ASP.Net 3.5 running under IIS 7 doesn't seem to allow this out of the box.

        if (!EventLog.SourceExists("MyAppLog"))
            EventLog.CreateEventSource("MyAppLog", "Application");

        EventLog myLog = new EventLog();
        myLog.Source = "MyAppLog";
        myLog.WriteEntry("Message");

This is part of windows security since windows 2003.

You need to create an entry in the registry under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application Make sure that network service or the account you impersonate has permission to this registry key.

@CheGueVerra's link: Requested Registry Access Is Not Allowed

I've copied this answer from here (the question was Log4Net but the answer still applies). The technet link misses a vital step.

Create a registry key

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\MY-AWESOME-APP

Create a string value inside this

Name it EventMessageFile, set its value to

C:\Windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll

That path appears to work in both 64 bit and 32 bit environments.

With this technique you don't need to set permissions in the registry, and once the key above is created it should just work.

Alternatively
If you don't have a large server farm but just a small "web garden" you could run a console application on each server that creates the event log source using EventLog.CreateEventSource, make sure the console application is run by an administrator.

Right click the application and choose "Run as Administrator"