The case scenario is : I'm using a SSIS Script task to zip a large number of files and I want to log the 7zip errors to the Event log using System.Diagnostics. Here is the procedure I use to allow the SQL user to write to the event log.
You will need wevtutil normally found in %system32%, if not available you will have to use the registry editor.
You will need wevtutil normally found in %system32%, if not available you will have to use the registry editor.
2. determine permissions for the application log : wevtutil gl application > D:\temp\out.txt
3. open the file out.txt :
name: application enabled: true
type: Admin
owningPublisher:
isolation: Application
channelAccess: O:BAG:SYD:(A;;0xf0007;;;SY)(A;;0x7;;;BA)(A;;0x7;;;SO)(A;;0x3;;;IU)(A;;0x3;;;SU)(A;;0x3;;;S-1-5-3)(A;;0x3;;;S-1-5-33)(A;;0x1;;;S-1-5-32-573)
logging:
logFileName: %SystemRoot%\System32\Winevt\Logs\application.evtx
retention: false
autoBackup: false
maxSize: 20971520
publishing:
fileMax: 1
4. Using the Registry Editor (see original post from Beth Massi)
You can allow any authenticated user write access to your log or you can allow the specific user SID write access. Open up the registry editor to your event log CustomSD key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\MyLogName\CustomSD
To allow all authenticated users write access add the following security permission:
(A;;0x0002;;;AU)To allow a specific user write access you would specify their SID:
(A;;0x0002;;;SID-OF-USER-ACCOUNT)
5. Modify the registry using wevtutil
wevtutil sl Application /ca:<updated channel line>
Example to give read/write access to authenticated users will will use the 0x3 value:
wevtutil sl Application /ca: O:BAG:SYD:(A;;0xf0007;;;SY)(A;;0x7;;;BA)(A;;0x7;;;SO)(A;;0x3;;;IU)(A;;0x3;;;SU)(A;;0x3;;;S-1-5-3)(A;;0x3;;;S-1-5-33)(A;;0x1;;;S-1-5-32-573)(A;;0x3;;;AU)
