Create Custom Event Log Type with PowerShell

When you have an automation engine supported by PowerShell, it is a good idea to create a custom Event Log Type, where you would log all the messages sent by PowerShell. This is just one example where you could implement Custom Logging in Event Viewer, you  could do this even with a single PowerShell script, it doesn’t matter really.

To be fair, this Custom Event Logging by using PowerShell is helping me in a various ways, and all together with default logging, creates an amazing environment for debugging, investigating, and troubleshooting in case something goes wrong.

Basically, what do you need to use in order to successfully create and write a Custom Event Log are two cmdlets: New-EventLog and Write-EventLog.

First, lets start out Powershell Console, and create a new Event Log LogName, which in our case, it will be called Troubleshooting_Log:

New-EventLog -LogName Troubleshooting_Log -Source FalloutApp

Next, just to be sure, open Computer Management, go to Event Viewer -> Application and Services Logs.

 

Here, you should see our log name: Troubleshooting_Log

PowerShell_New-Log_Event_Viewer

 

Now that we have already created Event Log, we can use it to send informational, warning, or error messages directly to it. This way, it will be much easier to troubleshoot any possible issues, instead of going into application logs section and search messages created by your script.

To send Event Log messages to your newly created custom event log type, you will use Write-Log cmdlet. Lets do it.

Write-EventLog -log Troubleshooting_Log -source FalloutApp -EntryType Information -eventID 10 -Message "FalloutApp has been successfully installed"

PowerShell_Custom_EventLog_Write-EventLog

If you exclude EventID, it will ask you to provide this parameter. If it stays empty, PowerShell will assign default value which is 0.

To configure to send warning or error message:

Write-EventLog -log Troubleshooting_Log -source FalloutApp -EntryType Warning -eventID 20 -Message "FalloutApp has been installed but with warnings. Please check the installation and verify that the application was installed correctly."
Write-EventLog -log Troubleshooting_Log -source FalloutApp -EntryType Error -eventID 30 -Message "FalloutApp was not installed. Check installation logs."

PowerShell_Custom_EventLog_Write-EventLog_Error_Message PowerShell_Custom_EventLog_Write-EventLog_Warning_Message

As you may see, creation and use of Custom Event Log is very simple and could be helpful in many occasions.