Event Viewer: Clear All Events

    Event Viewer: Clear All Events

    Event Viewer: Clear All Events

    How to Clear all Event Logs in Event Viewer using Windows PowerShell
    Published by
    Designer Media Ltd


    How to Clear all Event Logs in Event Viewer using Windows PowerShell

       Information
    This tutorial will show you how to quickly clear all event logs in Event Viewer with a one line PowerShell script.

    This one line command clears each log in the Event log list one at a time.
    wevtutil el gets the Event log list and passes the list to
    Foreach-Object which calls
    wevtutil cl for each log in the Event log list.

       Note
    This process does not clear Analytic or Debug logs. If you have them enabled, wevutl returns an error, but the other logs are cleared.

       Warning
    If you are trouble shooting an issue on your computer it is NOT advisable to clear the Event logs. The Event logs provide technical information about your system that could help resolve an issue.
    Only clear the Event logs if your system is running well. The logs don't use a lot of resources so it doesn't hurt to leave them in place.


    Here's How:

    1. Open an elevated PowerShell prompt.

    2. Copy and paste the command below into the PowerShell window, and press Enter.
    wevtutil el | Foreach-Object {wevtutil cl "$_"}

    Event Viewer: Clear All Events-eventviewer_pscmd.png
    4. Wait for the script to finish, then you can close PowerShell if you like.

    5. All events have been cleared.

    This tutorial showed you how to clear all logs in Event Viewer, but you can use the wevtutil command to clear individual event logs.
    Instead of using the el parameter and piping the list to Foreach-Object, you would use the cl parameter and the log name.

    Copy the line following the specific event log and paste the wevtutil line (the bold line) into the PowerShell window.


    To clear the
    • Application event log
      wevtutil cl Application

    • Security event log
      wevtutil cl Security

    • Setup event log
      wevtutil cl Setup

    • System event log
      wevtutil cl System
    You can clear any of the Event logs the same way, all you have to know is the log name.
    To get a full list of the log names, simply enter wevtutil el in the elevated PowerShell window.

    Then you can use the cl parameter and the event log name to clear that specific event log (see the examples above).

       Note
    There are two command parameters of wevtutil used in this section:
    cl is the clear event log parameter
    el is the event log list parameter

    The results will be quite different if you use the wrong one. For any clear the log operation in this section, you will use the cl parameter.

       Tip
    While unrelated to clearing Event Viewer logs, this tip does clean up one particular event. WMI error 10 is erroneoulsy logged in the application log after every reboot.
    This is easy to fix with MS Fixit 50688 - scroll down on the MS Fixit page and click the Microsoft Fix it button.


    Credits:
    Joe Waldin: script source
    Brink: tutorial housekeeping




    Related Tutorials




  2. DavidE
    Posts : 6,330
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64 +Linux_VMs +Chromium_VM
       New #1

    Nice tutorial!
    Does clearing event logs make a noticeable performance improvement or a significant decrease in space used on the C drive?
    My OSs were installed 4+ years ago and I've never cleared logs.

    Thanks,
    David
      My Computer
    Quote Quote

  4. Brink
    Posts : 72,036
    64-bit Windows 11 Pro for Workstations
       New #2

    Hey David,

    It makes no difference in performance, and not much hard drive space would be regained. It's mostly just if you wanted to clear the logs. :)
      My Computer
    Quote Quote

  5. DavidE
    Posts : 6,330
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64 +Linux_VMs +Chromium_VM
       New #3

    Thanks Shawn :)
      My Computer
    Quote Quote

  6. Brink
    Posts : 72,036
    64-bit Windows 11 Pro for Workstations
       New #4

    Your welcome.
      My Computer
    Quote Quote

  7. Slartybart
    Posts : 6,458
    x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
    Thread Starter
       New #5

    Thanks David,

    Shawn is right... no performance boost or even significant space reclamation.

    Reading logs is an art - clearing the logs simply removes ancient history. The MS Fixit tip at the bottom is probably more important to me because it stops a bogus error log so I don't have to think "Hey there's an error.... is it important? Nah, it's just that WMI 10 log entry..." The entries for WMI 10 are still there until you clear the event logs.

    The real trick is NOT clearing the logs too often - you might lose that key piece of information.

    Rule of thumb: if your system is stable and has been for a while - clear the logs. In a year or two, same conditions, clear the logs again. This really isn't something you have to do on a regular basis.

    Bill
    .
      My Computer
    Quote Quote

  8. DavidE
    Posts : 6,330
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64 +Linux_VMs +Chromium_VM
       New #6

    Thanks for the info.
    My systems are stable. No problems with updates, no crashes, etc.
    I just know as soon as I clear the logs something will happen, and I'll wish I had the history.
      My Computer
    Quote Quote

  10. giblet
    Posts : 15
    Windows 7 Ultimate 64bit
       New #7

    BAT file for lazy people...


    @echo off
    FOR /F "tokens=1,2*" %%V IN ('bcdedit') DO SET adminTest=%%V
    IF (%adminTest%)==(Access) goto noAdmin
    for /F "tokens=*" %%G in ('wevtutil.exe el') DO (call :do_clear "%%G")
    echo.
    echo goto theEnd
    :do_clear
    echo clearing %1
    wevtutil.exe cl %1
    goto :eof
    :noAdmin
    exit


    Copy to Notepad and save as *.BAT

    Double click to run BAT files.

    All logs cleared.
      My Computer
    Quote Quote

  11. Slartybart
    Posts : 6,458
    x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
    Thread Starter
       New #8

    giblet, see the related tutorial for the Command Prompt version. This tutorial is a Powershell script.
    Event Viewer One Click Clear
      My Computer
    Quote Quote

  12. edassange
    Posts : 112
    W7 Home Premium x86 SP1 Build 7601
       New #9

    When I try this it says "Fails to clear log...The requested operation cannot be performed over an enabled direct channel".
      My Computer
    Quote Quote

 

  Related Discussions
Hi: Does anyone know how to clear the Administrative Events log listed under Custom Views in the Event Viewer? All the logs listed under the Windows logs have options to clear, but the above does not. Thanks, ColTom2
How to clear events in viewer?
in Performance & Maintenance

How, in W7, does one clear the events? In vista, I went to actions and clear events. On W7, I do not see a clear events. Thanks Dave
How to Clear Event Viewer with One Click in Windows This will show you how to create a command line shortcut that will clear all of the Event Viewer logs in one click. Here is a batch file that can help you clear the event viewer in one click....
I have Been getting bsod xd1 from iastora.sys I have come to the conclusion that I want it gone and want to switch to ahci and get rid of irst. Only problem is I heard you have to reinstall to do that and I don't want to. I really need this done and I'm scared because I get bsod in the middle of...
How does one clear these? pls view attachment, thanks.
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 03:04.
Find Us