How To Delete Event Logs Windows Server 2008 R2

In some cases information technology is necessary to delete all entries from Windows issue logs on a figurer or a server. Of form, you can clear the system logs from the Effect Viewer panel GUI—Eventvwr.msc (right-click the log you would similar to clear and select Clear Log). However, starting with Vista, Windows has been using several dozens of logs for different system components, and it is time-consuming to manually articulate all of them in the Event Viewer. It is much easier to clear logs from the command prompt: using PowerShell or the born console tool wevtutil.

Contents:

• Clearing Event Logs With PowerShell
• Immigration the Logs Using the console tool WevtUtil.exe

Clearing Event Logs With PowerShell

If y'all have PowerShell 3 installed (by default, information technology is installed in Windows 8 / Windows Server and higher), you can use Go-EventLog and Articulate-EventLog cmdlets to get the list of event logs and clear them.

Start the PowerShell console with the ambassador privileges and using the post-obit command brandish the list of all standard issue logs in the system with the maximum size and the number of events.

Get-EventLog –LogName *

To clear all entries from the specific event log (for example, System log), employ this command:

Clear-EventLog –LogName Organisation

As a result, all events of this log volition be deleted, and there will be only i effect with the EventId 104 and the message "The System log file was cleared ".

To clear all event logs, you have to redirect the log names to the pipeline, but unfortunately, information technology is forbidden. And so, we will have to use the ForEach cycle:

Go-EventLog -LogName * | ForEach { Clear-EventLog $_.Log }

Thus, all standard event logs will be cleared.

Clearing the Logs Using the console tool WevtUtil.exe

To work with the events, for a long fourth dimension in Windows there have been a powerful command prompt utility WevtUtil.exe. Its syntax is a scrap complicated for the first sight. Here, for instance, that returns help of utilities:

To display the list of the logs registered in the organisation, run this command:

WevtUtil enum-logs
or its shorter version:

WevtUtil el

Quite an impressive list of logs will exist displayed on the screen.

Annotation. Yous can count how many logs there are using the following command: WevtUtil el |Measure-Object. In my case there were one,053 different logs in Windows 10.

Yous can get a detailed information on the specific log:

WevtUtil gl Setup

Hither is how you clear the events in the specific log:

WevtUtil cl Setup

Before you clear the events, you can backup them by relieve to a file:

WevtUtil cl Setup /bu:SetupLog_Bak.evtx

To clear all logs at once, you tin use Get-WinEvent PowerShell cmdlet to get all log objects and Wevtutil.exe to articulate them:

Become-WinEvent -ListLog * -Force | % { Wevtutil.exe cl $_.LogName }

or

Wevtutil el | ForEach { wevtutil cl "$_"}

Note. In our case, I was not able to clear three logs due to the admission mistake. It's worth to try and clear them using the Effect Viewer.

Y'all tin can clear the logs using the standard command prompt as well:

for /F "tokens=*" %1 in ('wevtutil.exe el') Exercise wevtutil.exe cl "%1"

Source: http://woshub.com/how-to-clear-windows-event-logs-using-powershell-or-wevtutil/

Posted by: gardnersuchibiant.blogspot.com

Share this post