You can create tasks that trigger on events, export the task to XML, and then edit the XML to include ValueQueries which provide a way of passing data directly from the XML of the event details to a script. The following example is a task that triggers when a USB device is connected. It passes the ID of the USB device and the timestamp of the actual event to a script that appends the data to a log and emails an alert out.
After importing the modified script you can make changes to the task without losing the ValueQueries. Task Scheduler doesn't provide a GUI method of managing them so they stay preserved as-is. To change them you would have to export the task again, modify the XML, and re-import it.
==============Exported Task Start======================
<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
<RegistrationInfo>
<Date>2021-05-19T01:48:53.094776</Date>
<Author>JOLETEC-ANDREW\Andrew Schott</Author>
<URI>\Event Viewer Tasks\Event 2003</URI>
</RegistrationInfo>
<Triggers>
<EventTrigger>
<Enabled>true</Enabled>
<Subscription><QueryList><Query Id="0" Path="Microsoft-Windows-DriverFrameworks-UserMode/Operational"><Select Path="Microsoft-Windows-DriverFrameworks-UserMode/Operational">*[System[Provider[@Name='Microsoft-Windows-DriverFrameworks-UserMode'] and EventID=2003]]</Select></Query></QueryList></Subscription>
<ValueQueries>
<Value name="InstanceId">Event/UserData/UMDFHostDeviceArrivalBegin/InstanceId</Value>
<Value name="TimeCreated">Event/System/TimeCreated/@SystemTime</Value>
</ValueQueries>
</EventTrigger>
</Triggers>
<Principals>
<Principal id="Author">
<UserId>S-1-5-21-2815328991-3959844506-1406902928-1001</UserId>
<LogonType>InteractiveToken</LogonType>
<RunLevel>LeastPrivilege</RunLevel>
</Principal>
</Principals>
<Settings>
<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
<DisallowStartIfOnBatteries>true</DisallowStartIfOnBatteries>
<StopIfGoingOnBatteries>true</StopIfGoingOnBatteries>
<AllowHardTerminate>true</AllowHardTerminate>
<StartWhenAvailable>false</StartWhenAvailable>
<RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>
<IdleSettings>
<StopOnIdleEnd>true</StopOnIdleEnd>
<RestartOnIdle>false</RestartOnIdle>
</IdleSettings>
<AllowStartOnDemand>true</AllowStartOnDemand>
<Enabled>true</Enabled>
<Hidden>false</Hidden>
<RunOnlyIfIdle>false</RunOnlyIfIdle>
<WakeToRun>false</WakeToRun>
<ExecutionTimeLimit>PT72H</ExecutionTimeLimit>
<Priority>7</Priority>
</Settings>
<Actions Context="Author">
<Exec>
<Command>C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe</Command>
<Arguments>-Command "C:\PowerShellScript.ps1" '$(InstanceId)' '$(TimeCreated)'</Arguments>
</Exec>
</Actions>
</Task>
==============Exported Task End======================
==============Powershell Script Start======================
filter timestamp {"$(Get-Date -Format G): $_"}
$value = "$env:USERNAME - USB Connected - $args" | timestamp
Add-Content -Path "C:\Users\Andrew Schott\Desktop\Alert.log" -Value $value
Send-MailMessage -To 'andrew@joletec.com','dylan@joletec.com' -From 'alert@frankenmuthpd.com' -SmtpServer 'iis.joletec.com' -Subject 'FPD USB Alert' -Body $value -Attachments 'C:\Alert.log'
==============Powershell Script End======================