- Aug
- 2,320
- 111
TCC has the EVENTLOG command, which allows you to post messages to the Windows application log.
Here is a method to create your own personal eventlog, and also set the eventlog properties that limit the size of the event log and the age of its entries.
*** NOTE: These commands need to be done once by an Administrator, so make sure that you are in an elevated TCC prompt ***
You can call your eventlog whatever you want, I am using my initials for this example.
From the TCC prompt, issue the following command;
This creates an event log called jlc in the Application and Service Logs. To prove this, from the TCC prompt, issue the following command;
which will launch the GUI Event Viewer. On the left side, expand the Application and Service Logs, and you should see the newly created eventlog. Now, close the GUI Event Viewer.
I only want my eventlog to retain the events for 30 days, and to have a maximum size of 250mb. I do this from the TCC prompt as follows;
*** NOTE: At this point, you no longer need to be an Administrator, and be running in an elevated TCC prompt. You can write to, and query the log, as a normal user. ***
Now, let's write something to the logfile from TCC;
We could open the GUI Event Viewer, but we can also query the eventlog from the command line, as follows;
Here are a couple of TCC Aliases that I created to make reading and writing to a personal log easier;
An example use;
where
%1 jlc
%2 TCCStuff
%3 123
%4 This is a message for my event log.
An example use;
where
%1 jlc
*** NOTE: You can remove the eventlog you created with the following command from TCC;
For more information on these Powershell commands, the help can be viewed from TCC as follows;
Joe
Here is a method to create your own personal eventlog, and also set the eventlog properties that limit the size of the event log and the age of its entries.
*** NOTE: These commands need to be done once by an Administrator, so make sure that you are in an elevated TCC prompt ***
You can call your eventlog whatever you want, I am using my initials for this example.
From the TCC prompt, issue the following command;
Code:
powershell -noprofile -command New-Eventlog -logname jlc -Source TCCStuff, BOINCStuffThis creates an event log called jlc in the Application and Service Logs. To prove this, from the TCC prompt, issue the following command;
Code:
eventvwrwhich will launch the GUI Event Viewer. On the left side, expand the Application and Service Logs, and you should see the newly created eventlog. Now, close the GUI Event Viewer.
I only want my eventlog to retain the events for 30 days, and to have a maximum size of 250mb. I do this from the TCC prompt as follows;
Code:
powershell -noprofile -command Limit-Eventlog -logname jlc -retentiondays 30 -overflowaction overwriteolder -maximumsize 250mb*** NOTE: At this point, you no longer need to be an Administrator, and be running in an elevated TCC prompt. You can write to, and query the log, as a normal user. ***
Now, let's write something to the logfile from TCC;
Code:
powershell -noprofile -command Write-Eventlog -logname jlc -source TCCStuff -entrytype information -EventID 123 -Message 'Test Message'We could open the GUI Event Viewer, but we can also query the eventlog from the command line, as follows;
Code:
powershell -noprofile -command Get-Eventlog -logname jlcHere are a couple of TCC Aliases that I created to make reading and writing to a personal log easier;
Code:
alias write-eventlog=`powershell -noprofile -command Write-Eventlog -logname %1 -source %2 -entrytype information -EventID %3 -Message '%4'`An example use;
Code:
write-eventlog jlc TCCStuff 123 "This is a message for my event log"where
%1 jlc
%2 TCCStuff
%3 123
%4 This is a message for my event log.
Code:
alias read-eventlog=`powershell -noprofile -command Get-Eventlog -logname %1`An example use;
Code:
read-eventlog jlcwhere
%1 jlc
*** NOTE: You can remove the eventlog you created with the following command from TCC;
Code:
powershell -noprofile -command Remove-Log jlcFor more information on these Powershell commands, the help can be viewed from TCC as follows;
Code:
powershell -noprofile -command help write-eventlog
powershell -noprofile -command help get-eventlogJoe