8.7. Clearing the Events in an Event Log
You want to clear all of the events in an event log. Typically you do not want to do this unless you've backed up or archived the log. Clearing an event log without saving the events makes it very difficult to track down and troubleshoot problems later.
Using a graphical user interface
Open the Event Viewer (eventvwr.msc).
In the left pane, right-click on the target event log and select Clear all Events.
You then have an option to save the log before clearing it. Click Yes to save it or No to not save it.
Using a command-line interface
The following command clears an event log:
> wmic /node:"
<ServerName>" nteventlog where "Logfilename = '
<LogName>'" Call ClearEventLog
Here is an example that clears the
DNS Server log on server dns01:
> wmic /node:"dns01" nteventlog where "Logfilename = 'DNS Server'" Call ClearEventLog
The wmic command cannot be run on Windows 2000. You can target a remote computer that is running Windows 2000, but you must run the command on Windows Server 2003 or Windows XP.
' This code clears all events from the specified event log. ' ------ SCRIPT CONFIGURATION ------ strLog = "
<LogName>" ' e.g., Application strServer = "
<ServerName>" ' e.g., fs01 (use "." for local server) ' ------ END CONFIGURATION --------- set objWMI = GetObject("winmgmts:\\" & strServer & "\root\cimv2") set colLogs = objWMI.ExecQuery("Select * from Win32_NTEventlogFile Where " & _ "Logfilename = '" & strLog & "'") if colLogs.Count ...