问题描述
我已经搜索了我能找到的每个关键字,看看是否有 PS7 中的 cmdlet 相当于 PS5 中的 New-EventLog?
这样的东西存在吗?
解决方法
继续我的评论。举一个简单的例子,以及在 PSCore 上处理用例的粗略方法。您需要查看文档以查看此类案例的所有选项。
Get-CimInstance -ClassName Cim_OperatingSystem
# Results
<#
SystemDirectory Organization BuildNumber RegisteredUser SerialNumber Version
--------------- ------------ ----------- -------------- ------------ -------
C:\Windows\system32 19041 00329-00000-00003-AA986 10.0.19041
#>
$PSVersionTable.PSVersion
# Results
<#
Major Minor Patch PreReleaseLabel BuildLabel
----- ----- ----- --------------- ----------
7 1 3
#>
# Get some event logs,just because
(Get-WinEvent -ListLog '*' -ErrorAction SilentlyContinue).LogName |
Select-Object -First 9
# Results
<#
Windows PowerShell
System
Security
Key Management Service
Internet Explorer
HardwareEvents
Application
Windows Networking Vpn Plugin Platform/OperationalVerbose
Windows Networking Vpn Plugin Platform/Operational
#>
# Create a new event log
New-Item -Path 'HKLM:\SYSTEM\ControlSet001\Services\Eventlog' -Name 'MyEventLog' –Force
# Results
<#
Hive: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog
Name Property
---- --------
MyEventLog
#>
# Get some event logs,just because
(Get-WinEvent -ListLog '*' -ErrorAction SilentlyContinue).LogName |
Select-Object -First 9
# Results
<#
Windows PowerShell
System
Security
MyEventLog
Key Management Service
Internet Explorer
HardwareEvents
Application
Windows Networking Vpn Plugin Platform/OperationalVerbose
#>
# Write to it this way:
eventcreate /l MyEventLog /t Information /so TestWrite /id 1 /d "Test message"
# Results
<#
SUCCESS: An event of type 'Information' was created in the 'MyEventLog' log with 'TestWrite' as the source.
#>
Get-WinEvent -LogName 'MyEventLog'
# Results
<#
ProviderName: TestWrite
TimeCreated Id LevelDisplayName Message
----------- -- ---------------- -------
6/4/2021 6:12:30 PM 1 Information Test message
(Get-WinEvent -LogName 'MyEventLog').Count
1
#>
,
没有直接的等价物,因为它是旧的 Win32 API,但是有一个 New-WinEvent 可能会对您有所帮助。
示例:
New-WinEvent -ProviderName Microsoft-Windows-PowerShell -Id 45090 -Payload @("Workflow","Running")