Get-WinEvents, -ComputerName doesn't accept array input. So i had to write a one liner and repeat that for every server twice, one for the "System log" and one for the "Application log".

It writes 2 files per server, and collects warnings and errors only. On every run it overwrites the old file so there is no history. I made a simple webpage to quickly check the application log or the system log. You should be able to do this yourself in Word for instance.

This is what I came up with:

$ShareName = "\\domain.lan\Eventlogs"
$Date = (get-date) - (new-timespan -day 1)
$SystemLogName = "System"
$AppLogname = "Application"
$now = Get-Date -Format g
$style = "<style>BODY{font-family: Arial; font-size: 10pt;}"
$style = $style + "TABLE{border: 1px solid black; border-collapse: collapse;}"
$style = $style + "TH{border: 1px solid black; background: #dddddd; padding: 5px; }"
$style = $style + "TD{border: 1px solid black; padding: 5px; }"
$style = $style + "</style>"

# Exchange
Get-WinEvent -FilterHashTable @{LogName='Application'; Level=1,2; StartTime=$date} -ErrorAction SilentlyContinue -ComputerName sr-XXXXX | Select-Object MachineName,TimeCreated,LogName,ProviderName,Id,LevelDisplayName,Message | ConvertTo-HTML -head $style -body "<H2>System log Report From Server SR-XXXXX $now</H2>" | Out-File "$ShareName\SR-XXXXX-$AppLogName.html"
Get-WinEvent -FilterHashTable @{LogName='System'; Level=1,2; StartTime=$date} -ErrorAction SilentlyContinue -ComputerName sr-XXXXX | Select-Object MachineName,TimeCreated,LogName,ProviderName,Id,LevelDisplayName,Message | ConvertTo-HTML -head $style -body "<H2>System log Report From Server SR-XXXXX $now</H2>" | Out-File "$ShareName\SR-XXXXX-$SystemLogName.html"
# Citrix
Get-WinEvent -FilterHashTable @{LogName='Application'; Level=1,2; StartTime=$date} -ErrorAction SilentlyContinue -ComputerName sr-XXXXX | Select-Object MachineName,TimeCreated,LogName,ProviderName,Id,LevelDisplayName,Message | ConvertTo-HTML -head $style -body "<H2>System log Report From Server SR-XXXXX $now</H2>" | Out-File "$ShareName\SR-XXXXX-$AppLogName.html"
Get-WinEvent -FilterHashTable @{LogName='System'; Level=1,2; StartTime=$date} -ErrorAction SilentlyContinue -ComputerName sr-XXXXX | Select-Object MachineName,TimeCreated,LogName,ProviderName,Id,LevelDisplayName,Message | ConvertTo-HTML -head $style -body "<H2>System log Report From Server SR-XXXXX $now</H2>" | Out-File "$ShareName\SR-XXXXX-$SystemLogName.html"