Solved

Script to delete event viewer logs?

Posted on 2007-11-15
8
4,590 Views
Last Modified: 2010-04-21
Greetings All,

I am currently in charge of 9 servers.  I review the event logs at least 3-4 times a week. My question is this. Does anyone know of a script or tool that will delete all logs from the viewer at one time? We only save serious errors to review later. So I delete the "garbage" after I review them. It isn't a big pain clearing each one manually, but if I could save a few minutes here and there it would help me out.
Thanks for any input you may be able to provide.

Tom
0
Comment
Question by:alank2
  • 3
  • 3
  • 2
8 Comments
 
LVL 11

Expert Comment

by:bsharath
ID: 20290390
Here is a script that will backup the evenlog and clear
strComputer = "machinename"
Set objWMIService = GetObject("winmgmts:" _
 & "{impersonationLevel=impersonate,(Backup)}!\\" & _
 strComputer & "\root\cimv2")
Set colLogFiles = objWMIService.ExecQuery _
 ("SELECT * FROM Win32_NTEventLogFile WHERE LogFileName='Application'")
For Each objLogfile in colLogFiles
 errBackupLog = objLogFile.BackupEventLog("c:\application.evt")
 If errBackupLog <> 0 Then
 Wscript.Echo "The Application event log could not be backed up."
 Else
 objLogFile.ClearEventLog()
 End If
Next

0
 

Author Comment

by:alank2
ID: 20291766
I don't want to backup all the logs - just delete them. We only backup serious event log errors.
0
 
LVL 31

Expert Comment

by:James Murrell
ID: 20292427
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 31

Expert Comment

by:James Murrell
ID: 20292446

Here is a script that will backup the evenlog and clear
strComputer = "machinename"
Set objWMIService = GetObject("winmgmts:" _
 & "{impersonationLevel=impersonate,(Backup)}!\\" & _
 strComputer & "\root\cimv2")
Set colLogFiles = objWMIService.ExecQuery _
 ("SELECT * FROM Win32_NTEventLogFile WHERE LogFileName='Application'")
For Each objLogfile in colLogFiles
 objLogFile.ClearEventLog()
Next

Open in new window

0
 
LVL 11

Accepted Solution

by:
bsharath earned 500 total points
ID: 20294323
You need to make two .bat files.

EvtBackup.bat   = This will make backup of Event Logs (Johnb6767 code)
ClearEvents.bat = This will clear Events

Both scripts will use C:\PCNames.txt file where all computer names should be mentioned.
You will have to run both scripts individually. First Run EvtBackup.bat then ClearEvents.bat

:: --- script start ---
@Echo Off
C:
CD\
MD "EVT Backups"
COPY /Y C:\Windows\System32\Config\*.evt "C:\EVT Backups\"
Exit
:: --- script End ---

Copy & Paste above code in notepad.exe and save it with 'EvtBackup.bat'
From command line run following command

Example:
C:\>PSExec @C:\pcnames.txt -d -c evtbackup.bat [enter]

:: --- script start ---
@Echo Off
PsLogList -c "Application"    @C:\pcnames.txt
PsLogList -c "Security"         @C:\pcnames.txt  
PsLogList -c "System"         @C:\pcnames.txt
Exit
:: --- script End ---

Copy & Paste above code in notepad.exe and save it with 'ClearEvents.bat'
From command line run following command

Example:
C:\>ClearEvents.bat [enter]

It will work perfectly.
Skip which ever you want
0
 

Author Closing Comment

by:alank2
ID: 31409363
Thanks, that was exactly what I was looking for.
0
 

Author Comment

by:alank2
ID: 20297815
cs97jjm3,

I had found that Microsoft article previously. It was a little more than what I needed. But thank you for providing a possible answer for this.
0
 
LVL 31

Expert Comment

by:James Murrell
ID: 20297854
NO worries soryy i could not offer more
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The ECB site provides FX rates for major currencies since its inception in 1999 in the form of an XML feed. The files have the following format (reducted for brevity) (CODE) There are three files available HERE (http://www.ecb.europa.eu/stats/exch…
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question