PowerShell New-EventLog Cmdlet
Hello Everyone
Welcome to CloudAffaire and this is Debjeet.
In the last blog post, we have discussed Get-WinEvent cmdlet in PowerShell.
https://cloudaffaire.com/powershell-get-winevent-cmdlet/
In this blog post, we will discuss New-EventLog cmdlet in PowerShell. You can use New-EventLog cmdlet to create a new Windows event log. You can also define an event source to write on your new event log or use an existing event log using New-EventLog cmdlet. In windows, event logs are stored in a file with 1st eight characters of the log name with .evt extension under $env:SystemRoot\System32\Config directory. The log file is only created once at least one log has been written. New-EventLog cmdlet can be used to create a new event log on a local or remote computer.
New-EventLog Cmdlet Syntax:
|
1 2 3 4 5 6 7 8 |
## New-EventLog ## [-LogName] ## [-Source] ## [[-ComputerName] ## [-CategoryResourceFile ## [-MessageResourceFile ## [-ParameterResourceFile ## [ |
New-EventLog Cmdlet Argument List:
- –CategoryResourceFile: Specifies the path to the file that contains category strings for the source events. This file is also known as the Category Message File. The file must be present on the computer on which the event log is being created.
- –ComputerName: Creates the new event logs on the specified computers. The default is the local computer.
- –LogName: Specifies the name of the event log.
- –MessageResourceFile: Specifies the path to the file that contains message formatting strings for the source events. This file is also known as the Event Message File. The file must be present on the computer on which the event log is being created.
- –ParameterResourceFile: Specifies the path to the file that contains strings used for parameter substitutions in event descriptions. This file is also known as the Parameter Message File. The file must be present on the computer on which the event log is being created.
- –Source: Specifies the names of the event log sources, such as application programs that write to the event log. This parameter is required.
PowerShell New-EventLog Cmdlet:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
######################################## ## PowerShell | Cmdlet | New-EventLog ## ######################################## ## PowerShell Latest Version (5) ## run PowerShell as admin ## create a sample file New-Item -ItemType File -Path C:\myfile.dll -Value "hello world" ## create a new event log New-EventLog -source MySource -LogName MyLog -MessageResourceFile C:\myfile.dll ## get event log details Get-WinEvent -ListLog MyLog | Select-Object * ## delete the event log Remove-EventLog -Source "MySource" Remove-EventLog -LogName "MyLog" Remove-Item -Path C:\myfile.dll |
Hope you have enjoyed this article. In the next blog post, we will discuss Write-EventLog CmdLet in PowerShell.
To Set more details on PowerShell, kindly follow below official documentation