If you want to write to the Server's Event log from ASP.NET you'll first need to tweak some security settings. The first change is easy, however the second took me a while to find.

Step One:

Grant "Full Control" to the "IIS_WPG" group to the following registry key:

HKLM\SYSTEM\CurrentControlSet\Services\EventLog

Step Two:

One of the security restrictions added to IIS 6 under Windows Server 2003 was much tighter ACLs (Access Control Lists) on the event logs. This restricts what accounts can read and write to the logs (application, system & security). To overcome this you'll need to add the following value. Incase you're worried what security hole I'm opening up for you there's a breakdown of what it means at the end of the post.

(A;;0x0002;;;AU)

Add the above value to the end of the existing "CustomSD" value found at following path (pick relevant one):

HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
HKLM\SYSTEM\CurrentControlSet\Services\EventLog\System
HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Security

So mine went from:

O:BAG:SYD:(D;;0xf0007;;;AN)(D;;0xf0007;;;BG)(A;;0xf0007;;;SY)(A;;0x7;;;BA)(A;;0x7;;;SO)(A;;0x3;;;IU)(A;;0x3;;;SU)(A;;0x3;;;S-1-5-3)

to: (scroll to all the way to the right to see the change in bold):

O:BAG:SYD:(D;;0xf0007;;;AN)(D;;0xf0007;;;BG)(A;;0xf0007;;;SY)(A;;0x7;;;BA)(A;;0x7;;;SO)(A;;0x3;;;IU)(A;;0x3;;;SU)(A;;0x3;;;S-1-5-3)(A;;0x0002;;;AU)

The value being added is written in Security Descriptor Definition Language (SDDL) and is as follows:

• A = Access allowed.
• ;; = token delimiter (don't know why there's two of them?)
• 0x0002 = Permission to write log files.
• ;;; = token delimiter (again - don't know why there's three of them?)
• AU = Authenticated Users.