Eventcreate command in Windows
The eventcreate command allows the admin to create custom events in the specified event log. For an example of how to use this command, please see the example below.
The eventcreate command allows the admin to create custom events in the specified event log. For an example of how to use this command, please see the example below.
Eventcreate command syntax
eventcreate [/s [/u [/p ]] {[/l {APPLICATION|SYSTEM}]|[/so ]} /t {ERROR|WARNING|INFORMATION|SUCCESSAUDIT|FAILUREAUDIT} /id /d
Parameters
Parameter Description / s Specifies the name or IP address of the remote computer (do not use a backslash). The default is the local computer. / u Run the command with the user account rights specified by or. The default is the currently logged-in user rights on the computer that is issuing the command. / p Specifies the password of the user account specified in the / u parameter . / l {APPLICATION | SYSTEM} Specifies the name of the event log where the event was created. Valid login name is APPLICATION and SYSTEM. / so Specify the source to use for the event. Valid sources can be any string and must represent the application or event creation component. SUCCESSAUDIT | FAILUREAUDIT} Specify the type of event to create. Valid categories are ERROR, WARNING, INFORMATION, SUCCESSAUDIT and FAILUREAUDIT. / id Specifies the event ID number for the event. Valid ID is any number between 1 and 1000. / d Specifies the description to use for the newly created event. /? Show help at the command prompt.Note
Unable to write custom events to the security log.
For example
eventcreate /t error /id 100 /l application /d "Create event in application log" eventcreate /t information /id 1000 /so winmgmt /d "Create event in WinMgmt source" eventcreate /t error /id 2001 /so winword /l application /d "new src Winword in application log" eventcreate /s server /t error /id 100 /l application /d "Remote machine without user credentials" eventcreate /s server /u user /p password /id 100 /t error /l application /d "Remote machine with user credentials" eventcreate /s server1 /s server2 /u user /p password /id 100 /t error /so winmgmt /d "Creating events on Multiple remote machines" eventcreate /s server /u user /id 100 /t warning /so winmgmt /d "Remote machine with partial user credentials"
See more:
- Endlocal command in Windows
- Expand command in Windows
- Exit command in Windows
3.7 ★ | 23 Vote
You should read it
Maybe you are interested
The most prominent technology events in 2024
How to prevent laptop battery from charging past 80% on Windows 11
How to catch Turkey in Fisch Roblox, Fischgiving event
Code Dai Bang Chu, giftcode Dai Bang Chu latest event
Prevent text message scams with these features and tricks!
Microsoft removes a barrier preventing users from updating to Windows 11 24H2