PowerTip: Use PowerShell to Write to an Event Log

When I try this I get Source was not found.

Eventually I tried

write-eventlog -logname system -source 'User32' -eventID 777 -entrytype Information `

-message "Test message " -category 1 -rawdata 10,20,30

Even then it only worked when run as an administrator and the event log complained about the description for event id 777.

How do you configure the event  logs to take a user defined source?

Or, how do you list the valid sources using powershell?

oh, nevermind.  i guess that's easy enough

get-eventlog application | group-object -property source  | select-object Name

@StaceyIsLearning, You can use New-EventLog to create the event source if it doesn't exist. Obviously, you need to be an Administrator to create the new event source.

@StaceyIsLearning, you could precede with this (as mentioned above, this part will require administrative privilege):

if ([System.Diagnostics.EventLog]::SourceExists("MyApp") -eq $false) {

   [System.Diagnostics.EventLog]::CreateEventSource("MyApp", "Application")

}

Is it possible to create an EventID Qualifier using powershell as in the example below?

<EventID Qualifiers="45055">20709</EventID>

<Event xmlns="schemas.microsoft.com/.../event">

- <System>

 <Provider Name="BlackBerry Messaging Agen" />

 <EventID Qualifiers="45055">20709</EventID>

 <Level>3</Level>

 <Task>0</Task>

 <Keywords>0x80000000000000</Keywords>

 <TimeCreated SystemTime="2012-09-11T07:39:56.000000000Z" />

 <EventRecordID>8444471</EventRecordID>

 <Channel>Application</Channel>

 <Computer>xxxxxxxxxx</Computer>

 <Security />

 </System>

- <EventData>

 <Data>{Fred.nerk@here.com} Failed to reach user's mailbox</Data>

 </EventData>

 </Event>

@Brian_O Nice! :D