{"id":6844,"date":"2021-08-23T20:40:21","date_gmt":"2021-08-24T00:40:21","guid":{"rendered":"https:\/\/kevinjustin.com\/blog\/?p=6844"},"modified":"2021-08-23T20:55:53","modified_gmt":"2021-08-24T00:55:53","slug":"mining-windows-event-log","status":"publish","type":"post","link":"https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/","title":{"rendered":"Mining Windows Event Log"},"content":{"rendered":"
\"\"<\/a>
Mining Ore from the Windows Event Log and finding a way to make it portable<\/figcaption><\/figure>\n

 <\/p>\n

Use Get-WinEvent to use XML and filters from event viewer, to mine an event, including examples for a specific string, from a specific event, in a specific event log?<\/p>\n

 <\/p>\n

 <\/p>\n

Hopefully this post will help with a few tips to simplify monitoring for events, whether in AzMon, SCOM, or via PowerShell.<\/p>\n

 <\/p>\n

 <\/p>\n

Let’s start with the\u00a0Dr Scripto blog post from quite a while ago –<\/p>\n

https:\/\/devblogs.microsoft.com\/scripting\/data-mine-the-windows-event-log-by-using-powershell-and-xml\/<\/a><\/p>\n

 <\/p>\n

Not sure how many people use get-WinEvent, but this is one tool in PowerShell that can help an admin parse the XML side of an event.<\/p>\n

 <\/p>\n

Example 1<\/h5>\n

Query Application Event Log for Severity, Event, and Event Data contains lync.exe<\/p>\n

$query = @”<\/p>\n

<QueryList><\/p>\n

\u00a0 <Query Id=”0″ Path=”Application”><\/span><\/p>\n

\u00a0\u00a0\u00a0 <Select Path=”Application”>*[System[Provider[@Name=’Application Hang’]<\/span><\/p>\n

\u00a0\u00a0\u00a0 and (Level=2) and (EventID=1002)]]<\/span><\/p>\n

\u00a0\u00a0\u00a0 and *[EventData[Data=’lync.exe’]]<\/Select><\/span><\/p>\n

\u00a0 <\/Query><\/span><\/p>\n

<\/QueryList><\/span><\/p>\n

“@<\/span><\/p>\n

Get-WinEvent -FilterXml $query<\/span><\/p>\n

 <\/p>\n

PowerShell output<\/strong><\/p>\n

\"Use<\/a>
Lync.exe event example output<\/figcaption><\/figure>\n

 <\/p>\n

 <\/p>\n

 <\/p>\n

Use Get-WinEvent to use XML and filters from event viewer<\/h3>\n

The Tip or Trick part of this – leverage your Event Viewer Filter as a query to use with get-WinEvent<\/span><\/p>\n

Credit for this tip comes from Andrew Blumhardt!<\/p>\n

<\/h5>\n

See below for examples to ‘use Get-WinEvent to use XML and filters from event viewer’<\/p>\n

 <\/p>\n

Navigating via Event Viewer:<\/strong><\/h4>\n

Hop onto your favorite server, or connect to another server via Event Viewer<\/p>\n

Go to the Event Log > Click Filter Current Log<\/p>\n

Build out your filter (i.e. choose specific Event Sources, exclude events, include severities, timeframe (start\/end), etc.)<\/p>\n

\"Use<\/a>
SCVMM Application Log Event ID 25933<\/figcaption><\/figure>\n

Switch to the XML tab (and note you can edit your query further!)<\/p>\n

\"SCVMM<\/a>
Event Viewer filter XML tab<\/figcaption><\/figure>\n

You can copy the query from the Event Viewer into your Get-WinEvent<\/span> syntax<\/p>\n

$query = @”<\/span><\/p>\n

<QueryList><\/span>
\n<Query Id=”0″ Path=”Application”><\/span>
\n<Select Path=”Application”>*[System[Provider[@Name=’Microsoft.SystemCenter.VirtualMachineManager.2012.Monitor.UserRoleQuotaUsageMonitor’ or @Name=’Microsoft.SystemCenter.VirtualMachineManager.2012.Report.ServiceUsageCollection’ or @Name=’Microsoft.SystemCenter.VirtualMachineManager.2012.Report.VMUsageCollection’ or @Name=’Microsoft.SystemCenter.VirtualMachineManager.2016.EnableCredSSPClient’ or @Name=’Microsoft.SystemCenter.VirtualMachineManager.2016.Monitor.UserRoleQuotaUsageMonitor’ or @Name=’Microsoft.SystemCenter.VirtualMachineManager.2016.Report.ServiceUsageCollection’ or @Name=’Microsoft.SystemCenter.VirtualMachineManager.2016.Report.VMUsageCollection’] and (Level=2 or Level=3) and (EventID=25933)]]<\/Select><\/span>
\n<\/Query><\/span>
\n<\/QueryList><\/span><\/p>\n

“@<\/span><\/p>\n

Get-WinEvent -FilterXml $query<\/span><\/p>\n

 <\/p>\n

PowerShell output<\/strong><\/p>\n

\"Use<\/a>
SCVMM query example screenshot<\/figcaption><\/figure>\n

 <\/p>\n

 <\/p>\n

<\/h5>\n

 <\/p>\n

 <\/p>\n

Example 3<\/h5>\n

Grab System Event Log, Event ID 5827\u00a0 (NetLogon denied events)<\/p>\n

get-WinEvent -FilterHashtable @{LogName=’System’;\u00a0ID=’5827′;}<\/span><\/p>\n

 <\/p>\n

PowerShell output<\/strong><\/p>\n

\"Use<\/a>
get-WinEvent filter by logname and event ID<\/figcaption><\/figure>\n

 <\/p>\n

 <\/p>\n

Documentation:<\/strong><\/p>\n

Get-WinEvent https:\/\/docs.microsoft.com\/en-us\/powershell\/module\/microsoft.powershell.diagnostics\/get-winevent?view=powershell-7.1<\/a><\/p>\n

MSFT DevBlogs https:\/\/devblogs.microsoft.com\/scripting\/data-mine-the-windows-event-log-by-using-powershell-and-xml\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

  Use Get-WinEvent to use XML and filters from event viewer, to mine an event, including examples for a specific string, from a specific event, in a specific event log?     Hopefully this post will help with a few tips to simplify monitoring for events, whether in AzMon, SCOM, or via PowerShell.     … Continue reading “Mining Windows Event Log”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,4,6,545,530,11],"tags":[549,56,60,547,147,546,550,211,551,309,310,317,342,495,548],"class_list":["post-6844","post","type-post","status-publish","format-standard","hentry","category-azure","category-azure-monitor","category-log-analytics","category-powershell","category-scom","category-troubleshooting","tag-azmon","tag-azure","tag-azure-monitor","tag-data-mine","tag-event-viewer","tag-get-winevent","tag-hop-onto-your-favorite-server","tag-log-analytics","tag-or-connect-to-another-server-via-event-viewer","tag-posh","tag-powershell","tag-query","tag-scom","tag-xml","tag-xml-query"],"yoast_head":"\nMining Windows Event Log - Kevin Justin's Blog<\/title>\n<meta name=\"description\" content=\"Use Get-WinEvent to use XML and filters from event viewer. See examples in the blog for context and usage examples!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Mining Windows Event Log - Kevin Justin's Blog\" \/>\n<meta property=\"og:description\" content=\"Use Get-WinEvent to use XML and filters from event viewer. See examples in the blog for context and usage examples!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/\" \/>\n<meta property=\"og:site_name\" content=\"Kevin Justin's Blog\" \/>\n<meta property=\"article:published_time\" content=\"2021-08-24T00:40:21+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-08-24T00:55:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/kevinjustin.com\/blog\/wp-content\/uploads\/2021\/08\/MineOretoMineCart.jpg\" \/>\n<meta name=\"author\" content=\"WordPress Administrator\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"WordPress Administrator\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2021\\\/08\\\/23\\\/mining-windows-event-log\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2021\\\/08\\\/23\\\/mining-windows-event-log\\\/\"},\"author\":{\"name\":\"WordPress Administrator\",\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/#\\\/schema\\\/person\\\/3d7a90f4430bef43134eaa0a7e2cd508\"},\"headline\":\"Mining Windows Event Log\",\"datePublished\":\"2021-08-24T00:40:21+00:00\",\"dateModified\":\"2021-08-24T00:55:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2021\\\/08\\\/23\\\/mining-windows-event-log\\\/\"},\"wordCount\":509,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2021\\\/08\\\/23\\\/mining-windows-event-log\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/MineOretoMineCart.jpg\",\"keywords\":[\"AzMon\",\"azure\",\"azure monitor\",\"data mine\",\"event viewer\",\"get-winevent\",\"Hop onto your favorite server\",\"Log Analytics\",\"or connect to another server via Event Viewer\",\"posh\",\"powershell\",\"query\",\"SCOM\",\"xml\",\"XML Query\"],\"articleSection\":[\"Azure\",\"Azure Monitor\",\"Log Analytics\",\"PowerShell\",\"SCOM\",\"Troubleshooting\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2021\\\/08\\\/23\\\/mining-windows-event-log\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2021\\\/08\\\/23\\\/mining-windows-event-log\\\/\",\"url\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2021\\\/08\\\/23\\\/mining-windows-event-log\\\/\",\"name\":\"Mining Windows Event Log - Kevin Justin's Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2021\\\/08\\\/23\\\/mining-windows-event-log\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2021\\\/08\\\/23\\\/mining-windows-event-log\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/MineOretoMineCart.jpg\",\"datePublished\":\"2021-08-24T00:40:21+00:00\",\"dateModified\":\"2021-08-24T00:55:53+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/#\\\/schema\\\/person\\\/3d7a90f4430bef43134eaa0a7e2cd508\"},\"description\":\"Use Get-WinEvent to use XML and filters from event viewer. See examples in the blog for context and usage examples!\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2021\\\/08\\\/23\\\/mining-windows-event-log\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2021\\\/08\\\/23\\\/mining-windows-event-log\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2021\\\/08\\\/23\\\/mining-windows-event-log\\\/#primaryimage\",\"url\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/MineOretoMineCart.jpg\",\"contentUrl\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/MineOretoMineCart.jpg\",\"width\":445,\"height\":315,\"caption\":\"Mining Ore from the Windows Event Log and finding a way to make it portable\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2021\\\/08\\\/23\\\/mining-windows-event-log\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Mining Windows Event Log\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/\",\"name\":\"Kevin Justin's Blog\",\"description\":\"Operational monitoring tools including System Center, Azure Monitor\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/#\\\/schema\\\/person\\\/3d7a90f4430bef43134eaa0a7e2cd508\",\"name\":\"WordPress Administrator\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fca865cc5df90a25ae9533b1d9dea567a78c7469dc3202a376c8d117a0eaea11?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fca865cc5df90a25ae9533b1d9dea567a78c7469dc3202a376c8d117a0eaea11?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fca865cc5df90a25ae9533b1d9dea567a78c7469dc3202a376c8d117a0eaea11?s=96&d=mm&r=g\",\"caption\":\"WordPress Administrator\"},\"sameAs\":[\"https:\\\/\\\/kevinjustin.com\"],\"url\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/author\\\/wordpress_admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Mining Windows Event Log - Kevin Justin's Blog","description":"Use Get-WinEvent to use XML and filters from event viewer. See examples in the blog for context and usage examples!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/","og_locale":"en_US","og_type":"article","og_title":"Mining Windows Event Log - Kevin Justin's Blog","og_description":"Use Get-WinEvent to use XML and filters from event viewer. See examples in the blog for context and usage examples!","og_url":"https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/","og_site_name":"Kevin Justin's Blog","article_published_time":"2021-08-24T00:40:21+00:00","article_modified_time":"2021-08-24T00:55:53+00:00","og_image":[{"url":"https:\/\/kevinjustin.com\/blog\/wp-content\/uploads\/2021\/08\/MineOretoMineCart.jpg","type":"","width":"","height":""}],"author":"WordPress Administrator","twitter_card":"summary_large_image","twitter_misc":{"Written by":"WordPress Administrator","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/#article","isPartOf":{"@id":"https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/"},"author":{"name":"WordPress Administrator","@id":"https:\/\/kevinjustin.com\/blog\/#\/schema\/person\/3d7a90f4430bef43134eaa0a7e2cd508"},"headline":"Mining Windows Event Log","datePublished":"2021-08-24T00:40:21+00:00","dateModified":"2021-08-24T00:55:53+00:00","mainEntityOfPage":{"@id":"https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/"},"wordCount":509,"commentCount":0,"image":{"@id":"https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/#primaryimage"},"thumbnailUrl":"https:\/\/kevinjustin.com\/blog\/wp-content\/uploads\/2021\/08\/MineOretoMineCart.jpg","keywords":["AzMon","azure","azure monitor","data mine","event viewer","get-winevent","Hop onto your favorite server","Log Analytics","or connect to another server via Event Viewer","posh","powershell","query","SCOM","xml","XML Query"],"articleSection":["Azure","Azure Monitor","Log Analytics","PowerShell","SCOM","Troubleshooting"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/","url":"https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/","name":"Mining Windows Event Log - Kevin Justin's Blog","isPartOf":{"@id":"https:\/\/kevinjustin.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/#primaryimage"},"image":{"@id":"https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/#primaryimage"},"thumbnailUrl":"https:\/\/kevinjustin.com\/blog\/wp-content\/uploads\/2021\/08\/MineOretoMineCart.jpg","datePublished":"2021-08-24T00:40:21+00:00","dateModified":"2021-08-24T00:55:53+00:00","author":{"@id":"https:\/\/kevinjustin.com\/blog\/#\/schema\/person\/3d7a90f4430bef43134eaa0a7e2cd508"},"description":"Use Get-WinEvent to use XML and filters from event viewer. See examples in the blog for context and usage examples!","breadcrumb":{"@id":"https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/#primaryimage","url":"https:\/\/kevinjustin.com\/blog\/wp-content\/uploads\/2021\/08\/MineOretoMineCart.jpg","contentUrl":"https:\/\/kevinjustin.com\/blog\/wp-content\/uploads\/2021\/08\/MineOretoMineCart.jpg","width":445,"height":315,"caption":"Mining Ore from the Windows Event Log and finding a way to make it portable"},{"@type":"BreadcrumbList","@id":"https:\/\/kevinjustin.com\/blog\/2021\/08\/23\/mining-windows-event-log\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/kevinjustin.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Mining Windows Event Log"}]},{"@type":"WebSite","@id":"https:\/\/kevinjustin.com\/blog\/#website","url":"https:\/\/kevinjustin.com\/blog\/","name":"Kevin Justin's Blog","description":"Operational monitoring tools including System Center, Azure Monitor","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kevinjustin.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/kevinjustin.com\/blog\/#\/schema\/person\/3d7a90f4430bef43134eaa0a7e2cd508","name":"WordPress Administrator","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/fca865cc5df90a25ae9533b1d9dea567a78c7469dc3202a376c8d117a0eaea11?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/fca865cc5df90a25ae9533b1d9dea567a78c7469dc3202a376c8d117a0eaea11?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/fca865cc5df90a25ae9533b1d9dea567a78c7469dc3202a376c8d117a0eaea11?s=96&d=mm&r=g","caption":"WordPress Administrator"},"sameAs":["https:\/\/kevinjustin.com"],"url":"https:\/\/kevinjustin.com\/blog\/author\/wordpress_admin\/"}]}},"_links":{"self":[{"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/posts\/6844","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/comments?post=6844"}],"version-history":[{"count":1,"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/posts\/6844\/revisions"}],"predecessor-version":[{"id":6852,"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/posts\/6844\/revisions\/6852"}],"wp:attachment":[{"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/media?parent=6844"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/categories?post=6844"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/tags?post=6844"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}