Computer usage

The purpose of this code is to tell you what time you wake up, go to sleep, and how much time you spend awake using logon logoff events. You can customize the eventids to match your version of windows. It's also useful for tracking hours worked.

$evts = Get-EventLog -LogName "security" -newest 7000 | where{(@(4624,4634) -contains $_.instanceid)} | %{
    $row = New-Object PSObject
    if($_.instanceid -eq 4624)
    {
        $username = $_.replacementstrings[5]
    }
    else
    {
        $username = $_.replacementstrings[1]
    }
    Add-Member -InputObject $row -Name "date" -Value $_.timegenerated.ToString("yy-MM-dd") -MemberType NoteProperty
    Add-Member -InputObject $row -Name "hour" -Value $_.timegenerated.ToString("HH") -MemberType NoteProperty
    Add-Member -InputObject $row -Name "time" -Value $_.timegenerated -MemberType NoteProperty
    if(($username -like "*<user>*") -and ($_.timegenerated.hour -gt 4))
    {
        $row
    }
}
$grouped = $evts | Group-Object -Property "date"
$output = @()
$grouped | Sort-Object -Property "name" -Descending | %{
    $row = New-Object PSObject
    Add-Member -InputObject $row -Name "date" -Value $_.name -MemberType NoteProperty
    Add-Member -InputObject $row -Name "begin" -Value @($_.group | Sort-Object -Property "time")[0].time.tostring("H:mm") -MemberType NoteProperty
    Add-Member -InputObject $row -Name "end" -Value @($_.group | Sort-Object -Property "time")[($_.count-1)].time.tostring("H:mm") -MemberType NoteProperty
    Add-Member -InputObject $row -Name "delta" -Value (@($_.group | Sort-Object -Property "time")[($_.count-1)].time - @($_.group | Sort-Object -Property "time")[0].time).totalhours.tostring("0.0") -MemberType NoteProperty
    Add-Member -InputObject $row -Name "count" -Value @($_.group | Group-Object -Property "hour").count -MemberType NoteProperty
    $output += $row
}
$output
$output | export-csv -Path "<drive>:\<dir>\timeonpc.$((get-date).tostring("yy-MM-dd-HH-mm-ss")).csv" -NoTypeInformation