Clear-EventLog - PowerShell command help and examples

Deletes all entries from specified event logs on the local or remote computers. (Clear-EventLog)


NAME
Clear-EventLog
SYNOPSIS
Deletes all entries from specified event logs on the local or remote computers.
SYNTAX
Clear-EventLog [-LogName] <string[]> [[-ComputerName] <string[]>] [-Confirm] [-WhatIf] [<CommonParameters>]
DESCRIPTION
The Clear-EventLog cmdlet deletes all of the entries from the specified event logs on the local computer or on remote computers. To use Clear-EventLog, you must be a member of the Administrators group on the affected computer. The cmdlets that contain the EventLog noun (the EventLog cmdlets) work only on classic event logs. To get events from logs that use the Windows Event Log technology in Windows Vista and later versions of Windows, use Get-WinEvent.
PARAMETERS
-ComputerName <string[]> Specifies a remote computer. The default is the local computer. Type the NetBIOS name, an Internet Protocol (IP) address, or a fully qualified domain name of a remote computer. To specify the local computer, type the computer name, a dot (.), or "localhost". This parameter does not rely on Windows PowerShell remoting. You can use the ComputerName parameter of Get-EventLog even if your computer is not configured to run remote commands. Required? false Position? 2 Default value Local computer Accept pipeline input? true (ByPropertyName) Accept wildcard characters? false -LogName <string[]> Specifies the event logs. Enter the log name (the value of the Log property; not the LogDisplayName) of one or more event logs, separated by commas. Wildcard characters are not permitted. This parameter is required. Required? true Position? 1 Default value Accept pipeline input? true (ByPropertyName) Accept wildcard characters? false -Confirm [<SwitchParameter>] Prompts you for confirmation before executing the command. Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false -WhatIf [<SwitchParameter>] Describes what would happen if you executed the command without actually executing the command. Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false <CommonParameters> This cmdlet supports the common parameters: Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer and OutVariable. For more information, type, "get-help about_commonparameters".
INPUTS
None You cannot pipe objects to Clear-EventLog.
OUTPUTS
None This cmdlet does not generate any output.
NOTES
To use Clear-EventLog on Windows Vista and later versions of Windows, start Windows PowerShell with the "Run as administrator" option.

Examples

EXAMPLE 1
C:\PS>clear-eventlog "Windows PowerShell"
Description
----------- This command deletes the entries from the "Windows PowerShell" event log on the local computer.
EXAMPLE 2
C:\PS>clear-eventlog -logname ODiag, OSession -computername localhost, Server02
Description
----------- This command deletes all of the entries in the Microsoft Office Diagnostics (ODiag) and Microsoft Office Sessions (OSession) logs on the local computer and the Server02 remote computer.
EXAMPLE 3
C:\PS>clear-eventlog -log application, system -confirm
Description
----------- This command prompts you for confirmation before deleting the entries in the specified event logs.
EXAMPLE 4
C:\PS>function clear-all-event-logs ($computerName="localhost") { $logs = get-eventlog -computername $computername -list | foreach {$_.Log} $logs | foreach {clear-eventlog -comp $computername -log $_ } get-eventlog -computername $computername -list } C:\PS> clear-all-event-logs -comp Server01 Max(K) Retain OverflowAction Entries Log ------ ------ -------------- ------- --- 15,168 0 OverwriteAsNeeded 0 Application 15,168 0 OverwriteAsNeeded 0 DFS Replication 512 7 OverwriteOlder 0 DxStudio 20,480 0 OverwriteAsNeeded 0 Hardware Events 512 7 OverwriteOlder 0 Internet Explorer 20,480 0 OverwriteAsNeeded 0 Key Management Service 16,384 0 OverwriteAsNeeded 0 Microsoft Office Diagnostics 16,384 0 OverwriteAsNeeded 0 Microsoft Office Sessions 30,016 0 OverwriteAsNeeded 1 Security 15,168 0 OverwriteAsNeeded 2 System 15,360 0 OverwriteAsNeeded 0 Windows PowerShell
Description
----------- This function clears all event logs on the specified computers and then displays the resulting event log list. Notice that a few entries were added to the System and Security logs after the logs were cleared but before they were displayed. RELATED LINKS Online version: http://go.microsoft.com/fwlink/?LinkID=135198 Get-EventLog Limit-EventLog New-EventLog Remove-EventLog Show-EventLog Write-EventLog Get-WinEvent C:\Windows>powershell get-help Write-EventLog -full

Microsoft Windows [Version 10.0.19045.3693]
Copyright (c) 2023 Microsoft Corporation.

ColorConsole [Version 3.7.1000] PowerShell 2.0-Export

Windows 11, 10, 8.1, 8, 7 / Server 2022, 2019, 2016











Windows-10


... Windows 10 FAQ
... Windows 10 How To


Windows 10 How To


... Windows 11 How To
... Windows 10 FAQ



PowerShell: Deletes all entries from specified event logs on the local or remote computers.

HTTP: ... PS_Windows/en/Clear-EventLog.htm
0.077
17122

The Folder Size on Windows 10/11!

Why the Admin Explorer in a Windows delete program?

Domain, Home, Work, Public network, Homegroup, Workgroup Windows?

Can I customize the 7-Zip context menu to English, Windows 11, 10, ...?

Defender slows down the development of applications, programs and APPs!

Funktioniert bei Windows 11 der Verzeichnis Ausdruck ohne Probleme?



(0)