Writing to Event Logs with Powershell

Was pondering how to trigger a event log entry on a server today at work in order to test SCOM monitoring, came across Powershell and the various commands that can be used for to do something like this. Found it quite interesting so thought it would be worth writing a wee post about it.

To begin you can see what Powershell commands are available in relation to the Eventlog:

get-command -Name *eventlog

The one that writes the event logs is called "Write-EventLog". The command syntax should be something as straightfoward are this:

Write-EventLog -LogName Application -Source "Test EventLog" -EntryType Information -EventID 1 -Message "This is a test message".

In this command the following parameters are required - LogName, Source, EventID.

Unforuntately this generates an error message because the source does not exist on the machine.  The cmdlet New-EventLog should help us here.

To fix the previous error we need to run the following command:

New-EventLog -LogName Application -Source "Test EventLog"

Then we can run:
Write-EventLog -LogName Application -Source "Test EventLog" -EntryType Information -EventID 1 -Message "This is a test message".

As we can see within the Event log the entry is now there:

Why not follow me on Twitter for other hints and tips - www.twitter.com/weeyinfotos