Script Center
United States (English) Sign in
Home Library Learn Downloads Repository Community Forums Blog
This topic has not yet been rated - Rate this topic

New-WinEvent

Published: February 29, 2012

Updated: August 20, 2012

Applies To: Windows PowerShell 3.0

New-WinEvent

Creates a new Windows event for the specified event provider.

Syntax

Copy 
Parameter Set: __AllParameterSets
New-WinEvent [-ProviderName] <String> [-Id] <Int32> [[-Payload] <Object[]> ] [-Version <Byte> ] [ <CommonParameters>]


Detailed Description

The New-WinEvent cmdlet creates an Event Tracing for Windows (ETW) event for an event provider. You can use this cmdlet to add events to ETW channels from Windows PowerShell.

Parameters

-Id<Int32>

Specifies an event id that was registered through an instrumentation manifest.


Aliases

none

Required?

true

Position?

2

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-Payload<Object[]>

Specifies the message for the event. When the event is written to an event log, the payload is stored in the Message property of the event object.

When the specified payload does not match the payload in the event definition, Windows PowerShell generates a warning, but the command still succeeds.


Aliases

none

Required?

false

Position?

3

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-ProviderName<String>

Specifies the event provider that writes the event to an event log, such as "Microsoft-Windows-PowerShell". An ETW event provider is a logical entity that writes events to ETW sessions.


Aliases

none

Required?

true

Position?

1

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-Version<Byte>

Specifies the version number of the event. Type the event number. Windows PowerShell converts the number to the required Byte type.

This parameter lets you specify an event when different versions of the same event are defined.


Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

<CommonParameters>

This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see  about_CommonParameters (http://go.microsoft.com/fwlink/p/?LinkID=113216).

Inputs

The input type is the type of the objects that you can pipe to the cmdlet.

  • None

    This cmdlet does not take input from the pipeline.


Outputs

The output type is the type of the objects that the cmdlet emits.

  • None

    This cmdlet does to generate any output.


Notes

  • After the provider writes the even to an eventlog, you can use the Get-WinEvent cmdlet to get the event from the event log.

  • For information about Event Tracing for Windows, see "Improve Debugging And Performance Tuning With ETW" in MSDN Magazine at http://msdn.microsoft.com/en-us/magazine/cc163437.aspx.

Examples

Example 1

This command uses the New-WinEvent cmdlet to create event 45090 for the Microsoft-Windows-PowerShell provider.


Copy 
PS C:\> New-WinEvent -ProviderName Microsoft-Windows-PowerShell -Id 45090 -Payload @("Workflow", "Running")

Related topics



Did you find this helpful?
(1500 characters remaining)
© 2013 Microsoft
|
Site Feedback
© 2013 Microsoft. All rights reserved.