如何从命令行创建 Windows EventLog 源?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/446691/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to create Windows EventLog source from command line?
提问by Vilx-
I'm creating an ASP.NET application that will log some stuff to Windows EventLog. To do this an event source has to be created first. This requires administrative priviledges so I cannot do it in the ASP.NET app.
我正在创建一个 ASP.NET 应用程序,它将一些内容记录到 Windows EventLog。为此,必须首先创建一个事件源。这需要管理权限,因此我无法在 ASP.NET 应用程序中执行此操作。
Is there an existing command-line application that is bundled with Windows that can create an event log source, or must I roll out my own?
是否有与 Windows 捆绑的现有命令行应用程序可以创建事件日志源,还是我必须推出自己的应用程序?
回答by MSV Muthu
Try "eventcreate.exe"
试试“eventcreate.exe”
An example:
一个例子:
eventcreate /ID 1 /L APPLICATION /T INFORMATION /SO MYEVENTSOURCE /D "My first log"
This will create a new event sourcenamed MYEVENTSOURCEunder APPLICATIONevent logas INFORMATIONevent type.
这将创建一个在event log下命名为event type的新事件源。MYEVENTSOURCEAPPLICATIONINFORMATION
I think this utility is included only from XP onwards.
我认为此实用程序仅从 XP 开始包含。
Further reading
进一步阅读
Windows IT Pro: JSI Tip 5487. Windows XP includes the EventCreate utility for creating custom events.
Type
eventcreate /?in CMD promptMicrosoft TechNet: Windows Command-Line Reference: Eventcreate
SS64: Windows Command-Line Reference: Eventcreate
Windows IT Pro:JSI 技巧 5487。Windows XP 包括用于创建自定义事件的 EventCreate 实用程序。
键入
eventcreate /?在CMD提示Microsoft TechNet:Windows 命令行参考:Eventcreate
SS64:Windows 命令行参考:Eventcreate
回答by roufamatic
Try PowerShell 2.0's EventLog cmdlets
尝试 PowerShell 2.0 的 EventLog cmdlet
Throwing this in for PowerShell 2.0 and upwards:
将其用于 PowerShell 2.0 及更高版本:
Run
New-EventLogonce to register the event source:New-EventLog -LogName Application -Source MyAppThen use
Write-EventLogto write to the log:Write-EventLog -LogName Application -Source MyApp -EntryType Error -Message "Immunity to iocaine powder not detected, dying now" -EventId 1
运行
New-EventLog一次以注册事件源:New-EventLog -LogName Application -Source MyApp然后使用
Write-EventLog写入日志:Write-EventLog -LogName Application -Source MyApp -EntryType Error -Message "Immunity to iocaine powder not detected, dying now" -EventId 1
回答by Luis Rocha
You can also use Windows PowerShell with the following command:
您还可以通过以下命令使用 Windows PowerShell:
if ([System.Diagnostics.EventLog]::SourceExists($source) -eq $false) {
[System.Diagnostics.EventLog]::CreateEventSource($source, "Application")
}
Make sure to check that the source does not exist before calling CreateEventSource, otherwise it will throw an exception.
在调用 CreateEventSource 之前一定要检查源不存在,否则会抛出异常。
For more info:
欲了解更多信息:
回答by Nick Bolton
eventcreate2allows you to create custom logs, where eventcreatedoes not.
eventcreate2允许您创建自定义日志,而eventcreate则不允许。
回答by CSharper
If someone is interested, it is also possible to create an event source manually by adding some registry values.
如果有人感兴趣,还可以通过添加一些注册表值来手动创建事件源。
Save the following lines as a .reg file, then import it to registry by double clicking it:
将以下行另存为 .reg 文件,然后双击将其导入注册表:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\YOUR_EVENT_SOURCE_NAME_GOES_HERE]
"EventMessageFile"="C:\Windows\Microsoft.NET\Framework64\v4.0.30319\EventLogMessages.dll"
"TypesSupported"=dword:00000007
This creates an event source named YOUR_EVENT_SOURCE_NAME_GOES_HERE.
这将创建一个名为 的事件源YOUR_EVENT_SOURCE_NAME_GOES_HERE。
回答by CSharper
Or just use the command line command:
或者只使用命令行命令:
Eventcreate
事件创建
回答by R. Tettero
However the cmd/batch version works you can run into an issue when you want to define an eventID which is higher then 1000. For event creation with an eventID of 1000+ i'll use powershell like this:
但是 cmd/batch 版本可以工作,当您想要定义高于 1000 的 eventID 时可能会遇到问题。对于 eventID 为 1000+ 的事件创建,我将使用如下所示的 powershell:
$evt=new-object System.Diagnostics.Eventlog(“Define Logbook”)
$evt.Source=”Define Source”
$evtNumber=Define Eventnumber
$evtDescription=”Define description”
$infoevent=[System.Diagnostics.EventLogEntryType]::Define error level
$evt.WriteEntry($evtDescription,$infoevent,$evtNumber)
Sample:
样本:
$evt=new-object System.Diagnostics.Eventlog(“System”)
$evt.Source=”Tcpip”
$evtNumber=4227
$evtDescription=”This is a Test Event”
$infoevent=[System.Diagnostics.EventLogEntryType]::Warning
$evt.WriteEntry($evtDescription,$infoevent,$evtNumber)
回答by 3333
you can create your own custom event by using diagnostics.Event log class. Open a windows application and on a button click do the following code.
您可以使用diagnostics.Event 日志类创建自己的自定义事件。打开一个 Windows 应用程序,然后单击按钮执行以下代码。
System.Diagnostics.EventLog.CreateEventSource("ApplicationName", "MyNewLog");
"MyNewLog" means the name you want to give to your log in event viewer.
“MyNewLog”是指您想在事件查看器中为您的登录指定的名称。
for more information check this link [ http://msdn.microsoft.com/en-in/library/49dwckkz%28v=vs.90%29.aspx]
有关更多信息,请查看此链接 [ http://msdn.microsoft.com/en-in/library/49dwckkz%28v=vs.90%29.aspx]
