I am developing an application that creates Windows event logs and writes to them.
However, during development and testing, I created some event logs by mistake, with sources registered to them.
The issue is that only the first 8 characters of the event log name are significant. Now that I have logs with incorrect names, I cannot create the new logs that I need.
Is there any way to totally remove these event logs (and not just clear them)?
I have tried to delete the file C:\Windows\System32\winevt\Logs\WrongNamedEventLog.evtx
, but with no success.
Do it programmatically, like this (C#):
You don't have to compile a C# application to do it though, just invoke the
Delete(string logname)
method from PowerShell if you like:I haven't tested this, but if I was in your case...
Use regedit to browse this path, and delete your custom bogus logs:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\LogToDelete
Reboot
Then delete the corresponding files from:
C:\Windows\System32\winevt\Logs
and/or
C:\windows\system32\config