PowerShell Limit-EventLog Cmdlet
Hello Everyone
Welcome to CloudAffaire and this is Debjeet.
In the last blog post, we have discussed Write-EventLog cmdlet in PowerShell.
https://cloudaffaire.com/powershell-write-eventlog-cmdlet/
In this blog post, we will discuss Limit-EventLog cmdlet in PowerShell. You can use Limit-EventLog cmdlet to modify an event log property. Using Limit-EventLog cmdlet, you can set the event log’s properties like retention period, maximum size and action performed when the log reaches its maximum size. You need to have administrator access to order to change an event log property. You can use Limit-EventLog cmdlet to change the event log property of a local or remote computer.
Limit-EventLog Cmdlet Syntax:
1 2 3 4 5 6 7 8 9 |
## Limit-EventLog ## [-LogName] ## [-ComputerName ## [-RetentionDays ## [-OverflowAction ## [-MaximumSize ## [-WhatIf] ## [-Confirm] ## [ |
Limit-EventLog Cmdlet Argument List:
- –ComputerName: Specifies remote computers. The default is the local computer.
- –Confirm: Prompts you for confirmation before running the cmdlet.
- –LogName: Specifies the event logs. Enter the log name (the value of the Log property; not the LogDisplayName) of one or more event logs, separated by commas.
- –MaximumSize: Specifies the maximum size of the event logs in bytes. Enter a value between 64 kilobytes (KB) and 4 gigabytes (GB). The value must be divisible by 64 KB (65536).
- –OverflowAction: Specifies what happens when the event log reaches its maximum size. The acceptable values for this parameter are:
- DoNotOverwrite: Existing entries are retained and new entries are discarded.
- OverwriteAsNeeded: Each new entry overwrites the oldest entry.
- OverwriteOlder: New events overwrite events older than the value specified by the MinimumRetentionDays property.
- –RetentionDays: Specifies the minimum number of days that an event must remain in the event log.
- –WhatIf: Shows what would happen if the cmdlet runs. The cmdlet is not run.
PowerShell Limit-EventLog Cmdlet:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
########################################## ## PowerShell | Cmdlet | Limit-EventLog ## ########################################## ## PowerShell Latest Version (5) ## run PowerShell as admin ## create a sample file New-Item -ItemType File -Path C:\myfile.dll -Value "hello world" ## create a new event log New-EventLog -source MySource -LogName MyLog -MessageResourceFile C:\myfile.dll ## write a new event into an event log Write-EventLog -LogName "MyLog" -Source "MySource" -EventID 1000 ` -EntryType Information -Message "Hello World" ## get event log details Get-EventLog -List | Where-Object {$_.Log -eq "MyLog"} ## Max(K) Retain OverflowAction Entries Log ## ------ ------ -------------- ------- --- ## 512 7 OverwriteOlder 1 MyLog ## change event log retention period Limit-EventLog -LogName MyLog -RetentionDays 3 ## change event log maximum size Limit-EventLog -LogName MyLog -MaximumSize 1MB ## chnage event log overflow action Limit-EventLog -LogName MyLog -OverflowAction "OverwriteAsNeeded" ## get event log details Get-EventLog -List | Where-Object {$_.Log -eq "MyLog"} ## Max(K) Retain OverflowAction Entries Log ## ------ ------ -------------- ------- --- ## 1,024 0 OverwriteAsNeeded 1 MyLog ## Note: retention period is only valid if overflowaction is OverwriteOlder ## delete the event log Remove-EventLog -LogName "MyLog" Remove-Item -Path C:\myfile.dll |
Hope you have enjoyed this article. In the next blog post, we will discuss Clear-EventLog CmdLet in PowerShell.
To Set more details on PowerShell, kindly follow below official documentation