All geek questions in one place

How to display String task category name in event log using Write-EventLog?

So, I'm trying to write to the Windows event log using Write-EventLog . I collected the CategoryMessageFile.dll file and registered it in the registry.

My script writes to the event log for the most part, but the problem is that the event does not display the category name; it displays the category message id specified in the dll.

  New-EventLog -LogName Application -Source 'test1' -CategoryResourceFile 'C: \ Windows \ Microsoft.NET \ Framework64 \ v2.0.50727 \ test.dll'

 Write-EventLog -LogName Application -Source 'test1' -EntryType Information -EventId 1 -Message "$ ($ DataSet.Tables [0] .Rows [$ i] [6])" -Category 1

I know the display is correct, because when I run

  Get-EventLog -LogName Application -Newest 3 |  Format-list

The correct category name appears in the category for events that I just logged.

This is what my mc file looked like.

 ;// Header ;// Categories MessageIdTypedef=WORD MessageId=0x1 Language=English ETLUncategorizedError . MessageId=0x2 Language=English ETLThresholdExceeded . MessageId=0x3 Language=English ETLMalformattedFile . MessageId=0x4 Language=English ETLWebInvocationFailure .

So, how do I display the name instead of the number in the event log?

+6
source share
2 answers

You are probably looking for it in the Application or System log event, and the first command you ran created a log called TEST1.

DESCRIPTION This cmdlet creates a new classic event log on a local or remote computer. It can also register an event source that writes to a new log or an existing log.

0
source

Try adding the Authenticated Users or Users group to the security level of the message folder. Keep default permissions. Then reboot or try restarting the EventLog service.

At the admin command line: net stop eventlog

You will probably be asked to turn off other services. You must enter Y to continue. Disabled services usually restart themselves, so you just need to wait a few seconds. The eventlog service may not fail because another service has rebooted, it may take several attempts to remove everything. Follow the final text for status.

0
source

Source: https://habr.com/ru/post/950584/

More articles:


All Articles