Odds are,  you were Googling something like 'write event log PowerShell' and you stumbled on this page.  If that's the case and you just desire to write an result to the Event Log to test something similar a monitoring or alerting app, I won't disappoint, below is what you need to know.  If you desire a little more than information on writing to the Event Log as part of a script, keep going.

Write-eventlog requires 4 parameters, EventID, LogName, Message and Source.  It's the -Source office that trip people up.  If you don't know what the source is, simply make one up.  Create the new source with the New-Eventlog command similar this:

New-EventLog -LogName <Log y'all are writing to> -Source 'Make one up'

For example, Adding the source HAL to the application log looks like this:

New-EventLog -LogName Application -Source 'HAL'

Now that is finished, use the Write-Eventlog control to create the event similar the instance below.  Although not required to add an EntryType, I propose you add one. Especially if your monitoring software does something like filter out Advisory events.

Write-EventLog -LogName Application -EventID 2001 -EntryType Warning -Source 'HAL' -Message 'Just what do you call up you are doing, Dave?'

Event Log and PowerShell Scripting

Now that that is out of the way nosotros can focus on Write-EventLog equally role of a script.  The higher up information holds truthful for scripts likewise as generating advertizement hoc events.  Starting time create the source, then write to the Event Log.  The obstacle is that the source needs to be created, merely tin can only be created in one case.  And then, for example, if your script includes this line:

New-EventLog -LogName Application -Source 'MyScript'

It will run the first time, only the next time the script runs information technology will return an error considering y'all tin can't create the MyScript source when it already exists.

There is a simple fix, well, kind of.  At that place is no style (that I found) to bank check if an Event Log Source exists with PowerShell, but at that place is with .Internet.  The lawmaking below checks the System.Diagnostics.Eventlog Namespace to meet if the source exists and if non, information technology is created.  That code looks similar:

If ([System.Diagnostics.EventLog]::SourceExists('MyScript') -eq $False) {  New-EventLog -LogName Awarding -Source 'MyScript'  }

Believe it or not, that is the well-nigh complicated part.  Now we can run the Write-EventLog command to create the log entry:

Write-EventLog -LogName Awarding -EventID 3000 -EntryType Warning -Source 'MyScript' -Message 'This is a exam'

That works, but let'due south have this a pace further.  In this case I am going to create a role along with the Try Take hold of statement to write error to the event log.

Beginning by defining variables:

$eventLog = "Application" $eventSource = "MyScript" $eventID = 4000 $entryType = "Error"

Ready the Error Action Preference to Stop for the Try Catch code:

$ErrorActionPreference = "stop"

Side by side, cheque if the Result Log Source exists and create it if not:

If ([System.Diagnostics.EventLog]::SourceExists($eventSource) -eq $False) {  New-EventLog -LogName Awarding -Source $eventSource  }

Once that's finished, create the function to write to the Event Log:

function write-AppEventLog {  Param($errorMessage)  Write-EventLog -LogName $eventLog -EventID $eventID -EntryType $entryType -Source $eventSource -Message $errorMessage  }

Now the code.  This is a simple try-catch cake that will try to carve up past 0 and fail, writing the error message to the Application Consequence Log:

Try {  1/0 } Grab {  $ErrorMessage = $_.Exception.message  write-AppEventLog $ErrorMessage }

Here is what the output looks like in the Application upshot log:

That's all there is to it.  Here is the complete code from to a higher place:

# Set Variables $eventLog = "Application" $eventSource = "MyScript" $eventID = 4000 $entryType = "Error"  # Set Fault Activity Preference to End for Try Catch code $ErrorActionPreference = "finish"  # Cheque if the source exists and create if needed If ([Arrangement.Diagnostics.EventLog]::SourceExists($eventSource) -eq $False) {  New-EventLog -LogName Application -Source $eventSource  }   # Write EventLog Function function write-AppEventLog {  Param($errorMessage)  Write-EventLog -LogName $eventLog -EventID $eventID -EntryType $entryType -Source $eventSource -Message $errorMessage  }  # Code Endeavor {  1/0 } Catch {  $ErrorMessage = $_.Exception.bulletin  write-AppEventLog $ErrorMessage }