New Event - PowerShell

Overview

New-Event is a PowerShell command used to create a new custom event in the event log. It logs events in the specified log and source, providing a way to record significant occurrences in a structured and standardized format. This enables system administrators and developers to monitor events and debug issues more efficiently.

Syntax

New-Event -LogName <string> -Source <string> -Message <string> [[-Id] <int>] [[-Category] <int>] [[-EventType] <int>] [[-TimeWritten] <System.DateTime>] [[-ComputerName] <string>] [[-AdditionalProperties] <Hashtable>]

Options/Flags

  • -LogName: Specifies the name of the event log to write the event to.
  • -Source: Specifies the source of the event.
  • -Message: Specifies the message to be logged.
  • -Id: Specifies the event ID. Defaults to 0.
  • -Category: Specifies the event category. Defaults to 0.
  • -EventType: Specifies the event type. Defaults to 1 (Information).
  • -TimeWritten: Specifies the date and time the event was written. Defaults to the current system time.
  • -ComputerName: Specifies the computer name where the event is logged. Defaults to the local computer.
  • -AdditionalProperties: Specifies a hashtable of additional properties to be added to the event.

Examples

Write an information event to the Application log

New-Event -LogName Application -Source NewEvent -Message "New event created"

Write a warning event to a custom log

New-Event -LogName MyCustomLog -Source MyCustomSource -Message "Warning: System resources low" -EventType 2 -Category 3

Write an event with additional properties

$properties = @{
  "Property1" = "Value1"
  "Property2" = "Value2"
}
New-Event -LogName System -Source PowerShell -Message "Script completed" -AdditionalProperties $properties

Common Issues

  • Ensure that the event log and source exist before creating an event. Use Get-EventLog to verify.
  • Avoid using reserved event IDs or categories to prevent conflicts with system events.
  • Set the -TimeWritten parameter correctly to maintain chronological order of events.

Integration

New-Event can be integrated with the following commands:

  • Write-EventLog: Writes events directly to the specified event log.
  • Get-EventLog: Retrieves events from the specified event log.
  • Clear-EventLog: Clears events from the specified event log.
  • [New-Log]
  • [Remove-EventLog]
  • [Get-WinEvent]