How to create Windows EventLog source from command line

Question

I m creating an ASP NET application that will log some stuff to Windows EventLog  To do this an event source has to be created first  This requires administrative priviledges so I cannot do it in the ASP NET app   Is there an existing command-line application that is bundled with Windows that can create an event log source  or must I roll out my own

User · Answer

If someone is interested  it is also possible to create an event source manually by adding some registry values   Save the following lines as a  reg file  then import it to registry by double clicking it   Windows Registry Editor Version 5 00   HKEY LOCAL MACHINE SYSTEM CurrentControlSet services eventlog Application YOUR EVENT SOURCE NAME GOES HERE   EventMessageFile   C   Windows  Microsoft NET  Framework64  v4 0 30319  EventLogMessages dll   TypesSupported  dword 00000007   This creates an event source named YOUR EVENT SOURCE NAME GOES HERE

User · Answer

You can also use Windows PowerShell with the following command   if   System Diagnostics EventLog   SourceExists  source  -eq  false         System Diagnostics EventLog   CreateEventSource  source   Application       Make sure to check that the source does not exist before calling CreateEventSource  otherwise it will throw an exception    For more info    http   msdn microsoft com en-us library 9t766zhb aspx

User · Answer

If someone is interested  it is also possible to create an event source manually by adding some registry values   Save the following lines as a  reg file  then import it to registry by double clicking it   Windows Registry Editor Version 5 00   HKEY LOCAL MACHINE SYSTEM CurrentControlSet services eventlog Application YOUR EVENT SOURCE NAME GOES HERE   EventMessageFile   C   Windows  Microsoft NET  Framework64  v4 0 30319  EventLogMessages dll   TypesSupported  dword 00000007   This creates an event source named YOUR EVENT SOURCE NAME GOES HERE

User · Answer

However the cmd batch version works you can run into an issue when you want to define an eventID which is higher then 1000  For event creation with an eventID of 1000  i ll use powershell like this    evt new-object System Diagnostics Eventlog    Define Logbook      evt Source    Define Source     evtNumber Define Eventnumber  evtDescription    Define description     infoevent  System Diagnostics EventLogEntryType   Define error level  evt WriteEntry  evtDescription  infoevent  evtNumber     Sample    evt new-object System Diagnostics Eventlog    System      evt Source    Tcpip     evtNumber 4227  evtDescription    This is a Test Event     infoevent  System Diagnostics EventLogEntryType   Warning  evt WriteEntry  evtDescription  infoevent  evtNumber

User · Answer

Try  quot eventcreate exe quot  An example  eventcreate  ID 1  L APPLICATION  T INFORMATION   SO MYEVENTSOURCE  D  quot My first log quot   This will create a new event source named MYEVENTSOURCE under APPLICATION event log as INFORMATION event type  I think this utility is included only from XP onwards  Further reading  Windows IT Pro  JSI Tip 5487  Windows XP includes the EventCreate utility for creating custom events   Type eventcreate    in CMD prompt  Microsoft TechNet  Windows Command-Line Reference  Eventcreate  SS64  Windows Command-Line Reference  Eventcreate

User · Answer

Or just use the command line command   Eventcreate

User · Answer

You can also use Windows PowerShell with the following command   if   System Diagnostics EventLog   SourceExists  source  -eq  false         System Diagnostics EventLog   CreateEventSource  source   Application       Make sure to check that the source does not exist before calling CreateEventSource  otherwise it will throw an exception    For more info    http   msdn microsoft com en-us library 9t766zhb aspx

User · Answer

eventcreate2 allows you to create custom logs  where eventcreate does not

User · Answer

Try PowerShell 2 0 s EventLog cmdlets  Throwing this in for PowerShell 2 0 and upwards    Run New-EventLog once to register the event source   New-EventLog -LogName Application -Source MyApp  Then use Write-EventLog to write to the log   Write-EventLog      -LogName Application      -Source MyApp      -EntryType Error      -Message  Immunity to iocaine powder not detected  dying now       -EventId 1

User · Answer

eventcreate2 allows you to create custom logs  where eventcreate does not

User · Answer

Try PowerShell 2 0 s EventLog cmdlets  Throwing this in for PowerShell 2 0 and upwards    Run New-EventLog once to register the event source   New-EventLog -LogName Application -Source MyApp  Then use Write-EventLog to write to the log   Write-EventLog      -LogName Application      -Source MyApp      -EntryType Error      -Message  Immunity to iocaine powder not detected  dying now       -EventId 1

User · Answer

However the cmd batch version works you can run into an issue when you want to define an eventID which is higher then 1000  For event creation with an eventID of 1000  i ll use powershell like this    evt new-object System Diagnostics Eventlog    Define Logbook      evt Source    Define Source     evtNumber Define Eventnumber  evtDescription    Define description     infoevent  System Diagnostics EventLogEntryType   Define error level  evt WriteEntry  evtDescription  infoevent  evtNumber     Sample    evt new-object System Diagnostics Eventlog    System      evt Source    Tcpip     evtNumber 4227  evtDescription    This is a Test Event     infoevent  System Diagnostics EventLogEntryType   Warning  evt WriteEntry  evtDescription  infoevent  evtNumber

User · Answer

you can create your own custom event by using diagnostics Event log class  Open a windows application and on a button click do the following code   System Diagnostics EventLog CreateEventSource  ApplicationName    MyNewLog       MyNewLog  means the name you want to give to your log in event viewer   for more information check this link   http   msdn microsoft com en-in library 49dwckkz 28v vs 90 29 aspx

User · Answer

Or just use the command line command   Eventcreate

User · Answer

you can create your own custom event by using diagnostics Event log class  Open a windows application and on a button click do the following code   System Diagnostics EventLog CreateEventSource  ApplicationName    MyNewLog       MyNewLog  means the name you want to give to your log in event viewer   for more information check this link   http   msdn microsoft com en-in library 49dwckkz 28v vs 90 29 aspx

User · Answer

Try  quot eventcreate exe quot  An example  eventcreate  ID 1  L APPLICATION  T INFORMATION   SO MYEVENTSOURCE  D  quot My first log quot   This will create a new event source named MYEVENTSOURCE under APPLICATION event log as INFORMATION event type  I think this utility is included only from XP onwards  Further reading  Windows IT Pro  JSI Tip 5487  Windows XP includes the EventCreate utility for creating custom events   Type eventcreate    in CMD prompt  Microsoft TechNet  Windows Command-Line Reference  Eventcreate  SS64  Windows Command-Line Reference  Eventcreate

[windows] How to create Windows EventLog source from command line?

Examples related to windows

Examples related to command-line

Examples related to event-log