Clear EventLog - PowerShell
Overview
Clear-EventLog removes all events from one or more specified event logs. It allows you to clear logs to free up storage space or troubleshoot persistent log issues.
Syntax
Clear-EventLog [-LogName] <String[]> [-ComputerName] <String>
[-Confirm] [-WhatIf] [-Force]
Options/Flags
- -LogName: Specifies the name of the event log to clear. Multiple logs can be cleared by specifying an array of log names.
- -ComputerName: Specifies the remote computer on which to clear the event log. If not specified, the local computer is targeted.
- -Confirm: Prompts for confirmation before clearing the event log.
- -WhatIf: Shows what would happen if the command were run without actually executing it.
- -Force: Suppresses the confirmation prompt and clears the event logs without asking for confirmation.
Examples
Clear a single local event log:
Clear-EventLog -LogName Application
Clear multiple local event logs:
Clear-EventLog -LogName Application,System,Security
Clear event logs on a remote computer:
Clear-EventLog -LogName Application -ComputerName remotepc
Clear event logs without confirmation:
Clear-EventLog -LogName Application -Force
Common Issues
- Ensure that you have sufficient permissions to clear the event logs. By default, only administrators can clear event logs.
- If the event log is actively logging events, new events may be added while the Clear-EventLog command is running, resulting in incomplete clearing.
Integration
Clear-EventLog can be used in conjunction with other PowerShell commands for advanced tasks. For example, you can use the Get-EventLog command to filter and retrieve specific events before clearing them.
Related Commands
- Get-EventLog: Gets events from one or more specified event logs.
- New-EventLog: Creates a new event log.