首页 文章

如何使用Powershell清除“应用程序和服务日志”?

提问于
浏览
1

任何人都知道如何使用Powershell清除“应用程序和服务日志”?我可以使用Clear-EventLog轻松清除Windows日志,但我无法清除Windows事件日志中“应用程序和服务日志”下的子文件夹 .

windows powershell event-log

2 回答

  • 2

    这看起来像你需要的

    http://gallery.technet.microsoft.com/scriptcenter/4502522b-5294-4c31-8c49-0c9e94db8df9

    更新 - 该链接有登录名 . 这是来自它的脚本 -

    Function Global:Clear-Winevent ( $Logname ) { 
<# 

.SYNOPSIS  
Given a specific Logname from the GET-WINEVENT Commandlet 
it will clear the Contents of that log 

.DESCRIPTION  
Cmdlet used to clear the Windows Event logs from Windows 7 
Windows Vista, Server 2008 and Server 2008 R2 

.EXAMPLE  
CLEAR-WINEVENT -Logname Setup 

.EXAMPLE  
GET-WINEVENT -Listlog * | CLEAR-WINEVENT -Logname $_.Logname 

Clear all Windows Event Logs 

.NOTES  
This is a Cmdlet that is not presently in Powershell 2.0 
although there IS a GET-WINEVENT Command to list the 
Contents of the logs.  You can utilize this instead of 
WEVTUTIL.EXE to clear out Logs.  Special thanks to Shay Levy 
(@shaylevy on Twitter) for pointing out the needed code 

#> 

[System.Diagnostics.Eventing.Reader.EventLogSession]::GlobalSession.ClearLog("$Logname") 

}
    回复于
  • 1

    PowerShell - 针对性能进行了优化:

    Version 1:

    function Clear-EventLogs-Active
{
    ForEach ( $l in ( Get-WinEvent ).LogName | Sort | Get-Unique )
    {
        [System.Diagnostics.Eventing.Reader.EventLogSession]::GlobalSession.ClearLog("$l")
    }
    Clear-EventLog -LogName "System"
}

    .

    版本2:

    function Clear-EventLogs-All
{
    ForEach ( $l in Get-WinEvent -ListLog * -Force )
    {
        if ( $l.RecordCount -gt 0 )
        {
            $ln = $l.LogName
            [System.Diagnostics.Eventing.Reader.EventLogSession]::GlobalSession.ClearLog("$ln")
        }
    }
    Clear-EventLog -LogName "System"
}

    .

    这两个版本都使用514个日志:

    • 版本1(0.3007762秒) - 仅检索包含事件的日志

    • 版本2(0.7026473秒) - 检索所有日志,并仅清除包含事件的日志

    回复于

相关问题