This is part 7 of our mini-series covering PowerShell script block logging. We now just need some cleanup tool that can clear the script block logging log. For this, you need Administrator privileges.
Before you clear the log: this will clear the entire PowerShell log. If you do not own the machine, make sure it is OK to delete this information. It may be used by others for forensic security analysis.
Here is a function that clears the log:
function Clear-PowerShellLog { <# .SYNOPSIS Ckears the entire PowerShell operational log including script blog logging entries. Administrator privileges required. .DESCRIPTION Clears the complete content of the log Microsoft-Windows-PowerShell/Operational. This includes all logged script block code. .EXAMPLE Clear-PowershellLog Clears the entire log Microsoft-Windows-PowerShell/Operational. #> [CmdletBinding(ConfirmImpact='High')] param() try { $ErrorActionPreference = 'Stop' wevtutil cl Microsoft-Windows-PowerShell/Operational } catch { Write-Warning "Administrator privileges required. Run this command from an elevated PowerShell."
