Eventcreate command in Windows
The eventcreate command allows the admin to create custom events in the specified event log. For an example of how to use this command, please see the example below.
Eventcreate command syntax
eventcreate [/s [/u [/p ]] {[/l {APPLICATION|SYSTEM}]|[/so ]} /t {ERROR|WARNING|INFORMATION|SUCCESSAUDIT|FAILUREAUDIT} /id /d
Parameters
Parameter Description / s Specifies the name or IP address of the remote computer (do not use a backslash). The default is the local computer. / u Run the command with the user account rights specified by or. The default is the currently logged-in user rights on the computer that is issuing the command. / p Specifies the password of the user account specified in the / u parameter . / l {APPLICATION | SYSTEM} Specifies the name of the event log where the event was created. Valid login name is APPLICATION and SYSTEM. / so Specify the source to use for the event. Valid sources can be any string and must represent the application or event creation component. SUCCESSAUDIT | FAILUREAUDIT} Specify the type of event to create. Valid categories are ERROR, WARNING, INFORMATION, SUCCESSAUDIT and FAILUREAUDIT. / id Specifies the event ID number for the event. Valid ID is any number between 1 and 1000. / d Specifies the description to use for the newly created event. /? Show help at the command prompt.Note
Unable to write custom events to the security log.
For example
eventcreate /t error /id 100 /l application /d "Create event in application log" eventcreate /t information /id 1000 /so winmgmt /d "Create event in WinMgmt source" eventcreate /t error /id 2001 /so winword /l application /d "new src Winword in application log" eventcreate /s server /t error /id 100 /l application /d "Remote machine without user credentials" eventcreate /s server /u user /p password /id 100 /t error /l application /d "Remote machine with user credentials" eventcreate /s server1 /s server2 /u user /p password /id 100 /t error /so winmgmt /d "Creating events on Multiple remote machines" eventcreate /s server /u user /id 100 /t warning /so winmgmt /d "Remote machine with partial user credentials"
See more:
- Endlocal command in Windows
- Expand command in Windows
- Exit command in Windows
3.7 ★ | 23 Vote
You should read it
May be interested
- Instructions for using Command Promptdeep in windows is a command-line world that is obscure. in this article, we will show you how to solve errors and make your computer more secure.
- Rd command in Windowsthe rd command helps delete a directory
- Cmd command in Windowsthe cmd command starts a new version of the command interpreter, cmd.exe. if used without parameters, cmd will display copyright information and the version of the operating system.
- How to use the command history function in Command Promptcommand prompt is an extremely familiar command for anyone using windows operating system. besides, a lot of current software also supports the command line to perform actions on the command prompt window, instead of on the screen.
- The sfc command in Windows(applies to windows server (semi-annual channel), windows server 2016, windows server 2012 r2, windows server 2012)
- Reg command copy in Windowsto copy an entry to the location specified on the local pc or the remote computer we will use the reg copy command. to learn more about how to use the reg copy command, you can track the syntax, explain the command parameters and the example tipsmake.com has compiled below.
- Fc command in Windowsthe fc command compares two files or a collection of files and displays the differences between them.
- The echo command in Windowsthe echo command displays the message or turns on / off the command repeat feature. if used without parameters, the echo command will display the current echo setting.
- Xcopy command in Windowsthe xcopy command is a command prompt command used to copy one or more files or folders from one location to another. with many options and the ability to copy entire directories, the xcopy command is similar to, but much more powerful, than the copy command.
- The cacls command in Windowsthe cacls command displays or modifies an arbitrary access control list (dacl) on the specified file. the command applies to windows server (semi-annual channel), windows server 2016, windows server 2012 r2, windows server 2012.