![\"\"](\"\/wp-content\/uploads\/2018\/02\/EventLogHAL.png\")
<\/a><\/p>\nNow that is finished, use the Write-Eventlog command to create the event like the example below.\u00a0 Although not required to add an EntryType, I suggest you add one. Especially if your monitoring software does something like filter out Informational events.<\/p>\n
Write-EventLog -LogName Application -EventID 2001 -EntryType Warning -Source \u2018HAL\u2019 -Message \u2018Just what do you think you are doing, Dave?\u2019\n<\/pre>\nEvent Log and PowerShell Scripting<\/h2>\n
Now that that is out of the way we can focus on Write-EventLog as part of a script.\u00a0 The above information holds true for scripts as well as generating ad hoc events.\u00a0 First create the source, then write to the Event Log.\u00a0 The obstacle is that the source needs to be created, but can only be created once.\u00a0 So, for example, if your script includes this line:<\/p>\n
New-EventLog -LogName Application -Source \u2018MyScript\u2019<\/pre>\nIt will run the first time, but the next time the script runs it will return an error because you can\u2019t create the MyScript source when it already exists.<\/p>\n
There is a simple fix, well, kind of.\u00a0 There is no way (that I found) to check if an Event Log Source exists with PowerShell, but there is with .NET.\u00a0 The code below checks the System.Diagnostics.Eventlog Namespace to see if the source exists and if not, it is created.\u00a0 That code looks like:<\/p>\n
If ([System.Diagnostics.EventLog]::SourceExists(\u2018MyScript\u2019) -eq $False) {\n\nNew-EventLog -LogName Application -Source \u2018MyScript\u2019\n\n}<\/pre>\nBelieve it or not, that is the most complicated part.\u00a0 Now we can run the Write-EventLog command to create the log entry:<\/p>\n
Write-EventLog -LogName Application -EventID 3000 -EntryType Warning -Source \u2018MyScript\u2019 -Message \u2018This is a test\u2019<\/pre>\nThat works, but let\u2019s take this a step further.\u00a0 In this example I am going to create a function along with the Try Catch statement to write error to the event log.<\/p>\n
Start by defining variables:<\/p>\n
$eventLog = \"Application\"\n$eventSource = \"MyScript\"\n$eventID = 4000\n$entryType = \"Error\"<\/pre>\nSet the Error Action Preference to Stop for the Try Catch code:<\/p>\n
$ErrorActionPreference = \"stop\"<\/pre>\nNext, check if the Event Log Source exists and create it if not:<\/p>\n
If ([System.Diagnostics.EventLog]::SourceExists($eventSource) -eq $False) {\n New-EventLog -LogName Application -Source $eventSource\n }<\/pre>\nOnce that\u2019s finished, create the function to write to the Event Log:<\/p>\n
function write-AppEventLog {\n Param($errorMessage)\n Write-EventLog -LogName $eventLog -EventID $eventID -EntryType $entryType -Source $eventSource -Message $errorMessage \n}<\/pre>\nNow the code.\u00a0 This is a simple try-catch block that will attempt to divide by 0 and fail, writing the error message to the Application Event Log:<\/p>\n
Try {\n 1\/0\n}\nCatch {\n $ErrorMessage = $_.Exception.message\n write-AppEventLog $ErrorMessage\n}<\/pre>\nHere is what the output looks like in the Application event log:<\/p>\n
![\"\"](\"\/wp-content\/uploads\/2018\/02\/EventLogOut.png\")
<\/p>\n
That’s all there is to it.\u00a0 Here is the complete code from above:<\/p>\n
# Set Variables\n$eventLog = \"Application\"\n$eventSource = \"MyScript\"\n$eventID = 4000\n$entryType = \"Error\"\n\n# Set Error Action Preference to Stop for Try Catch code\n$ErrorActionPreference = \"stop\"\n\n# Check if the source exists and create if needed\nIf ([System.Diagnostics.EventLog]::SourceExists($eventSource) -eq $False) {\n New-EventLog -LogName Application -Source $eventSource\n }\n\n\n# Write EventLog Function\nfunction write-AppEventLog {\n Param($errorMessage)\n Write-EventLog -LogName $eventLog -EventID $eventID -EntryType $entryType -Source $eventSource -Message $errorMessage \n}\n\n# Code\nTry {\n 1\/0\n}\nCatch {\n $ErrorMessage = $_.Exception.message\n write-AppEventLog $ErrorMessage\n}<\/pre>\n","protected":false},"excerpt":{"rendered":"Odds are,\u00a0 you were Googling something like \u2018write event log PowerShell\u2019 and you stumbled on this page.\u00a0 If that\u2019s the case and you just want to write an event to the Event Log to test something like a monitoring or alerting app, I won\u2019t disappoint, below is what you need to know.\u00a0 If you want …<\/p>\n
Writing to the Windows Event Log with PowerShell<\/span> Read More »<\/a><\/p>\n","protected":false},"author":1,"featured_media":4097,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":""},"categories":[170],"tags":[103,194,197,199,202,193,201,20,68,198,200,195,196],"yoast_head":"\nWriting to the Windows Event Log with PowerShell - ciraltos<\/title>\n<meta name=\"description\" content=\"If you want to write an event to the Event Log to test something like a monitoring or alerting app, below is what you need to know.\u00a0 If you want a little more information on writing to the Event Log as part of a script, keep going.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Writing to the Windows Event Log with PowerShell - ciraltos\" \/>\n<meta property=\"og:description\" content=\"If you want to write an event to the Event Log to test something like a monitoring or alerting app, below is what you need to know.\u00a0 If you want a little more information on writing to the Event Log as part of a script, keep going.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/\" \/>\n<meta property=\"og:site_name\" content=\"ciraltos\" \/>\n<meta property=\"article:published_time\" content=\"2018-02-22T12:10:20+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-03-24T05:34:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.ciraltos.com\/staging2\/wp-content\/uploads\/2023\/03\/Event_Viewer.png\" \/>\n\t<meta property=\"og:image:width\" content=\"250\" \/>\n\t<meta property=\"og:image:height\" content=\"250\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Travis Roberts\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ciraltos\" \/>\n<meta name=\"twitter:site\" content=\"@ciraltos\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Travis Roberts\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/\"},\"author\":{\"name\":\"Travis Roberts\",\"@id\":\"http:\/\/www.ciraltos.com\/staging2\/#\/schema\/person\/25391996d6cddfecd4d257162b7e373a\"},\"headline\":\"Writing to the Windows Event Log with PowerShell\",\"datePublished\":\"2018-02-22T12:10:20+00:00\",\"dateModified\":\"2023-03-24T05:34:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/\"},\"wordCount\":481,\"commentCount\":3,\"publisher\":{\"@id\":\"http:\/\/www.ciraltos.com\/staging2\/#\/schema\/person\/25391996d6cddfecd4d257162b7e373a\"},\"keywords\":[\"error\",\"Event Log\",\"EventID\",\"Log\",\"Log Analytics\",\"new-eventlog\",\"OMS\",\"Powershell\",\"script\",\"Scripting\",\"Splunk\",\"Warning\",\"write-eventlog\"],\"articleSection\":[\"PowerShell\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/\",\"url\":\"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/\",\"name\":\"Writing to the Windows Event Log with PowerShell - ciraltos\",\"isPartOf\":{\"@id\":\"http:\/\/www.ciraltos.com\/staging2\/#website\"},\"datePublished\":\"2018-02-22T12:10:20+00:00\",\"dateModified\":\"2023-03-24T05:34:57+00:00\",\"description\":\"If you want to write an event to the Event Log to test something like a monitoring or alerting app, below is what you need to know.\u00a0 If you want a little more information on writing to the Event Log as part of a script, keep going.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/www.ciraltos.com\/staging2\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Writing to the Windows Event Log with PowerShell\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/www.ciraltos.com\/staging2\/#website\",\"url\":\"http:\/\/www.ciraltos.com\/staging2\/\",\"name\":\"ciraltos\",\"description\":\"cloud, technology and trends\",\"publisher\":{\"@id\":\"http:\/\/www.ciraltos.com\/staging2\/#\/schema\/person\/25391996d6cddfecd4d257162b7e373a\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/www.ciraltos.com\/staging2\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"http:\/\/www.ciraltos.com\/staging2\/#\/schema\/person\/25391996d6cddfecd4d257162b7e373a\",\"name\":\"Travis Roberts\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/www.ciraltos.com\/staging2\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.ciraltos.com\/staging2\/wp-content\/uploads\/2023\/03\/Logo-1.png\",\"contentUrl\":\"https:\/\/www.ciraltos.com\/staging2\/wp-content\/uploads\/2023\/03\/Logo-1.png\",\"width\":5657,\"height\":3563,\"caption\":\"Travis Roberts\"},\"logo\":{\"@id\":\"http:\/\/www.ciraltos.com\/staging2\/#\/schema\/person\/image\/\"},\"sameAs\":[\"http:\/\/www.ciraltos.com\",\"https:\/\/twitter.com\/ciraltos\"],\"url\":\"https:\/\/www.ciraltos.com\/staging2\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Writing to the Windows Event Log with PowerShell - ciraltos","description":"If you want to write an event to the Event Log to test something like a monitoring or alerting app, below is what you need to know.\u00a0 If you want a little more information on writing to the Event Log as part of a script, keep going.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/","og_locale":"en_US","og_type":"article","og_title":"Writing to the Windows Event Log with PowerShell - ciraltos","og_description":"If you want to write an event to the Event Log to test something like a monitoring or alerting app, below is what you need to know.\u00a0 If you want a little more information on writing to the Event Log as part of a script, keep going.","og_url":"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/","og_site_name":"ciraltos","article_published_time":"2018-02-22T12:10:20+00:00","article_modified_time":"2023-03-24T05:34:57+00:00","og_image":[{"width":250,"height":250,"url":"https:\/\/www.ciraltos.com\/staging2\/wp-content\/uploads\/2023\/03\/Event_Viewer.png","type":"image\/png"}],"author":"Travis Roberts","twitter_card":"summary_large_image","twitter_creator":"@ciraltos","twitter_site":"@ciraltos","twitter_misc":{"Written by":"Travis Roberts","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/#article","isPartOf":{"@id":"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/"},"author":{"name":"Travis Roberts","@id":"http:\/\/www.ciraltos.com\/staging2\/#\/schema\/person\/25391996d6cddfecd4d257162b7e373a"},"headline":"Writing to the Windows Event Log with PowerShell","datePublished":"2018-02-22T12:10:20+00:00","dateModified":"2023-03-24T05:34:57+00:00","mainEntityOfPage":{"@id":"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/"},"wordCount":481,"commentCount":3,"publisher":{"@id":"http:\/\/www.ciraltos.com\/staging2\/#\/schema\/person\/25391996d6cddfecd4d257162b7e373a"},"keywords":["error","Event Log","EventID","Log","Log Analytics","new-eventlog","OMS","Powershell","script","Scripting","Splunk","Warning","write-eventlog"],"articleSection":["PowerShell"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/","url":"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/","name":"Writing to the Windows Event Log with PowerShell - ciraltos","isPartOf":{"@id":"http:\/\/www.ciraltos.com\/staging2\/#website"},"datePublished":"2018-02-22T12:10:20+00:00","dateModified":"2023-03-24T05:34:57+00:00","description":"If you want to write an event to the Event Log to test something like a monitoring or alerting app, below is what you need to know.\u00a0 If you want a little more information on writing to the Event Log as part of a script, keep going.","breadcrumb":{"@id":"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.ciraltos.com\/staging2\/writing-event-log-powershell\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/www.ciraltos.com\/staging2\/"},{"@type":"ListItem","position":2,"name":"Writing to the Windows Event Log with PowerShell"}]},{"@type":"WebSite","@id":"http:\/\/www.ciraltos.com\/staging2\/#website","url":"http:\/\/www.ciraltos.com\/staging2\/","name":"ciraltos","description":"cloud, technology and trends","publisher":{"@id":"http:\/\/www.ciraltos.com\/staging2\/#\/schema\/person\/25391996d6cddfecd4d257162b7e373a"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/www.ciraltos.com\/staging2\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"http:\/\/www.ciraltos.com\/staging2\/#\/schema\/person\/25391996d6cddfecd4d257162b7e373a","name":"Travis Roberts","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/www.ciraltos.com\/staging2\/#\/schema\/person\/image\/","url":"https:\/\/www.ciraltos.com\/staging2\/wp-content\/uploads\/2023\/03\/Logo-1.png","contentUrl":"https:\/\/www.ciraltos.com\/staging2\/wp-content\/uploads\/2023\/03\/Logo-1.png","width":5657,"height":3563,"caption":"Travis Roberts"},"logo":{"@id":"http:\/\/www.ciraltos.com\/staging2\/#\/schema\/person\/image\/"},"sameAs":["http:\/\/www.ciraltos.com","https:\/\/twitter.com\/ciraltos"],"url":"https:\/\/www.ciraltos.com\/staging2\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/www.ciraltos.com\/staging2\/wp-json\/wp\/v2\/posts\/436"}],"collection":[{"href":"https:\/\/www.ciraltos.com\/staging2\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ciraltos.com\/staging2\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ciraltos.com\/staging2\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ciraltos.com\/staging2\/wp-json\/wp\/v2\/comments?post=436"}],"version-history":[{"count":17,"href":"https:\/\/www.ciraltos.com\/staging2\/wp-json\/wp\/v2\/posts\/436\/revisions"}],"predecessor-version":[{"id":4100,"href":"https:\/\/www.ciraltos.com\/staging2\/wp-json\/wp\/v2\/posts\/436\/revisions\/4100"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ciraltos.com\/staging2\/wp-json\/wp\/v2\/media\/4097"}],"wp:attachment":[{"href":"https:\/\/www.ciraltos.com\/staging2\/wp-json\/wp\/v2\/media?parent=436"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ciraltos.com\/staging2\/wp-json\/wp\/v2\/categories?post=436"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ciraltos.com\/staging2\/wp-json\/wp\/v2\/tags?post=436"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"\"](\"\/wp-content\/uploads\/2018\/02\/Event_Viewer.png\")
Odds are,\u00a0 you were Googling something like \u2018write event log PowerShell\u2019 and you stumbled on this page.\u00a0 If that\u2019s the case and you just want to write an event to the Event Log to test something like a monitoring or alerting app, I won\u2019t disappoint, below is what you need to know.\u00a0 If you want a little more information on writing to the Event Log as part of a script, keep going.<\/p>\n