看SECURITY日志的详细信息:
C:\Windows\system32>wevtutil gl security
name: securityenabled: truetype: Admin
owningPublisher:isolation: CustomchannelAccess: O:BAG:SYD:(A;;0xf0005;;;SY)(A;;0×5;;;BA)(A;;0×1;;;S-1-5-32-573)
logging:logFileName: %SystemRoot%\System32\Winevt\Logs\security.evtxretention: false
autoBackup: falsemaxSize: 20971520publishing:
fileMax: 1
清空SECURITY/SYSTEM/APPLICATION日志:
C:\Windows\system32>wevtutil cl securityC:\Windows\system32>wevtutil cl systemC:\Windows\system32>wevtutil cl application