Write-EventLog
Writes an event to an event log.
语法
Default (默认值)
Write-EventLog
[-LogName] <String>
[-Source] <String>
[[-EntryType] <EventLogEntryType>]
[-Category <Int16>]
[-EventId] <Int32>
[-Message] <String>
[-RawData <Byte[]>]
[-ComputerName <String>]
[<CommonParameters>]
说明
The Write-EventLog cmdlet writes an event to an event log.
To write an event to an event log, the event log must exist on the computer and the source must be registered for the event log.
The cmdlets that contain the EventLog noun (the EventLog cmdlets) work only on classic event logs. To get events from logs that use the Windows Event Log technology in Windows Vista and later versions of the Windows operating system, use the Get-WinEvent cmdlet.
示例
Example 1: Write an event to the Application event log
PS C:\> Write-EventLog -LogName "Application" -Source "MyApp" -EventID 3001 -EntryType Information -Message "MyApp added a user-requested feature to the display." -Category 1 -RawData 10,20
This command writes an event from the MyApp source to the Application event log.
Example 2: Write an event to the Application event log of a remote computer
PS C:\> Write-EventLog -ComputerName "Server01" -LogName Application -Source "MyApp" -EventID 3001 -Message "MyApp added a user-requested feature to the display."
This command writes an event from the MyApp source to the Application event log on the Server01 remote computer.
参数
-Category
Specifies a task category for the event. Enter an integer that is associated with the strings in the category message file for the event log.
参数属性
| 类型: | Int16 |
| 默认值: | None |
| 支持通配符: | False |
| 不显示: | False |
参数集
(All)
| Position: | Named |
| 必需: | False |
| 来自管道的值: | False |
| 来自管道的值(按属性名称): | False |
| 来自剩余参数的值: | False |
-ComputerName
Specifies a remote computer. The default is the local computer.
Type the NetBIOS name, an IP address, or a fully qualified domain name of a remote computer.
This parameter does not rely on Windows PowerShell remoting. You can use the ComputerName parameter of the Get-EventLog cmdlet even if your computer is not configured to run remote commands.
参数属性
| 类型: | String |
| 默认值: | None |
| 支持通配符: | False |
| 不显示: | False |
| 别名: | CN |
参数集
(All)
| Position: | Named |
| 必需: | False |
| 来自管道的值: | False |
| 来自管道的值(按属性名称): | False |
| 来自剩余参数的值: | False |
-EntryType
Specifies the entry type of the event. The acceptable values for this parameter are: Error, Warning, Information, SuccessAudit, and FailureAudit. The default value is Information.
For a description of the values, see EventLogEntryType Enumeration in the MSDN library.
参数属性
| 类型: | EventLogEntryType |
| 默认值: | None |
| 接受的值: | Error, Information, FailureAudit, SuccessAudit, Warning |
| 支持通配符: | False |
| 不显示: | False |
| 别名: | ET |
参数集
(All)
| Position: | 3 |
| 必需: | False |
| 来自管道的值: | False |
| 来自管道的值(按属性名称): | False |
| 来自剩余参数的值: | False |
-EventId
Specifies the event identifier. This parameter is required. The maximum value for the EventId parameter is 65535.
参数属性
| 类型: | Int32 |
| 默认值: | None |
| 支持通配符: | False |
| 不显示: | False |
| 别名: | ID, EID |
参数集
(All)
| Position: | 2 |
| 必需: | True |
| 来自管道的值: | False |
| 来自管道的值(按属性名称): | False |
| 来自剩余参数的值: | False |
-LogName
Specifies the name of the log to which the event is written. Enter the log name. The log name is the value of the Log property, not the LogDisplayName. Wildcard characters are not permitted. This parameter is required.
参数属性
| 类型: | String |
| 默认值: | None |
| 支持通配符: | False |
| 不显示: | False |
| 别名: | LN |
参数集
(All)
| Position: | 0 |
| 必需: | True |
| 来自管道的值: | False |
| 来自管道的值(按属性名称): | False |
| 来自剩余参数的值: | False |
-Message
Specifies the event message. This parameter is required.
参数属性
| 类型: | String |
| 默认值: | None |
| 支持通配符: | False |
| 不显示: | False |
| 别名: | MSG |
参数集
(All)
| Position: | 4 |
| 必需: | True |
| 来自管道的值: | False |
| 来自管道的值(按属性名称): | False |
| 来自剩余参数的值: | False |
-RawData
Specifies the binary data that is associated with the event, in bytes.
参数属性
| 类型: | Byte[] |
| 默认值: | None |
| 支持通配符: | False |
| 不显示: | False |
| 别名: | RD |
参数集
(All)
| Position: | Named |
| 必需: | False |
| 来自管道的值: | False |
| 来自管道的值(按属性名称): | False |
| 来自剩余参数的值: | False |
-Source
Specifies the event source, which is typically the name of the application that is writing the event to the log.
参数属性
| 类型: | String |
| 默认值: | None |
| 支持通配符: | False |
| 不显示: | False |
| 别名: | SRC |
参数集
(All)
| Position: | 1 |
| 必需: | True |
| 来自管道的值: | False |
| 来自管道的值(按属性名称): | False |
| 来自剩余参数的值: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
输入
None
You cannot pipe input to this cmdlet.
输出
EventLogEntry
This cmdlet returns objects that represents the events in the logs.
备注
To use Write-EventLog, start Windows PowerShell by using the Run as administrator option.