Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

Write-EventLog/New-EventLog shell calls through QProcess not working



  • The idea is to write to Windows event logs through shell commands. (I'm using Windows 10)

    This simple call from the shell is working perfectly fine: New-EventLog -LogName Application -Source "Test"

    But when trying to call it by using QProcess, nothing happens. It seems like the call isn't even made.

    QString exec = "New-EventLog";
    QStringList params;
    
    params << "-LogName" << "Application";
    params << "-Source" << "Test";
    p->start(exec, params);
    p->waitForFinished();
    qDebug() << p->readAllStandardOutput();

  • Lifetime Qt Champion

    Hi and welcome to devnet,

    You should add error checking like verifying the status code and stderr.



  • @Marko-Stanke
    New-EventLog is not a runnable Windows command, e.g. try it from a Command Prompt. It's probably a PowerShell thing? So you have to invoke it that way, via PowerShell executable.

    This simple call from the shell is working perfectly fine: New-EventLog -LogName Application -Source "Test"

    And what shell would that be from?

    Personally I would not write to the Windows Event Log via a process/PowerShell. I would do it inside your own program's code. Either search for a Qt way to do it (edit I searched, there isn't), or use Windows native calls.


  • Lifetime Qt Champion



  • Thank you for the welcome. And thank you for all the useful information. I didn't know that it was a PowerShell-only thing, with all the help of you I managed to find a workaround that works.

    #ifdef _WIN32
        std::string cmd = "powershell New-EventLog -LogName Application -Source 'Test'";
        system(cmd.c_str());
    #endif
    

    I already tried searching for a solution to do it inside my own program's code, the thing is I had some issues with using <system.dll> and <mscorlib.dll>. And the things I found didn't help me much (It's probably my lack of experience).


  • Lifetime Qt Champion

    And why do you now use system() instead QProcess?



  • @Marko-Stanke
    That works. You chose to move over to system(). You could also have done this as per your original with QProcess, just make "powershell" be your exec and "New-EventLog" be the first of your params.



  • @Christian-Ehrlicher because I need to implement it in a way without providing the absolute/relative path to the Powershell.

    I'm guessing ( As I said I'm not too experienced ) that system() is reading the powershell path from the system environment variables and QProcess not.

    Is there a way to run this command through QProcess without providing the absolute/relative path?



  • @Marko-Stanke
    If you can pass powershell as the first word to system(), you should be able to pass that as the executable to your p->start(). Have you actually tried doing so?



  • @JonB Yes, it works. Not receiving any output made me think that it doesn't.
    This code should return an error as this -Source doesn't exist, but I'm receiving no output.

    QString exec = "powershell";
    QStringList params;
    
    params << "Write-EventLog";
    params << "-LogName" << "Application";
    params << "-Source" << "Test";
    p->start(exec, params);
    p->waitForFinished();
    if (!p->waitForFinished())
        qDebug() << "Error output:" << p->errorString();
    else
        qDebug() << "Output:" << p->readAll();
    

    Note: For now i'm using waitForFinished() for simplicity of representing the code.



  • @Marko-Stanke
    The "error" you are talking about is not an error running the process. It is just output it will produce. You need to fetch both p->readAllStandardOutput() and p->readAllStandardError(), it's probably in the latter.



  • @JonB that's it! Thanks, works perfect now.
    To sum up, this is the working code. "New-EventLog" is the same only with less params (LogName, Source needed only).

    p = new QProcess();
    QString exec = "powershell";
    QStringList params;
    
    params << "Write-EventLog";
    params << "-LogName" << " 'Application' ";
    params << "-Source" << " 'Test' ";
    params << "-EventID" << "3001";
    params << "-EntryType" << "Warning";
    params << "-Message" << " 'Custom message' ";
    params << "-RawData"  << "10,20";
    
    p->start(exec, params);
    p->waitForFinished();
    if (!p->waitForFinished())
        qDebug() << "Error output:" << p->readAllStandardError();
    else
        qDebug() << "Output:" << p->readAllStandardOutput();

Log in to reply