These are very simple PowerShell commands to create/view/delete your own Event Source under Windows Log. With the help of custom "Source", you can send your events in your own source instead of clubbing with System log entries.
Introduction
PowerShell commands can be used to Create/View/Delete your own Event Source/Event Log Name under Windows Log. With the help of custom "Source", you can write your events in your own source instead of clubbing with System defined sources. You can have multiple Sources under an Event Log Name and Event Log Name works as wrapper to accommodate similar type of source logging at one place.
Background
In order to use this, you must have Admin Access on your system or server where you will implement this.
Using the Code
Below are a set of PowerShell commands to Create/View/Delete Event Source/Event Log Name:
1. New-EventLog -LogName {your own log name} -Source {your own source name}
2. Get-EventLog -List
3. Remove-EventLog -Source {your own source name}
4. Remove-EventLog -LogName {your own log name}
Let's start with the implementation part:
#1: First to Create New Event Source
Just type New-EventLog -LogName MyTestLogName -Source MyTestSourceName on PowerShell command prompt and press enter as below:
You will not get any success message after creation, but you can visit Event Viewer to see new log name "MyTestLogName" under "Application and Services Logs" as below:
You can have multiple Sources under one Log Name, Log Name is just a wrapper like below:
If you do not have Admin Access, you will get the below error while creating a new source:
If Source already exists in your system, it will not allow you to create new and throw the below error:
#2: Let's Move on to Second Command to Get List of All Sources Which You Have in Your System Inclusive Your Own Created Ones
Instead of visiting to Event Viewer to check newly created your own new source (shared in above section), you can just hit Get-EventLog -List command in PowerShell to get a complete list as below:
It's very simple to verify your source got created or not instantly using command prompt.
#3. Now Move On to Removal Source
If you will use Remove-EventLog -Source {your own source name}, it will just remove your Source, Log name will remain there. As you can have multiple Sources under same Log Name, that's why you can simply delete Source does not mean it will remove your Log Name as well.
See below, I have removed just Source, but Log Name is still there. Log Name is just a kind of wrapper:
#4. Last Command to Remove Log Name
You can remove your Log Name by using Remove-Eventlog -Logname {your own log name} Command. See below. This will remove your wrapper along all sources underneath.
Thanks for reading!
Points of Interest
This helps in logging your custom error from your application written in C#.
History
- 2nd June, 2020: Version 1.0
This member has not yet provided a Biography. Assume it's interesting and varied, and probably something to do with programming.
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
