Export (0) Print
Expand All

New-WinEvent

New-WinEvent

Creates an ETW event for the specified event provider.

Syntax

Parameter Set: __AllParameterSets
New-WinEvent [-ProviderName] <String> [-Id] <Int32> [[-Payload] <Object[]> ] [-Version <Byte> ] [ <CommonParameters>]




Detailed Description

The New-WinEvent cmdlet creates an Event Tracing for Windows (ETW) event for an event provider. You can use this cmdlet to add events to ETW channels from Windows PowerShell.

Parameters

-Id<Int32>

Specifies an event ID that was registered through an instrumentation manifest.


Aliases

none

Required?

true

Position?

2

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-Payload<Object[]>

Specifies the message for the event. When the event is written to an event log, the payload is stored in the Message property of the event object.

When the specified payload does not match the payload in the event definition, Windows PowerShell generates a warning, but the command still succeeds.


Aliases

none

Required?

false

Position?

3

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-ProviderName<String>

Specifies the event provider that writes the event to an event log, such as Microsoft-Windows-PowerShell. An ETW event provider is a logical entity that writes events to ETW sessions.


Aliases

none

Required?

true

Position?

1

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-Version<Byte>

Specifies the version number of the event. Type the event number. Windows PowerShell converts the number to the required Byte type.

This parameter lets you specify an event when different versions of the same event are defined.


Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

<CommonParameters>

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see    about_CommonParameters.

Inputs

The input type is the type of the objects that you can pipe to the cmdlet.

  • None

    You cannot pipe input to this cmdlet.


Outputs

The output type is the type of the objects that the cmdlet emits.

  • None

    This cmdlet does not generate any output.


Notes

Examples

Example 1: Create an ETW event for a specified provider

This command uses the New-WinEvent cmdlet to create event 45090 for the Microsoft-Windows-PowerShell provider.


PS C:\> New-WinEvent -ProviderName Microsoft-Windows-PowerShell -Id 45090 -Payload @("Workflow", "Running")

Related topics

Community Additions

ADD
Show:
© 2016 Microsoft