Eventcreate command in Windows

The eventcreate command allows the admin to create custom events in the specified event log. For an example of how to use this command, please see the example below.

Eventcreate command syntax

 eventcreate [/s [/u [/p ]] {[/l {APPLICATION|SYSTEM}]|[/so ]} /t {ERROR|WARNING|INFORMATION|SUCCESSAUDIT|FAILUREAUDIT} /id /d 

Parameters

Parameter Description / s Specifies the name or IP address of the remote computer (do not use a backslash). The default is the local computer. / u Run the command with the user account rights specified by or. The default is the currently logged-in user rights on the computer that is issuing the command. / p Specifies the password of the user account specified in the / u parameter . / l {APPLICATION | SYSTEM} Specifies the name of the event log where the event was created. Valid login name is APPLICATION and SYSTEM. / so Specify the source to use for the event. Valid sources can be any string and must represent the application or event creation component. SUCCESSAUDIT | FAILUREAUDIT} Specify the type of event to create. Valid categories are ERROR, WARNING, INFORMATION, SUCCESSAUDIT and FAILUREAUDIT. / id Specifies the event ID number for the event. Valid ID is any number between 1 and 1000. / d Specifies the description to use for the newly created event. /? Show help at the command prompt.

Note

Unable to write custom events to the security log.

For example

 eventcreate /t error /id 100 /l application /d "Create event in application log" eventcreate /t information /id 1000 /so winmgmt /d "Create event in WinMgmt source" eventcreate /t error /id 2001 /so winword /l application /d "new src Winword in application log" eventcreate /s server /t error /id 100 /l application /d "Remote machine without user credentials" eventcreate /s server /u user /p password /id 100 /t error /l application /d "Remote machine with user credentials" eventcreate /s server1 /s server2 /u user /p password /id 100 /t error /so winmgmt /d "Creating events on Multiple remote machines" eventcreate /s server /u user /id 100 /t warning /so winmgmt /d "Remote machine with partial user credentials" 

See more:

  1. Endlocal command in Windows
  2. Expand command in Windows
  3. Exit command in Windows
3.7 ★ | 23 Vote

May be interested

  • Instructions for using Command PromptInstructions for using Command Prompt
    deep in windows is a command-line world that is obscure. in this article, we will show you how to solve errors and make your computer more secure.
  • Rd command in WindowsRd command in Windows
    the rd command helps delete a directory
  • Cmd command in WindowsCmd command in Windows
    the cmd command starts a new version of the command interpreter, cmd.exe. if used without parameters, cmd will display copyright information and the version of the operating system.
  • How to use the command history function in Command PromptHow to use the command history function in Command Prompt
    command prompt is an extremely familiar command for anyone using windows operating system. besides, a lot of current software also supports the command line to perform actions on the command prompt window, instead of on the screen.
  • The sfc command in WindowsThe sfc command in Windows
    (applies to windows server (semi-annual channel), windows server 2016, windows server 2012 r2, windows server 2012)
  • Reg command copy in WindowsReg command copy in Windows
    to copy an entry to the location specified on the local pc or the remote computer we will use the reg copy command. to learn more about how to use the reg copy command, you can track the syntax, explain the command parameters and the example tipsmake.com has compiled below.
  • Fc command in WindowsFc command in Windows
    the fc command compares two files or a collection of files and displays the differences between them.
  • The echo command in WindowsThe echo command in Windows
    the echo command displays the message or turns on / off the command repeat feature. if used without parameters, the echo command will display the current echo setting.
  • Xcopy command in WindowsXcopy command in Windows
    the xcopy command is a command prompt command used to copy one or more files or folders from one location to another. with many options and the ability to copy entire directories, the xcopy command is similar to, but much more powerful, than the copy command.
  • The cacls command in WindowsThe cacls command in Windows
    the cacls command displays or modifies an arbitrary access control list (dacl) on the specified file. the command applies to windows server (semi-annual channel), windows server 2016, windows server 2012 r2, windows server 2012.