|
| Using PowerShell to handle Eventlog |
 |
Tue, 15 Apr 2008 02:53:35 -070 |
Hello,
my idea is as follows (basically to play & learn with Powershell):
* Running a daily powershellscript at night which:
** Exports all entries in a file
** Delete all entries
Ok i could use somethnig like this to list all System-Event Entries
and write them to log:
>> Get-Eventlog system | Format-List | out-file -encoding ASCII -filepath
output2.txt
or
>> Get-Eventlog system -newest 10 | Format-List | out-file -encoding ASCII
-filepath output2.txt
to have only the latest
Now i am asking myself howto delete all entries in the second step.
any ideas how to handle this ?
Best regards
|
| Post Reply
|
| Re: Using PowerShell to handle Eventlog |
 |
Tue, 15 Apr 2008 04:30:28 -070 |
Ok,
i can use this:
>> get-eventlog system | Format-List | out-file -encoding ASCII -filepath
foobar.txt
to dump all system-related informations in my text file
and i can use this:
>> get-eventlog -list |%{$_.clear()}
to delete the event logs completly
Now regarding the filename:
--
i.e.
i would like to end with files like that:
* 20080415_hostname_logtype.txt (execution_date + hostname + here:
system
Best regards
fidel
|
| Post Reply
|
| Re: Using PowerShell to handle Eventlog |
 |
Tue, 15 Apr 2008 09:04:50 -030 |
> Now i am asking myself howto delete all entries in the second step.
>
> any ideas how to handle this ?
I am not aware of any way that you can selectively delete entries like
this. You can export your entire log, parse the export, delete the
entries you want, then re-import it. But... This method can only be
re-imported, to my knowledge, to a *new* log name, and can't be
re-imported into the default/original log. For example, I can't export
the Security log, delete it, then re-import what I just exported back to
the Security log.
I wouldn't start editing the binary log either...
|
| Post Reply
|
|
|
|
|
|
|
|
|
|