Eventcreate command in Windows
The eventcreate command allows the admin to create custom events in the specified event log. For an example of how to use this command, please see the example below.
The eventcreate command allows the admin to create custom events in the specified event log. For an example of how to use this command, please see the example below.
Eventcreate command syntax
eventcreate [/s [/u [/p ]] {[/l {APPLICATION|SYSTEM}]|[/so ]} /t {ERROR|WARNING|INFORMATION|SUCCESSAUDIT|FAILUREAUDIT} /id /d
Parameters
Parameter Description / s Specifies the name or IP address of the remote computer (do not use a backslash). The default is the local computer. / u Run the command with the user account rights specified by or. The default is the currently logged-in user rights on the computer that is issuing the command. / p Specifies the password of the user account specified in the / u parameter . / l {APPLICATION | SYSTEM} Specifies the name of the event log where the event was created. Valid login name is APPLICATION and SYSTEM. / so Specify the source to use for the event. Valid sources can be any string and must represent the application or event creation component. SUCCESSAUDIT | FAILUREAUDIT} Specify the type of event to create. Valid categories are ERROR, WARNING, INFORMATION, SUCCESSAUDIT and FAILUREAUDIT. / id Specifies the event ID number for the event. Valid ID is any number between 1 and 1000. / d Specifies the description to use for the newly created event. /? Show help at the command prompt.Note
Unable to write custom events to the security log.
For example
eventcreate /t error /id 100 /l application /d "Create event in application log" eventcreate /t information /id 1000 /so winmgmt /d "Create event in WinMgmt source" eventcreate /t error /id 2001 /so winword /l application /d "new src Winword in application log" eventcreate /s server /t error /id 100 /l application /d "Remote machine without user credentials" eventcreate /s server /u user /p password /id 100 /t error /l application /d "Remote machine with user credentials" eventcreate /s server1 /s server2 /u user /p password /id 100 /t error /so winmgmt /d "Creating events on Multiple remote machines" eventcreate /s server /u user /id 100 /t warning /so winmgmt /d "Remote machine with partial user credentials"
See more:
- Endlocal command in Windows
- Expand command in Windows
- Exit command in Windows
3.7 ★ | 23 Vote
You should read it
Maybe you are interested
This is the culprit that prevents users from updating Windows 11 24H2
Why is the iPhone launch event time always 9:41?
How to watch Apple's iPhone 16 'It's Glowtime' event
Call of Duty prevents hacking by making real gamers invisible
Google recommends turning off 2G signals to prevent fraud
Devices announced by Google at the Made by Google 2024 event