demando 0 Posted February 4, 2012 (edited) I have following problem on Windows 7 X86 UltimateI use the Clear-Event Function and this works correct with the "Application" Log.#include <EventLog.au3>$hEventLog = _EventLog__Open ("", "Application" )_EventLog__Clear($hEventLog, "")_EventLog__Close ($hEventLog)When i try the same command to clear the following Log it doesn't delete the entries.#include <EventLog.au3>$hEventLog = _EventLog__Open ("", "Microsoft-Windows-Application-Experience/Program-Inventory" )_EventLog__Clear($hEventLog, "")_EventLog__Close ($hEventLog)The Clear Event Function works with the Application , System, Security Setup Logs.With best regardsdemando Edited February 4, 2012 by demando Share this post Link to post Share on other sites
JLogan3o13 1,508 Posted February 6, 2012 Hi, Demando. I'm not sure that functionality exists in the eventlog UDF (someone more intelligent than I may know a way). In the meantime, you could do something like this: ShellExecute("wevtutil.exe", 'cl "Microsoft-Windows-Application-Experience/Program-Inventory"', "", "", @SW_HIDE) Hide JLogan3o13's signature Hide all signatures √-1 2^3 ∑ π, and it was delicious! How to get your question answered on this forum! Share this post Link to post Share on other sites
demando 0 Posted February 7, 2012 Hi JLogan3o13 thank you very much for this instruction. With the wevtutil command it works perfect. Best regards demando Share this post Link to post Share on other sites
Chimaera 141 Posted February 7, 2012 Hi, Demando. I'm not sure that functionality exists in the eventlog UDF (someone more intelligent than I may know a way). In the meantime, you could do something like this: ShellExecute("wevtutil.exe", 'cl "Microsoft-Windows-Application-Experience/Program-Inventory"', "", "", @SW_HIDE) Im curious JLogan3o13 is it possible to do a clear all logs for e.g. like after ive finsihed some work on a pc and its going back to the customer so its only logged from the time i release it? I had a look here but its a clear as mud http://technet.microsoft.com/en-us/library/cc732848%28WS.10%29.aspx Hide Chimaera's signature Hide all signatures If Ive just helped you ... miracles do happen. ChimaeraCopyRobo() * Hidden Admin Account Enabler * Software Location From Registry * Find Display Resolution * _ChangeServices() Share this post Link to post Share on other sites
JLogan3o13 1,508 Posted February 7, 2012 (edited) Hi, Chimaera. You could use something like this to delete everything.. #include <File.au3> Local $aArray RunWait(@ComSpec & " /c wevtutil el > C:logs.txt", @SystemDir, @SW_HIDE) $file = "C:Logs.txt" _FileReadToArray($file, $aArray) For $i = 0 To UBound($aArray) - 1 ShellExecute("wevtutil.exe", "cl " & $aArray[$i], @SystemDir, "", @SW_HIDE) Next FileDelete($file) Edit: Forgot my include statement Edit: You could also select a couple of logs only, through an IF or Select statement: If $aArray[$i] = "Microsoft-Windows-Wordpad/Admin" Then ShellExecute("wevtutil.exe", "cl " & $aArray[$i], @SystemDir, "", @SW_HIDE) EndIf Edited February 7, 2012 by JLogan3o13 Hide JLogan3o13's signature Hide all signatures √-1 2^3 ∑ π, and it was delicious! How to get your question answered on this forum! Share this post Link to post Share on other sites
Chimaera 141 Posted February 7, 2012 Hi, Chimaera. You could use something like this to delete everything.. #include <File.au3> Local $aArray RunWait(@ComSpec & " /c wevtutil el > C:logs.txt", @SystemDir, @SW_HIDE) $file = "C:Logs.txt" _FileReadToArray($file, $aArray) For $i = 0 To UBound($aArray) - 1 ShellExecute("wevtutil.exe", "cl " & $aArray[$i], @SystemDir, "", @SW_HIDE) Next FileDelete($file) Ok now im confused what does all this do exactly, all im thinking about is just delete all the logs so it starts from scratch again what is the logs.txt? a backup? or can you give a little more detail what is happening in this plz Hide Chimaera's signature Hide all signatures If Ive just helped you ... miracles do happen. ChimaeraCopyRobo() * Hidden Admin Account Enabler * Software Location From Registry * Find Display Resolution * _ChangeServices() Share this post Link to post Share on other sites
JLogan3o13 1,508 Posted February 7, 2012 (edited) Sure. Wevtutil -el lists all event logs on the system. I output that to the logs.txt file, so you can refer to it: RunWait(@ComSpec & " /c wevtutil el > C:logs.txt", @SystemDir, @SW_HIDE) Then read that file into an array, and loop through the array to clear the log files. _FileReadToArray($file, $aArray) For $i = 0 To UBound($aArray) - 1 ShellExecute("wevtutil.exe", "cl " & $aArray[$i], @SystemDir, "", @SW_HIDE) Next Once we're done, we delete the file, as we no longer need it. FileDelete($file) Edited February 7, 2012 by JLogan3o13 Hide JLogan3o13's signature Hide all signatures √-1 2^3 ∑ π, and it was delicious! How to get your question answered on this forum! Share this post Link to post Share on other sites
