Clear Application Event Log by Source

Question

I've seen various sources suggesting something like this to clear all event logs:

wevtutil el | Foreach-Object {Write-Host "Clearing $_"; wevtutil cl "$_"}

But what I would like to do is remove from the application log only those events that have a particular source (a windows service that I had created). Is that possible? I know something like:

wevtutil gl application

Gives you information about the log, but is there a way to get the events in that log and remove ones that match?

This smells like an XY Problem
– Ƭᴇcʜιᴇ007
Commented May 20, 2016 at 13:33 — Ƭᴇcʜιᴇ007, Commented May 20, 2016 at 13:33

Community · Accepted Answer · 2017-04-13 12:14:41Z

3

Windows does not allow removing individual entries from Event logs; it's either clear a log of all entries, or remove a (non-native) log completely.

So in a nutshell you can't; it's a system log, allowing removal of individual entries would be considered unsafe.

If you wrote the service, modify it to use the Event Log the way you require, instead of trying to bend the Event Log to your service.

For more info, here's the same question on ServerFault:

How can I remove specific events from the event log in Windows Server?

edited Apr 13, 2017 at 12:14

CommunityBot

1

answered May 20, 2016 at 13:36

Ƭᴇcʜιᴇ007

113k19 gold badges203 silver badges270 bronze badges

Add a comment |

Stack Exchange Network

Clear Application Event Log by Source

1 Answer 1

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged
powershell
event-log
.

Hot Network Questions

Clear Application Event Log by Source

1 Answer 1

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged powershellevent-log.

Related

Hot Network Questions

Not the answer you're looking for? Browse other questions tagged
powershell
event-log
.