How to write Windows event logs in PowerShell 7+

Martin Thomas 6 Reputation points
2021-10-17T16:07:46.207+00:00

Hi,

I'm currently working on rewriting a number of old scripts and I'm taking the opportunity to write them under PS7. I've come to a hard stop when I could not find how to migrate the old logging code that is writing to the event logs.

As *-EventLog cmdlets who rely on unsupported APIs are now deprecated. I'm looking into using newer and supported methods to write to the event log.

Unfortunately, I've been unable to find a relatively direct replacement of a simple usage such as this:

"Write-EventLog -LogName $LogName -Source $Source -EntryType $EntryType -EventId $EventID -Message $Message"

Can anyone share a source of information on "writing event logs for dummies"? :)

Thanks!

Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,359 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Rich Matheisen 44,776 Reputation points
    2021-10-17T18:32:35.203+00:00

    This might point you in the right direction:
    how-to-write-a-custom-event-log-by-an-already-existing-provider-with-powershell

    But I don't think that the New-WinEvent is what you're looking for. The description for that cmdlet says:

    The New-WinEvent cmdlet creates an Event Tracing for Windows (ETW) event for an event provider. You can use this cmdlet to add events to ETW channels from PowerShell.

    PowerShell 7 is a cross-platform version of PowerShell. There are still many things it doesn't do that version 5 does, and things it does differently to version 5. Unless you have a need (not just curiosity) to use version 7 I'd stick with version 5.