Event log (Eventlog) delete entries quickly with Powershell

The Windows event log is actually the first point of contact when looking for an error in the Windows system. All important Windows events are logged there. The 4 most popular Windows protocols are as follows:

  • application
  • safety
  • installation
  • system

The event logs are usually set so that the entries are kept until the event log has reached a specified size. If further events occur, the oldest entries are deleted and the new entries are included. Nevertheless, the event log can reach a considerable size over time and become very confusing. Therefore, it is sometimes advisable to completely empty the event log and start with a completely new Windows event log. It is advisable to delete the event log, especially after important changes to the system. This is usually done in the “ eventvwr.msc “By right-clicking the Windows log folder and then” clearing log … ” chooses.

However, this has to be done for all Windows protocols and simply takes too long. Faster and easier it goes beyond the PowerShell . With the following command you can first get an overview of all existing Windows protocols:

wevtutil el

Clear event log Powershell overview

All possible protocols are displayed here. There are many more than shown in the picture. If you want to completely empty or delete the most important ones without saving the content beforehand, you have to use the following commands :

  • wevtutil cl application (for the Windows application protocol)
  • wevtutil cl security  (for the Windows security protocol)
  • wevtutil cl setup (for the Windows installation protocol)
  • wevtutil cl system (for the Windows system protocol)

Eventlog Powershell delete

The deletion of the logs works very quickly and is done without asking.

We have reported on Windows PowerShell several times. Below you will find an extract from the previous PowerShell reports.

– Repair Windows component store with DISM and PowerShell commands
– Find out the Windows product key using DOS command or PowerShell
– Use Windows PowerShell command to query, switch Windows Firewall off and on
– Check PowerShell version
– PowerShell – List, stop and start services
– In PowerShell with Recovery points work

administrator