Write-EventLog

Write an event to an event log.

Syntax
      Write-EventLog [-LogName] string [-Source] string
         [-EventID] int [-Message] string 
            [[-EntryType] EventLogEntryType] [-Category Int16]
               [-ComputerName string] [-RawData Byte[]] [CommonParameters]

Key:
   -Category Int16
       A task category for the event.
       Enter an integer that is associated with the strings in the
       category message file for the event log.

   -ComputerName string 
      Specify a remote computer. The default is the local computer.

       Type the NetBIOS name, an Internet Protocol (IP) address,
       or a fully qualified domain name of a remote computer.

       This parameter does not rely on Windows PowerShell remoting.

   -EntryType EventLogEntryType
       The entry type of the event.
       Valid values are:  Error, Warning, Information, SuccessAudit, FailureAudit.

   -EventID int
       The event identifier. This parameter is required.

   -logName string
       Name of the log file to which the event will be written.
       Enter the log name (the value of the Log property, not the LogDisplayName).
       Wildcard characters are not permitted. This parameter is required.

   -Message string
       The event message. This parameter is required.

    -RawData Byte[]
       The binary data that is associated with the event, in bytes.

    -Source <string>
       The event source, which is typically the name of the application
       that is writing the event to the log

Write-EventLog writes an event to an event log.

To write an event to an event log, the event log must exist on the computer and the source must be registered for the event log.

The cmdlets that contain the EventLog noun (the EventLog cmdlets) work only on classic event logs. To get events from logs that use the Windows Event Log technology in Windows Vista and later versions of Windows, use Get-WinEvent

Examples

Write an event from the SS64App source to the Application event log:

PS C:\> write-eventlog -logname Application -source SS64App -eventID 3001 -entrytype Information -message "Something happened." -category 1 -rawdata 10,20

Write an event from the MyApp source to the Application event log on the Server64 remote computer:

PS C:\> write-eventlog -computername Server64 -logname Application -source SS64App -eventID 3001 -message "something else happened."

"The Statesman who yields to war fever must realize that once the signal is given, he is no longer the master of policy but the slave of unforeseeable and uncontrollable events" ~ Sir Winston Spencer Churchill

Related PowerShell Cmdlets

Get-WinEvent - Get events from event logs and event trace logs.
Get-Event - Get events in the event queue.


 
Copyright © 1999-2024 SS64.com
Some rights reserved