To do this, go to Cortana and type powershell in the search area.
#Clear windows log files windows#
Open Windows PowerShell as Administrator. In this method, we will delete all the events using Windows PowerShell. Windows PowerShell is another powerfull tool to execute commands. The Command Prompt window will open and it will clear all the events from Event Logs automatically. To do that, right-click on it and select Run as administrator. Look for the file ClearLog fileon your desktop. cmd extension and with file name as ClearLog. In the File name section, type ClearLog.cmd and click on Save. Now, from the top left side of the window, open the File drop-down menu and select Save as…. In the text document, copy and paste the following offįOR /F “tokens=1,2*” %%V IN (‘bcdedit’) DO SET adminTest=%%Vįor /F “tokens=*” %%G in (‘wevtutil.exe el’) DO (call :do_clear “%%G”)Įcho You must run this script as an Administrator! Now, go back to Desktop and double-click on New text document to open the text document file you have just created. Here, go to New and then select Text document from the list of options that opens. To do this, go to your desktop and right-click on empty space. Everything is explained below in the steps. To clear more events, simply repeat the last step with that event name in the command.Ĭlearing all the events using the Command Prompt is easy as well. The event you wanted to delete, is no more mentioned in the Event Logs. Simply replace “xyz” with the event name you wish to clear from Event Logs. Here “xyz” is the name of the event you want to delete. After the selecting an event you want to delete, type the following command and press Enter to delete the event. Here, look for the ones you want to delete.
After the last step, a list of events will show up on the Command Prompt window. Now, in the Command Prompt window, type the following command and press Enter. Now, right-click on Command Prompt from search results and select Run as administrator. To do this, go to Cortana and type Command Prompt in the search area. Here, you will be able to clear an event one by one.
#Clear windows log files how to#
In this method, we will show you how to clear events from Command Prompt. Whatever your reasons, we’re going to show you how to clear a Windows log file with both the Event Viewer program and an Event Viewer command in PowerShell.If you want to delete more events, simply perform the last step as many times as you want. As a result, if you notice that an event log is cleared, it may not be a user trying to hide something. Not only will doing so clear up hard drive space, but it could also let windows save entires faster in the future.
However, if event logs get into the wrong hands, they could be used to analyze user behavior, which could further be used to craft an attack.Įven so, the main reason you may want to delete or clear log files is for maintenance reasons. Further, the sheer number of logs would likely make it difficult for an admin to notice something they aren’t specifically looking for. It won’t, for example, show text from webpages or documents, record mouse clicks, or takes screenshots of your PC. Admins can also see the applications that have been installed, Office alerts such as “Want to save your changes to x.docx?”.ĭespite this, the windows event log doesn’t tend to store much personal information. As an example, it will show any recently installed updates and error codes if they weren’t performed successfully.