How to: Write to an Application Event Log (Visual Basic)

You can use the My.Application.Log and My.Log objects to write information about events that occur in your application. This example shows how to configure an event log listener so My.Application.Log writes tracing information to the Application event log.

You cannot write to the Security log. In order to write to the System log, you must be a member of the LocalSystem or Administrator account.

To view an event log, you can use Server Explorer or Windows Event Viewer. For more information, see ETW Events in the .NET Framework.

To add and configure the event log listener

Right-click app.config in Solution Explorer and choose Open.

If there is no app.config file,

On the Project menu, choose Add New Item.

From the Add New Item dialog box, choose Application Configuration File.

Click Add.

Locate the
section in the application configuration file.

You will find the
section in the section with the name attribute «DefaultSource», which is nested under the section, which is nested under the top-level section.

Add this element to that
section:

Locate the section, in the section, in the top-level section.

Add this element to that section:

Replace APPLICATION_NAME with the name of your application.

New-Event Log

Creates a new event log and a new event source on a local or remote computer.

Syntax

Description

This cmdlet creates a new classic event log on a local or remote computer. It can also register an event source that writes to the new log or to an existing log.

The cmdlets that contain the EventLog noun (the Event log cmdlets) work only on classic event logs. To get events from logs that use the Windows Event Log technology in Windows Vista and later versions of Windows, use Get-WinEvent .

Examples

Example 1 — create a new event log

This command creates the TestLog event log on the local computer and registers a new source for it.

Example 2 — add a new event source to an existing log

This command adds a new event source, NewTestApp, to the Application log on the Server01 remote computer.

The command requires that the NewTestApp.dll file is located on the Server01 computer.

Parameters

Specifies the path to the file that contains category strings for the source events. This file is also known as the Category Message File.

The file must be present on the computer on which the event log is being created. This parameter does not create or move files.

Type:	String
Aliases:	CRF
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Creates the new event logs on the specified computers. The default is the local computer.

The NetBIOS name, IP address, or fully qualified domain name of a remote computer. To specify the local computer, type the computer name, a dot (.), or «localhost».

This parameter does not rely on PowerShell remoting. You can use the ComputerName parameter of Get-EventLog even if your computer is not configured to run remote commands.

Type:	String [ ]
Aliases:	CN
Position:	3
Default value:	Local computer
Accept pipeline input:	False
Accept wildcard characters:	False

Specifies the name of the event log.

If the log does not exist, New-EventLog creates the log and uses this value for the Log and LogDisplayName properties of the new event log. If the log exists, New-EventLog registers a new source for the event log.

Type:	String
Aliases:	LN
Position:	1
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Specifies the path to the file that contains message formatting strings for the source events. This file is also known as the Event Message File.

The file must be present on the computer on which the event log is being created. This parameter does not create or move files.

Type:	String
Aliases:	MRF
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Specifies the path to the file that contains strings used for parameter substitutions in event descriptions. This file is also known as the Parameter Message File.

The file must be present on the computer on which the event log is being created. This parameter does not create or move files.

Type:	String
Aliases:	PRF
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Specifies the names of the event log sources, such as application programs that write to the event log. This parameter is required.

Type:	String [ ]
Aliases:	SRC
Position:	2
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Inputs

None

You cannot pipe input to this cmdlet.

Outputs

Notes

To use New-EventLog on Windows Vista and later versions of Windows, open PowerShell with the «Run as administrator» option.

To create an event source in Windows Vista, Windows XP Professional, or Windows Server 2003, you must be a member of the Administrators group on the computer.

When you create a new event log and a new event source, the system registers the new source for the new log, but the log is not created until the first entry is written to it.

The operating system stores event logs as files.

When you create a new event log, the associated file is stored in the $env:SystemRoot\System32\Config directory on the specified computer.

The file name is the first eight characters of the Log property with an .evt file name extension.

Write/Read to Windows Event Log [closed]

Want to improve this question? Update the question so it’s on-topic for Stack Overflow.

Closed 3 years ago .

Is there an easy way to write to and read from the windows event log in VBA?

1 Answer 1

Yes, using the standard API calls. See HOWTO: Write to the Windows NT Event Log from Visual Basic This is fairly old but should get you started.

Note, however, that this code uses a default source. (Run the event log to see what I mean by source.) I haven’t run tihs code in Access so I don’t know what the default source is for Access. In VB6 thuogh it was something generic with VB 6 runtime or some such. If you visit the thread ReportEvent and MessageDLL problem Options it states you need to run an install program with admin privileges to add your app name and path to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\ So this could get even more complex when it comes to getting a distinguishable source in the event log.

Not the answer you’re looking for? Browse other questions tagged api vba event-log or ask your own question.

Related

Hot Network Questions

site design / logo © 2021 Stack Exchange Inc; user contributions licensed under cc by-sa. rev 2021.4.16.39093

By clicking “Accept all cookies”, you agree Stack Exchange can store cookies on your device and disclose information in accordance with our Cookie Policy.

Write-Event Log

Writes an event to an event log.

Syntax

Description

The Write-EventLog cmdlet writes an event to an event log.

To write an event to an event log, the event log must exist on the computer and the source must be registered for the event log.

The cmdlets that contain the EventLog noun (the EventLog cmdlets) work only on classic event logs. To get events from logs that use the Windows Event Log technology in Windows Vista and later versions of the Windows operating system, use the Get-WinEvent cmdlet.

Examples

Example 1: Write an event to the Application event log

This command writes an event from the MyApp source to the Application event log.

Example 2: Write an event to the Application event log of a remote computer

This command writes an event from the MyApp source to the Application event log on the Server01 remote computer.

Parameters

Specifies a task category for the event. Enter an integer that is associated with the strings in the category message file for the event log.

Type:	Int16
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Specifies a remote computer. The default is the local computer.

Type the NetBIOS name, an IP address, or a fully qualified domain name of a remote computer.

This parameter does not rely on Windows PowerShell remoting. You can use the ComputerName parameter of the Get-EventLog cmdlet even if your computer is not configured to run remote commands.

Type:	String
Aliases:	CN
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Specifies the entry type of the event. The acceptable values for this parameter are: Error, Warning, Information, SuccessAudit, and FailureAudit. The default value is Information.

For a description of the values, see EventLogEntryType Enumeration.

Type:	EventLogEntryType
Aliases:	ET
Accepted values:	Error, Information, FailureAudit, SuccessAudit, Warning
Position:	3
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Specifies the event identifier. This parameter is required. The maximum value for the EventId parameter is 65535.

Type:	Int32
Aliases:	ID, EID
Position:	2
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Specifies the name of the log to which the event is written. Enter the log name. The log name is the value of the Log property, not the LogDisplayName. Wildcard characters are not permitted. This parameter is required.

Type:	String
Aliases:	LN
Position:	0
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Specifies the event message. This parameter is required.

Type:	String
Aliases:	MSG
Position:	4
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Specifies the binary data that is associated with the event, in bytes.

Type:	Byte [ ]
Aliases:	RD
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Specifies the event source, which is typically the name of the application that is writing the event to the log.

Type:	String
Aliases:	SRC
Position:	1
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Inputs

None

You cannot pipe input to this cmdlet.

Outputs

This cmdlet returns objects that represents the events in the logs.

Notes

For some Windows event logs, writing events requires administrator rights. You must start PowerShell using the Run as Administrator option.

Write to Windows event log

Write script status to the Windows Event Log

Contents

AutoHotkey [ edit ]

AWK [ edit ]

Batch File [ edit ]

The «EventCreate» command does the task.

If you do not want the command to display its result or errors.

NOTE: This will (. or might) not work if you do not have administrator privileges.

BBC BASIC [ edit ]

Writes to the Application Log:

C [ edit ]

The following is a wrapper on the EventCreate utility provided in Windows. Note that to use this wrapper, the code must be executed from a console/IDE running as Administrator. The utility itself does extensive error-checking and validation, so apart from the check that 5 arguments have been supplied, no other validations or checks are performed.

Invocation and output on console :

Microsoft does provide an C/C++ API for EventCreate, but as with everything Microsoft, it’s so wonderfully convoluted, that I will just give a link to the ReportEvent example.

C# [ edit ]

In Windows Vista and later or Windows Server 2003, you must have administrative privileges to execute this code.

C++ [ edit ]

Clojure [ edit ]

D [ edit ]

Delphi [ edit ]

F# [ edit ]

Bare bone writing to the Application Eventlog giving no event-ID and using the default event type (information.)

Go [ edit ]

This works on Windows 10 with administrative privileges.

Java [ edit ]

Julia [ edit ]

Run as an administrator.

Kotlin [ edit ]

The following works on Windows 10 with administrative privileges:

Lingo [ edit ]

Perl [ edit ]

The Win32::EventLog module has the Report method to write in the EventLog

Phix [ edit ]

PicoLisp [ edit ]

PicoLisp doesn’t run on Windows. In case of Linux, the equivalent of the event log is the syslog. It can be written with ‘native’ C functions, or simply with the ‘logger’ utility:

PowerShell [ edit ]

Note1: Thanks to PoSH Fan for posting information that got me started on this at Windows PowerShell Blog
Note2: See details on registering a new Event Source with Windows at MSDN

Source and event log existing [ edit ]

New event log [ edit ]

PureBasic [ edit ]

Python [ edit ]

Racket [ edit ]

Racket’s logging facility creates windows events when running on Windows.

Raku [ edit ]

(formerly Perl 6)

There is not yet (that I am aware of) a native interface to the Windows logging functions, but Raku can shell out and run a console command just as easily as most of these other languages. It does have a native interface to the syslog functions under POSIX environments though.

(Same caveats as the others, needs to be run as administrator or with elevated privileges under Windows.)

REXX [ edit ]

This was executed on a (Microsoft) Windows/XP PRO system.