Vista - Using PowerShell to handle Eventlog

04-15-2008

Hello,
my idea is as follows (basically to play & learn with Powershell):

* Running a daily powershellscript at night which:
** Exports all entries in a file
** Delete all entries

Ok i could use somethnig like this to list all System-Event Entries
and write them to log:

Quote:

>> Get-Eventlog system | Format-List | out-file -encoding ASCII -filepath output2.txt

or

Quote:

>> Get-Eventlog system -newest 10 | Format-List | out-file -encoding ASCII -filepath output2.txt

to have only the latest

Now i am asking myself howto delete all entries in the second step.

any ideas how to handle this ?

Best regards
fidel

04-15-2008

Ok,

i can use this:

Quote:

>> get-eventlog system | Format-List | out-file -encoding ASCII -filepath foobar.txt

to dump all system-related informations in my text file

and i can use this:

Quote:

>> get-eventlog -list |%{$_.clear()}

to delete the event logs completly

Now regarding the filename:
--
i.e.
i would like to end with files like that:
* 20080415_hostname_logtype.txt (execution_date + hostname + here:
system

Best regards
fidel

04-15-2008

Quote:

> Now i am asking myself howto delete all entries in the second step.
>
> any ideas how to handle this ?

I am not aware of any way that you can selectively delete entries like
this. You can export your entire log, parse the export, delete the
entries you want, then re-import it. But... This method can only be
re-imported, to my knowledge, to a *new* log name, and can't be
re-imported into the default/original log. For example, I can't export
the Security log, delete it, then re-import what I just exported back to
the Security log.

I wouldn't start editing the binary log either...

Marco

04-15-2008	#1 (permalink)
Florian n/a posts	Using PowerShell to handle Eventlog Hello, my idea is as follows (basically to play & learn with Powershell): * Running a daily powershellscript at night which: Exports all entries in a file Delete all entries Ok i could use somethnig like this to list all System-Event Entries and write them to log: Quote: Quote: >> Get-Eventlog system \| Format-List \| out-file -encoding ASCII -filepath output2.txt or Quote: Quote: >> Get-Eventlog system -newest 10 \| Format-List \| out-file -encoding ASCII -filepath output2.txt to have only the latest Now i am asking myself howto delete all entries in the second step. any ideas how to handle this ? Best regards fidel
My System Specs

04-15-2008	#2 (permalink)
Fidel n/a posts	Re: Using PowerShell to handle Eventlog Ok, i can use this: Quote: Quote: >> get-eventlog system \| Format-List \| out-file -encoding ASCII -filepath foobar.txt to dump all system-related informations in my text file and i can use this: Quote: Quote: >> get-eventlog -list \|%{$_.clear()} to delete the event logs completly Now regarding the filename: -- i.e. i would like to end with files like that: * 20080415_hostname_logtype.txt (execution_date + hostname + here: system Best regards fidel
My System Specs

04-15-2008	#3 (permalink)
Marco Shaw [MVP] n/a posts	Re: Using PowerShell to handle Eventlog Quote: > Now i am asking myself howto delete all entries in the second step. > > any ideas how to handle this ? I am not aware of any way that you can selectively delete entries like this. You can export your entire log, parse the export, delete the entries you want, then re-import it. But... This method can only be re-imported, to my knowledge, to a new log name, and can't be re-imported into the default/original log. For example, I can't export the Security log, delete it, then re-import what I just exported back to the Security log. I wouldn't start editing the binary log either... Marco
My System Specs

Similar topics to: Using PowerShell to handle Eventlog
Thread	Forum
get-eventlog	PowerShell
Easy to get handle from listbox. How to get listbox from handle?	.NET General
Can Powershell handle COM events?	PowerShell
Get-eventlog	PowerShell
Control.Handle - How do I get a handle to a control with WinFX	Avalon

Vista - Using PowerShell to handle Eventlog

Using PowerShell to handle Eventlog problems?