Solved

Script to delete event viewer logs?

Posted on 2007-11-15
8
4,595 Views
Last Modified: 2010-04-21
Greetings All,

I am currently in charge of 9 servers.  I review the event logs at least 3-4 times a week. My question is this. Does anyone know of a script or tool that will delete all logs from the viewer at one time? We only save serious errors to review later. So I delete the "garbage" after I review them. It isn't a big pain clearing each one manually, but if I could save a few minutes here and there it would help me out.
Thanks for any input you may be able to provide.

Tom
0
Comment
Question by:alank2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 11

Expert Comment

by:bsharath
ID: 20290390
Here is a script that will backup the evenlog and clear
strComputer = "machinename"
Set objWMIService = GetObject("winmgmts:" _
 & "{impersonationLevel=impersonate,(Backup)}!\\" & _
 strComputer & "\root\cimv2")
Set colLogFiles = objWMIService.ExecQuery _
 ("SELECT * FROM Win32_NTEventLogFile WHERE LogFileName='Application'")
For Each objLogfile in colLogFiles
 errBackupLog = objLogFile.BackupEventLog("c:\application.evt")
 If errBackupLog <> 0 Then
 Wscript.Echo "The Application event log could not be backed up."
 Else
 objLogFile.ClearEventLog()
 End If
Next

0
 

Author Comment

by:alank2
ID: 20291766
I don't want to backup all the logs - just delete them. We only backup serious event log errors.
0
 
LVL 31

Expert Comment

by:James Murrell
ID: 20292427
0
Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

 
LVL 31

Expert Comment

by:James Murrell
ID: 20292446

Here is a script that will backup the evenlog and clear
strComputer = "machinename"
Set objWMIService = GetObject("winmgmts:" _
 & "{impersonationLevel=impersonate,(Backup)}!\\" & _
 strComputer & "\root\cimv2")
Set colLogFiles = objWMIService.ExecQuery _
 ("SELECT * FROM Win32_NTEventLogFile WHERE LogFileName='Application'")
For Each objLogfile in colLogFiles
 objLogFile.ClearEventLog()
Next

Open in new window

0
 
LVL 11

Accepted Solution

by:
bsharath earned 500 total points
ID: 20294323
You need to make two .bat files.

EvtBackup.bat   = This will make backup of Event Logs (Johnb6767 code)
ClearEvents.bat = This will clear Events

Both scripts will use C:\PCNames.txt file where all computer names should be mentioned.
You will have to run both scripts individually. First Run EvtBackup.bat then ClearEvents.bat

:: --- script start ---
@Echo Off
C:
CD\
MD "EVT Backups"
COPY /Y C:\Windows\System32\Config\*.evt "C:\EVT Backups\"
Exit
:: --- script End ---

Copy & Paste above code in notepad.exe and save it with 'EvtBackup.bat'
From command line run following command

Example:
C:\>PSExec @C:\pcnames.txt -d -c evtbackup.bat [enter]

:: --- script start ---
@Echo Off
PsLogList -c "Application"    @C:\pcnames.txt
PsLogList -c "Security"         @C:\pcnames.txt  
PsLogList -c "System"         @C:\pcnames.txt
Exit
:: --- script End ---

Copy & Paste above code in notepad.exe and save it with 'ClearEvents.bat'
From command line run following command

Example:
C:\>ClearEvents.bat [enter]

It will work perfectly.
Skip which ever you want
0
 

Author Closing Comment

by:alank2
ID: 31409363
Thanks, that was exactly what I was looking for.
0
 

Author Comment

by:alank2
ID: 20297815
cs97jjm3,

I had found that Microsoft article previously. It was a little more than what I needed. But thank you for providing a possible answer for this.
0
 
LVL 31

Expert Comment

by:James Murrell
ID: 20297854
NO worries soryy i could not offer more
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Learn about cloud computing and its benefits for small business owners.
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question