Export (0) Print
Expand All

New-WinEvent

Updated: May 7, 2014

Applies To: Windows PowerShell 4.0

New-WinEvent

Creates a new Windows event for the specified event provider.

Syntax

Parameter Set: __AllParameterSets
New-WinEvent [-ProviderName] <String> [-Id] <Int32> [[-Payload] <Object[]> ] [-Version <Byte> ] [ <CommonParameters>]




Detailed Description

The New-WinEvent cmdlet creates an Event Tracing for Windows (ETW) event for an event provider. You can use this cmdlet to add events to ETW channels from Windows PowerShell.

Parameters

-Id<Int32>

Specifies an event id that was registered through an instrumentation manifest.


Aliases

none

Required?

true

Position?

2

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-Payload<Object[]>

Specifies the message for the event. When the event is written to an event log, the payload is stored in the Message property of the event object.

When the specified payload does not match the payload in the event definition, Windows PowerShell generates a warning, but the command still succeeds.


Aliases

none

Required?

false

Position?

3

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-ProviderName<String>

Specifies the event provider that writes the event to an event log, such as "Microsoft-Windows-PowerShell". An ETW event provider is a logical entity that writes events to ETW sessions.


Aliases

none

Required?

true

Position?

1

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-Version<Byte>

Specifies the version number of the event. Type the event number. Windows PowerShell converts the number to the required Byte type.

This parameter lets you specify an event when different versions of the same event are defined.


Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

<CommonParameters>

This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see  about_CommonParameters (http://go.microsoft.com/fwlink/p/?LinkID=113216).

Inputs

The input type is the type of the objects that you can pipe to the cmdlet.

  • None

    This cmdlet does not take input from the pipeline.


Outputs

The output type is the type of the objects that the cmdlet emits.

  • None

    This cmdlet does to generate any output.


Notes

  • After the provider writes the even to an eventlog, you can use the Get-WinEvent cmdlet to get the event from the event log.

  • For information about Event Tracing for Windows, see "Improve Debugging And Performance Tuning With ETW" in MSDN Magazine at http://msdn.microsoft.com/en-us/magazine/cc163437.aspx.

Examples

Example 1

This command uses the New-WinEvent cmdlet to create event 45090 for the Microsoft-Windows-PowerShell provider.


PS C:\> New-WinEvent -ProviderName Microsoft-Windows-PowerShell -Id 45090 -Payload @("Workflow", "Running")

Related topics



Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft