What is the minimal privilege needed to be able to create an event source in the EventLog?

[José Joye]

I know, this kind of question has already been asked. However, I could not
find an answer related to the minimal privilege required to be able to
create a new event Source in the appplication event log.

I have a service app that needs to access shares (therefore, I cannot not
start it using the System account). This service needs not to be run with
particular privilege. So, I use a account member of users' group.

Doing so will fail creating an Event source.

I know that I could pre-create this Event Source using a kind of
installation program. However, this is not a solution I like.
I would prefer to increase a bit the privilege of the user starting the
service (?to which level?)

Thanks,
José

Some code sample ...
// Create the source, if it does not already exist.
if(!EventLog.SourceExists("MySource")){
EventLog.CreateEventSource("MySource", "MyNewLog");
}

// Create an EventLog instance and assign its source.
EventLog myLog = new EventLog();
myLog.Source = "MySource";

// Write an informational entry to the event log.
myLog.WriteEntry("Writing to event log.");

 

[Peter Rilling]

I think all you need is registry write permissions. If the source as
already been defined in the registry, than you should be able to write
messages using minimal permissions.