问题
I\'m creating an ASP.NET application that will log some stuff to Windows EventLog. To do this an event source has to be created first. This requires administrative priviledges so I cannot do it in the ASP.NET app.
Is there an existing command-line application that is bundled with Windows that can create an event log source, or must I roll out my own?
回答1:
Try "eventcreate.exe"
An example:
eventcreate /ID 1 /L APPLICATION /T INFORMATION /SO MYEVENTSOURCE /D "My first log"
This will create a new event source named MYEVENTSOURCE under APPLICATION event log as INFORMATION event type.
I think this utility is included only from XP onwards.
Further reading
Windows IT Pro: JSI Tip 5487. Windows XP includes the EventCreate utility for creating custom events.
Type eventcreate /? in CMD prompt
Microsoft TechNet: Windows Command-Line Reference: Eventcreate
SS64: Windows Command-Line Reference: Eventcreate
回答2:
Try PowerShell 2.0's EventLog cmdlets
Throwing this in for PowerShell 2.0 and upwards:
Run New-EventLog once to register the event source:
New-EventLog -LogName Application -Source MyAppThen use Write-EventLog to write to the log:
Write-EventLog -LogName Application -Source MyApp -EntryType Error -Message "Immunity to iocaine powder not detected, dying now" -EventId 1
回答3:
You can also use Windows PowerShell with the following command:
if ([System.Diagnostics.EventLog]::SourceExists($source) -eq $false) {
[System.Diagnostics.EventLog]::CreateEventSource($source, "Application")
}
Make sure to check that the source does not exist before calling CreateEventSource, otherwise it will throw an exception.
For more info:
- http://msdn.microsoft.com/en-us/library/9t766zhb.aspx
回答4:
eventcreate2 allows you to create custom logs, where eventcreate does not.
回答5:
If someone is interested, it is also possible to create an event source manually by adding some registry values.
Save the following lines as a .reg file, then import it to registry by double clicking it:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\YOUR_EVENT_SOURCE_NAME_GOES_HERE]
"EventMessageFile"="C:\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\EventLogMessages.dll"
"TypesSupported"=dword:00000007
This creates an event source named YOUR_EVENT_SOURCE_NAME_GOES_HERE.
回答6:
Or just use the command line command:
Eventcreate
回答7:
However the cmd/batch version works you can run into an issue when you want to define an eventID which is higher then 1000. For event creation with an eventID of 1000+ i'll use powershell like this:
$evt=new-object System.Diagnostics.Eventlog(“Define Logbook”)
$evt.Source=”Define Source”
$evtNumber=Define Eventnumber
$evtDescription=”Define description”
$infoevent=[System.Diagnostics.EventLogEntryType]::Define error level
$evt.WriteEntry($evtDescription,$infoevent,$evtNumber)
Sample:
$evt=new-object System.Diagnostics.Eventlog(“System”)
$evt.Source=”Tcpip”
$evtNumber=4227
$evtDescription=”This is a Test Event”
$infoevent=[System.Diagnostics.EventLogEntryType]::Warning
$evt.WriteEntry($evtDescription,$infoevent,$evtNumber)
回答8:
you can create your own custom event by using diagnostics.Event log class. Open a windows application and on a button click do the following code.
System.Diagnostics.EventLog.CreateEventSource("ApplicationName", "MyNewLog");
"MyNewLog" means the name you want to give to your log in event viewer.
for more information check this link [ http://msdn.microsoft.com/en-in/library/49dwckkz%28v=vs.90%29.aspx]
来源:https://stackoverflow.com/questions/446691/how-to-create-windows-eventlog-source-from-command-line