Using Event Logs Instead of Log Files

by Jun 20, 2014

Often, people use file-based logging. There is nothing wrong about that, but using the built-in event log system provided by Windows may be much easier.

If you have admin privileges, you can create new event logs any time:

New-EventLog -LogName myLog -Source JobDue, JobDone, Remark

This creates a new log named "myLog" with the event sources "JobDue", "JobDone", and "Remark". Admin privileges are needed only to create the event log. Anything else can be done by anyone.
Your scripts can now log into your new event log.

Write-EventLog -LogName myLog -Source JobDue -EntryType Information -EventId 1 -Message 'This could be a job description.'
Write-EventLog -LogName myLog -Source JobDue -EntryType Information -EventId 1 -Message 'This could be another job description.'

With Get-EventLog, you can easily parse your log and find information:

Get-EventLog -LogName myLog -Source JobDue -After 2014-05-10

And with Limit-EventLog, you can even configure your log to use a maximum size.

Twitter This Tip! ReTweet this Tip!