This article will cover

  1. How to clear only a specific Event Log using command prompt
  2. How to clear all Event Logs using command prompt
  3. How to clear all Event Logs using PowerShell
  4. How to clear all Event Logs using VBScript/WMI (classic event logs only)

Event Log Management

Often when you want to troubleshoot issues or keep a general check on your system health, you have to use Event Viewer. Event Viewer shows you all the Windows events that get logged such as Information, Errors, Warnings, Critical and Verbose. But there are so many events here including completely normal activities that get logged that it becomes harder to spot events related to things that aren’t working as expected or are causing errors. So from time to time you may need to clear the Event Log. In this article, we will see how you can clear the Event log automatically or from the command line.

The System Log and the Application Log are two of the important logs that you may want to clear occasionally. You can manually clear any Event Log by right clicking it and choosing “Clear log…” from the right click menu. However, you may also want to make this automatic so every 7 days or 15 days, the Event Log gets cleared. You can also set up a scheduled task that runs automatically using Elevated Shortcut to clear the event log.

Event Log

How to clear only a specific Event Log using command prompt

  1. Open a command prompt as administrator (see how).
  2. To clear a specific log, you must first know its name. To see a list of Event Logs, type:
  3. wevtutil el
  4. wevtutil more
  5. This produces a very lengthy list of logs. You can use the command: ‘wevtutil el | more’ (without the quotes) to display the output one screen at a time. Or you can output it to a text file using the command:
    wevtutil el > Loglist.txt

    This creates a text file Loglist.txt in the working directory of the command prompt (the same folder where you are currently at the command prompt).

  6. Now that you know the name of the log you want to clear, you can use the following command:
    wevtutil cl Application
  7. The above command clears the Application log. To clear the System log, use: ‘wevtutil cl System’ (without the quotes).

How to clear all Event Logs using command prompt

  1. Open Notepad and copy-paste the following text into it:
    @echo off
    FOR /F "tokens=1,2*" %%V IN ('bcdedit') DO SET adminTest=%%V
    IF (%adminTest%)==(Access) goto noAdmin
    for /F "tokens=*" %%G in ('wevtutil.exe el') DO (call :do_clear "%%G")
    echo.
    echo Event Logs have been cleared!
    goto theEnd
    :do_clear
    echo clearing %1
    wevtutil.exe cl %1
    goto :eof
    :noAdmin
    echo You must run this script as an Administrator!
    echo.
    :theEnd
  2. Save it as a batch file and give it any name you want for example: ClEvtLog.bat or ClEvtLog.cmd.
    Tip: To directly save a text with the .bat or .cmd extension, type the file name in quotes, that is, “ClEvtLog.bat” or “ClEvtLog.cmd”.
  3. Copy this batch file to some directory to in your system path such as C:\Windows so you don’t have to type the full path to it every time you run it.
  4. Open an elevated command prompt (see how).
  5. Run the batch file from the command prompt: ClEvtLog.cmd. You can also directly run it without opening the command prompt or using cmd /c so the command prompt closes after running it.
    Cleared

How to clear all Event Logs using PowerShell

  1. Open PowerShell as administrator (see how).
  2. Type or copy-paste the following command into PowerShell:
    wevtutil el | Foreach-Object {wevtutil cl "$_"}

    PowerShell wevtutil

  3. Press Enter. Wait for few seconds for all logs to be cleared. You can now exit PowerShell by typing Exit.

How to clear all Event Logs using VBScript/WMI (classic event logs only)

  1. Open Notepad and copy-paste the following text into it:
    strComputer = "."
    Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate, (Backup, Security)}!\\" _
    & strComputer & "\root\cimv2")
    Set colLogFiles = objWMIService.ExecQuery _
    ("Select * from Win32_NTEventLogFile")
    For each objLogfile in colLogFiles
    objLogFile.ClearEventLog()
    Next
  2. Save it as a VBScript (.VBS) file and give it any name you want for example: ClEvtLog.vbs.
    Tip: To directly save a text with the .vbs extension, type the file name in quotes, that is, “ClEvtLog.vbs”.
  3. Copy this VBScript file to some directory to in your system path such as C:\Windows so you don’t have to type the full path to it every time you run it.
  4. Open an elevated command prompt (see how).
  5. Run the VBScript file from the command prompt: CScript ClEvtLog.vbs. You can also directly run it without opening the command prompt or using cmd /c so the command prompt closes after running it.
    The VBScript/WMI method only clears the classic Event Logs (Application, Security, System etc, not the new XML type of event logs which are cleared by PowerShell or wevtutil.exe).

Also note that these scripts do not back up the logs before they are cleared. If you want to back up the event logs, look at Microsoft’s Script Center for samples.

Source:  http://winaero.com/blog/how-to-clear-the-windows-event-log-from-the-command-line/