Anybody has an idea how to clear "Applications and Services Logs" using Powershell? I can easily clear the Windows Logs using Clear-EventLog, but I can't get to clear a subfolder under "Applications and Services Logs" in Windows Event Logs.
2
votes
2 Answers
2
votes
This looks like what you need
http://gallery.technet.microsoft.com/scriptcenter/4502522b-5294-4c31-8c49-0c9e94db8df9
Update - That link has a login. Here's the script from it -
Function Global:Clear-Winevent ( $Logname ) {
<#
.SYNOPSIS
Given a specific Logname from the GET-WINEVENT Commandlet
it will clear the Contents of that log
.DESCRIPTION
Cmdlet used to clear the Windows Event logs from Windows 7
Windows Vista, Server 2008 and Server 2008 R2
.EXAMPLE
CLEAR-WINEVENT -Logname Setup
.EXAMPLE
GET-WINEVENT -Listlog * | CLEAR-WINEVENT -Logname $_.Logname
Clear all Windows Event Logs
.NOTES
This is a Cmdlet that is not presently in Powershell 2.0
although there IS a GET-WINEVENT Command to list the
Contents of the logs. You can utilize this instead of
WEVTUTIL.EXE to clear out Logs. Special thanks to Shay Levy
(@shaylevy on Twitter) for pointing out the needed code
#>
[System.Diagnostics.Eventing.Reader.EventLogSession]::GlobalSession.ClearLog("$Logname")
}
2
votes
PowerShell - optimized for performance:
Version 1:
function Clear-EventLogs-Active
{
ForEach ( $l in ( Get-WinEvent ).LogName | Sort | Get-Unique )
{
[System.Diagnostics.Eventing.Reader.EventLogSession]::GlobalSession.ClearLog("$l")
}
Clear-EventLog -LogName "System"
}
.
Version 2:
function Clear-EventLogs-All
{
ForEach ( $l in Get-WinEvent -ListLog * -Force )
{
if ( $l.RecordCount -gt 0 )
{
$ln = $l.LogName
[System.Diagnostics.Eventing.Reader.EventLogSession]::GlobalSession.ClearLog("$ln")
}
}
Clear-EventLog -LogName "System"
}
.
Both versions working on 514 logs:
Version 1 (0.3007762 seconds) - retrieves only logs containing events
Version 2 (0.7026473 seconds) - retrieves all logs, and only clears the ones with events
