I have been using the same cleaner for several years. Until recently I used it on Windows 7. Now I use it on Windows 10.
Used it as well, but I find more effective to delete the content of C:\Windows\System32\winevt\Logs From a parallel system, which allows me to recover GBs of space, deleting also the content of \windows\logs \windows\system32\logs \windows\system32\sru \windows\system32\wdi and so on Dual boot is always the best things to do, unless you are in production and a server can't be offline even for few minutes.
If everything is working, I've always just disabled the Windows Event Log service, as you can always reenable it if you need to troubleshoot anything. Stopping this service also disables the creation of logs in: C:\Windows\System32\winevt\Logs C:\ProgramData\Microsoft\Windows Defender\Scans\History C:\Windows\System32\LogFiles\WMI And not only lets you delete most of the log files in these locations it completely disables the creation of these log files until you reenable the service, which if you do the math on how much these logs are written to, is a lot of completely unnecessary SSD wear, and and background i/o. I've experienced no ill effects from disabling this service what-so-ever, your milage may vary, but it's easy to re-enable if needed. I am curious though if anyone on MDL knows how to completely disable all logging in Windows 10 because there's still log activity going on from other processes. If found some articles on reducing log verbosity of specific logs, but the undocumented volume of logging in Windows is massive.
yes @Dark Dinosaur knows a pwsh code to disable all or specific event logs creation. his scripts are awesome.
dear friend no am not trolling. @Dark Dinosaur knows the best. its his simplicity to never take credits for the work he is doing especially on our MDL community. learning a lot lot from him. pl cheer up & dont be sad
If he knows so much, and it's so simple; where is this script for disabling all Windows event logging? if you've learned so much from him, and claim such a script exists, surely you know where it is? I'm not just sad, you're just obtuse...
ohoo Obtuse . ok thanks for this compliment as i never know or noboby ever let me know that i am Obtuse too. thanks a lot lot again.
I tried TypesSupported (set everywhere to 3) and it further reduced the chatter in the event logs. So in combination with EnableLevel (which I think is primary and more important) it greatly silences the event logs. They are very suitable for automation through batch files, but sadly I don't know how to write it (together with MaxSize, Retention and AutoBackupLogFiles). This is a very sensitive area of the registry and any error could be fatal. Also, taking ownership/acquiring permissions might be needed on a fresh installation (I did that on many places in the registry a long time ago and I don't know if it is needed here). GL
You're welcome you helpful, helper, with all your helpful help, and supportive support, of helpful, helpfulness. You're welcome a lot a lot so much again, keep up the amazing work!
thanks for the tip... so basically go HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger and find the key EnableLevel just change it to 3. theres is a lot of subkeys. and i was about to ask about script. as it is time consuming but very worth it. a script with all your tweaks...
You don't need a script for such simple thing, just export the key, open the exported .reg with a text editor, search and replace all the values you want to change, and reimport the .reg