Retaining Eventlog

31 days doesn't seem unreasonable, but it entirely depends on what's being logged and what the potential usage of the logs would be. The size of the event log depends entirely on how many events have been recorded. You can fix the event log retention at 31 days but you will need to consider:

• Even if you 'benchmark' your event log size and know that it will normally be an acceptable size with 31-days retention, what about unusual circumstances that cause it to grow in size? Chances are those are also the times at which you want to go and look at the event log.
• You open yourself up to an exploit if you set event log retention to a fixed period of time: An attacker just has to identify any method of making an entry in your event log, then repeat that action a whole lot of times and consume all the free space on your server. An unlikely scenario, but highlights the point that 'interesting' stuff can start happening when you pick a particular log retention policy*

You may wish to configure Event Log Forwarding to a central server with lots of spare disk space.

**Even more interesting things happen if you pick 'Rotate after x events'. In that case, an attacker can do whatever they like to the server then just spam the event log to flush records of their actions and clear their tracks.*

To be honest, Event viewer is one of the weakest of Microsofts products. Install a third party event log handler. I use Splunk on my own machines (which is a free download if you are logging small amounts of data, but costs as you grow). It reads not only event logs, but things like WMI, Perfmon and SQL Server logs.