Deleting Events in Your Event Logs

by Barry Dysert
(last updated March 23, 2020)

Event logs do take up some space on your hard drive, but they don't grow forever. By default, every event log has a retention policy that indicates old events are to be overwritten by new events whenever the event log gets full. For various reasons, though, you may want to delete events from your event logs. Unfortunately, you cannot delete specific events. You can, however, clear the entire log.

If you want to totally clear a log so that it's empty, start the Event Viewer by using the search capabilities of Windows to look for "Event Viewer" (without the quote marks). Once the program is started, use the left pane to navigate to the log you want to clear. Right-click on the log and select Properties. Windows displays the Log Properties dialog box. (See Figure 1.)

Figure 1. Viewing an event log's properties.

By clicking the Clear Log button in the lower-right corner, you can totally clear that event log.

Even though you can't delete specific events from a log, it may be useful to create a custom view so that you're only looking at the events of interest instead of everything. To create a custom view, click the log for which you want to create the view, then on the right pane, click the "Create Custom View" link. Unless/until Microsoft gives us the ability to delete specific events, views are probably as close as we're going to get.

This tip (11722) applies to Windows 7, 8, and 10.

Author Bio

Barry Dysert

Barry has been a computer professional for over 35 years, working in different positions such as technical team leader, project manager, and software developer. He is currently a software engineer with an emphasis on developing custom applications under Microsoft Windows. When not working with Windows or writing Tips, Barry is an amateur writer. His first non-fiction book is titled "A Chronological Commentary of Revelation." Learn more about Barry...

MORE FROM BARRY

Introduction to Regular Expressions

Regular expressions are usually the domain of computer programmers. There are times, though, when an end-user might find ...

Discover More

Modifying the Number of Jump List Items

Jump lists can be a helpful tool to quickly access common files and commands. If you'd prefer to display a different ...

Discover More

Setting Up Your Wi-Fi Enabled Computer As a Hotspot

If your computer is Wi-Fi enabled, you can easily set it up to be a hotspot. This tip shows you how.

Discover More

More WindowsTips

What is the Purpose of the Forwarded Events Event Log?

The Forwarded Events event log collects events that have been forwarded from other computers. In this way you can login ...

Discover More

Changing How Event Log Overruns are Handled

By default, the event logs are implemented in a circular buffer, i.e., when its maximum size is reached, the oldest ...

Discover More

Understanding Event Logs

Windows event logs are great resources to see what is "invisibly" going on with your system. By understanding the various ...

Discover More

FREE SERVICE: Get tips like this every week in WindowsTips, a free productivity newsletter. Enter your address and click "Subscribe."

View most recent newsletter.

Comments

If you would like to add an image to your comment (not an avatar, but an image to help in making the point of your comment), include the characters [{fig}] (all 7 characters, in the sequence shown) in your comment text. You’ll be prompted to upload your image when you submit the comment. Maximum image size is 6Mpixels. Images larger than 600px wide or 1000px tall will be reduced. Up to three images may be included in a comment. All images are subject to review. Commenting privileges may be curtailed if inappropriate images are posted.

Notify me about new comments ONLY FOR THIS TIP

Notify me about new comments ANYWHERE ON THIS SITE

Hide my email address

What is 9 - 6?

2021-05-24 10:30:58

Paulette Walls

Good morning. Someone deleted my event log after I reported that two individuals was listed as having Direct Access to my one drive without my knowledge. The same day I reported this information, the names listed were removed. IT claims the names were never listed there and they have no event log that showed this transaction ever happened. I had a supervisor and co-worker look at my computer to prove that I wasn’t lying about the incident before even reporting it. What command prompt on deleted logs would I look for to prove what I’m saying is true? Is there anything else I can do to prove what I’m saying is true computer wise?

Newest Tips

FREE SERVICE: Get tips like this every week in WindowsTips, a free productivity newsletter. Enter your address and click "Subscribe."

(Your e-mail address is not shared with anyone, ever.)

View the most recent newsletter.

Deleting Events in Your Event Logs

Author Bio

MORE FROM BARRY

More WindowsTips

Subscribe

Comments

Newest Tips

Subscribe

Links and Sharing

OUR COMPANY

OUR PRODUCTS

OUR SITES