How to clear Windows XP Security Logs via scripts

joeylong
joeylong used Ask the Experts™
on
I've no practical programming myself so I'm turning to you for help. I am looking for a script to change the Windows XP Security Log to clear entries as needed. Does anyone have a script that can do this?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Awarded 2009
Top Expert 2010

Commented:
Why are you trying to do it with a script?
If you want to do it on 1 or 2 machines you can set it in the log itself if you want to do it on a domain you can use a group policy to apply it globally
Awarded 2009
Top Expert 2010
Commented:

Author

Commented:
I'm looking for something that would make the change on many PCs on several different domains. Different clients so no trusts between the domains.
OWASP: Forgery and Phishing

Learn the techniques to avoid forgery and phishing attacks and the types of attacks an application or network may face.

Look at the following forum posting which should have the pieces you need for a script:

http://serverfault.com/questions/26883/windows-event-log-rotation

Like demazter mentioned, in an Active Directory environment, you can configure these settings using Group Policy Objects (GPOs).

Hope this helps...

Mike
Awarded 2009
Top Expert 2010

Commented:
You could set a group policy on each domain it's probably more reliable than a script and if someone changes their local on then the GPO will put it back.
Awarded 2009
Top Expert 2010

Commented:
Also I may be wrong (don't have a machine to hand to check) but I thought the security log was set to overwrite by default?

Author

Commented:
Demazter, the information from the link was talking about maximum size, will this GPO allow me to set a maximum size and then change the security log to clear as needed?

Author

Commented:
Yes it is set to overwrite at 7 days by default, but we keep running into issues where the security log is full and an administrator is needed to clear the log manually, so my superior wants a script to permanently change it to "overwrite as needed"
Awarded 2009
Top Expert 2010

Commented:
The gpo should allow you to set the overwrite period as well.  Have a look atthe settings in a group polcy they are quite comprehensive

Author

Commented:
I figured they would be, ok thanks demazter.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial