-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathclean_logs.bat
More file actions
105 lines (92 loc) · 2.78 KB
/
clean_logs.bat
File metadata and controls
105 lines (92 loc) · 2.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
@echo off
setlocal EnableExtensions EnableDelayedExpansion
title Windows Event Logs Cleanup
color 1F
call :RequireAdmin
call :BuildTimestamp
call :ResolveOutputDir
set "REPORT=%OUTDIR%\clean_logs_report_%STAMP%.txt"
set /a OKCOUNT=0
set /a FAILCOUNT=0
echo =========================================================
echo WINDOWS EVENT LOGS CLEANUP
echo =========================================================
echo.
echo WARNING: This script clears Windows Event Viewer logs.
echo It is strongly recommended to extract and save logs first.
echo.
choice /C YN /N /M "Do you want to continue? [Y/N]: "
if errorlevel 2 (
echo.
echo Operation cancelled by user.
echo.
pause
exit /b 0
)
> "%REPORT%" echo Windows Event Logs Cleanup Report
>>"%REPORT%" echo Generated: %DATE% %TIME%
>>"%REPORT%" echo Computer: %COMPUTERNAME%
>>"%REPORT%" echo User: %USERNAME%
>>"%REPORT%" echo Output directory: %OUTDIR%
>>"%REPORT%" echo.
echo.
echo Starting cleanup of all Windows Event Viewer logs...
echo A detailed report will be saved to:
echo %REPORT%
echo.
for /f "delims=" %%a in ('wevtutil el') do (
set "LOGNAME=%%a"
echo Cleaning log: "!LOGNAME!"
wevtutil cl "!LOGNAME!" >nul 2>&1
if !errorlevel! equ 0 (
echo [OK]
set /a OKCOUNT+=1
>>"%REPORT%" echo [OK] !LOGNAME!
) else (
echo [FAILED]
set /a FAILCOUNT+=1
>>"%REPORT%" echo [FAILED] !LOGNAME!
)
)
>>"%REPORT%" echo.
>>"%REPORT%" echo Summary
>>"%REPORT%" echo -------
>>"%REPORT%" echo Logs cleaned successfully: !OKCOUNT!
>>"%REPORT%" echo Logs not cleaned: !FAILCOUNT!
echo.
echo =========================================================
echo SUMMARY
echo =========================================================
echo Cleaned successfully: !OKCOUNT!
echo Failed: !FAILCOUNT!
echo Report: %REPORT%
echo.
if !FAILCOUNT! GTR 0 (
echo Note: Some logs may be protected, in use, or unavailable.
) else (
echo All enumerated logs were cleared successfully.
)
echo =========================================================
echo.
pause
exit /b 0
:RequireAdmin
net session >nul 2>&1
if not "%errorlevel%"=="0" (
echo.
echo [ERROR] Please run this script as Administrator.
echo Right click the file and choose "Run as administrator".
echo.
pause
exit /b 1
)
exit /b 0
:BuildTimestamp
for /f %%i in ('powershell -NoProfile -ExecutionPolicy Bypass -Command "Get-Date -Format yyyy-MM-dd_HH-mm-ss"') do set "STAMP=%%i"
if not defined STAMP set "STAMP=%DATE:/=-%_%TIME::=-%"
exit /b 0
:ResolveOutputDir
for /f "usebackq delims=" %%i in (`powershell -NoProfile -ExecutionPolicy Bypass -Command "[Environment]::GetFolderPath('Desktop')"`) do set "OUTDIR=%%i"
if not defined OUTDIR set "OUTDIR=%~dp0"
if not exist "%OUTDIR%" set "OUTDIR=%~dp0"
exit /b 0