As written, this manually run worklet will return the last five reboots of a device with the date & user. If you wish to see further detail, you can add any of the following to the Select-Object at the end of the remediation: Process, Action, Reason, ReasonCode, Comment. You can also modify the -First number if you need to see more than the last five reboots.
Evaluation:
Exit 0
Remediation:
Get-WinEvent -FilterHashtable @{logname='System'; id=1074} |
ForEach-Object {
$rv = New-Object PSObject | Select-Object Date, User, Action, Process, Reason, ReasonCode, Comment
$rv.Date = $_.TimeCreated
$rv.User = $_.Properties[6].Value
$rv.Process = $_.Properties[0].Value
$rv.Action = $_.Properties[4].Value
$rv.Reason = $_.Properties[2].Value
$rv.ReasonCode = $_.Properties[3].Value
$rv.Comment = $_.Properties[5].Value
$rv
} | Select-Object Date, User -First 5
# Edit above Select-Object line to see additional fields from the first Select-Object statement or change the number of results returned