Solved

Script to delete event viewer logs?

Posted on 2007-11-15
8
4,601 Views
Last Modified: 2010-04-21
Greetings All,

I am currently in charge of 9 servers.  I review the event logs at least 3-4 times a week. My question is this. Does anyone know of a script or tool that will delete all logs from the viewer at one time? We only save serious errors to review later. So I delete the "garbage" after I review them. It isn't a big pain clearing each one manually, but if I could save a few minutes here and there it would help me out.
Thanks for any input you may be able to provide.

Tom
0
Comment
Question by:alank2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 11

Expert Comment

by:bsharath
ID: 20290390
Here is a script that will backup the evenlog and clear
strComputer = "machinename"
Set objWMIService = GetObject("winmgmts:" _
 & "{impersonationLevel=impersonate,(Backup)}!\\" & _
 strComputer & "\root\cimv2")
Set colLogFiles = objWMIService.ExecQuery _
 ("SELECT * FROM Win32_NTEventLogFile WHERE LogFileName='Application'")
For Each objLogfile in colLogFiles
 errBackupLog = objLogFile.BackupEventLog("c:\application.evt")
 If errBackupLog <> 0 Then
 Wscript.Echo "The Application event log could not be backed up."
 Else
 objLogFile.ClearEventLog()
 End If
Next

0
 

Author Comment

by:alank2
ID: 20291766
I don't want to backup all the logs - just delete them. We only backup serious event log errors.
0
 
LVL 31

Expert Comment

by:James Murrell
ID: 20292427
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 31

Expert Comment

by:James Murrell
ID: 20292446

Here is a script that will backup the evenlog and clear
strComputer = "machinename"
Set objWMIService = GetObject("winmgmts:" _
 & "{impersonationLevel=impersonate,(Backup)}!\\" & _
 strComputer & "\root\cimv2")
Set colLogFiles = objWMIService.ExecQuery _
 ("SELECT * FROM Win32_NTEventLogFile WHERE LogFileName='Application'")
For Each objLogfile in colLogFiles
 objLogFile.ClearEventLog()
Next

Open in new window

0
 
LVL 11

Accepted Solution

by:
bsharath earned 500 total points
ID: 20294323
You need to make two .bat files.

EvtBackup.bat   = This will make backup of Event Logs (Johnb6767 code)
ClearEvents.bat = This will clear Events

Both scripts will use C:\PCNames.txt file where all computer names should be mentioned.
You will have to run both scripts individually. First Run EvtBackup.bat then ClearEvents.bat

:: --- script start ---
@Echo Off
C:
CD\
MD "EVT Backups"
COPY /Y C:\Windows\System32\Config\*.evt "C:\EVT Backups\"
Exit
:: --- script End ---

Copy & Paste above code in notepad.exe and save it with 'EvtBackup.bat'
From command line run following command

Example:
C:\>PSExec @C:\pcnames.txt -d -c evtbackup.bat [enter]

:: --- script start ---
@Echo Off
PsLogList -c "Application"    @C:\pcnames.txt
PsLogList -c "Security"         @C:\pcnames.txt  
PsLogList -c "System"         @C:\pcnames.txt
Exit
:: --- script End ---

Copy & Paste above code in notepad.exe and save it with 'ClearEvents.bat'
From command line run following command

Example:
C:\>ClearEvents.bat [enter]

It will work perfectly.
Skip which ever you want
0
 

Author Closing Comment

by:alank2
ID: 31409363
Thanks, that was exactly what I was looking for.
0
 

Author Comment

by:alank2
ID: 20297815
cs97jjm3,

I had found that Microsoft article previously. It was a little more than what I needed. But thank you for providing a possible answer for this.
0
 
LVL 31

Expert Comment

by:James Murrell
ID: 20297854
NO worries soryy i could not offer more
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
Learn about cloud computing and its benefits for small business owners.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question