Created
June 19, 2014 00:32
-
-
Save peaeater/8be00dbcf2b0a4a0f28e to your computer and use it in GitHub Desktop.
Removes a source value from Windows Application Event Log (careful!). Requires admin privileges and warns user if elevation is required.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Remove log source from Application Event Log - requires ADMIN PRIVILEGES | |
| Peter Tyrrell | |
| #> | |
| param( | |
| [Parameter(Mandatory=$true,ValueFromPipeline=$true,Position=0)] | |
| [string]$logsrc | |
| ) | |
| # check for admin | |
| if (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { | |
| Write-Warning ("You do not have admin privileges. Re-run this script as an administrator.") | |
| break | |
| } | |
| try { | |
| [System.Diagnostics.EventLog]::DeleteEventSource($logsrc) | |
| Write-Host ("INFO Deleted '{0}'' from Application Event Log." -f $logsrc) | |
| } | |
| catch { | |
| Write-Host ("INFO The source '{0}' is not registered on the machine." -f $logsrc) | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment