The below is the simple script for backing up and clearing the event logs.
###########################################################################################
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate, (Backup, Security)}!\\" _
& strComputer & "\root\cimv2")
Set colLogFiles = objWMIService.ExecQuery _
("Select * from Win32_NTEventLogFile where LogFileName='Security'")
For Each objLogfile in colLogFiles
OutputFile = "c:\eventlog\" & "Security "
OutputFile = OutputFile & Day(Now) & "-" & month(now) & "-" & year(now)
OutputFile = OutputFile & ".evt"
errBackupLog = objLogFile.BackupEventLog(OutputFile)
If errBackupLog = 0 Or errBackupLog = 183 Then
objLogFile.ClearEventLog()
Else
Wscript.Echo "The Security event log could not be backed up."
End If
Next
###########################################################################################
In the above, you can specify the log file type accordingly and also specify the location where the event log .evt file will be stored. After taking the backup of the event log, it will clear the event log.
Thanks
Logan
971552596187 | logu_microsoft@hotmail.com
No comments:
Post a Comment