Home >Common Problem >Windows Event Log Disabling Tutorial: Simple Steps

Windows Event Log Disabling Tutorial: Simple Steps

WBOY
WBOYforward
2023-08-14 09:49:204829browse

Windows 事件日志禁用教程:简单步骤

Event logs are reports detailing major and minor changes and even errors. If a service or startup app fails to run on the first try, a log will be generated. However, when the number of logs becomes large, users may wish to disable Windows event logging.

A single log takes up very little space on disk, but if you generate thousands of these reports per day and store them on an SSD, you will see performance degradation.

Keep reading to learn how to turn off event logging in Windows!

Is it possible to disable the Windows event log?

Yes, there is no harm in disabling the event log. Remember, these logs are only reports to help troubleshoot the problem. They don't perform any action or automatically solve the problem at hand.

For many users, surprisingly, they are the source of the problem. Their corrupted state may trigger errors or cause system performance degradation.

So if you're sure you don't need event logs, disabling them won't cause any problems. However, if storage space is not an issue, we recommend allowing Windows to generate and record event logs. You can clear them out by running Disk Cleanup once a month or so.

How to disable Windows event logs?

1. Disable Private Services

  1. Press to open Search, type "Service" in the text field, and then click on the relevant search results. WindowsS
  2. Now, scroll down and find Windows Event Log, right-click on the service and select Properties. Windows 事件日志禁用教程:简单步骤
  3. Select "Disabled" from the "Startup type" drop-down menu, click the "Stop" button, and then click "OK" to save Change. Windows 事件日志禁用教程:简单步骤
  4. Similarly, also disable the following two services:
    • Window Error Reporting Service
    • Windows Event Collector
  5. Finally, restart your computer for the changes to take effect.

If you want to disable event logs in Windows 10 or latest versions, a quick option is to disable all related services. Without a log, the PC will not be able to register any more logs.

2. Via Command Prompt (CMD)

2.1 Disable the event log service

  1. Press to open Run, type cmd, and then click . WindowsRCtrlShiftEnter
  2. Click "#" at the UAC prompt ##yes".
  3. Now, paste the following two commands separately and click after each command:
  4. Entersc config eventlog start= disabled<strong></strong> net start eventlog<strong></strong>Windows 事件日志禁用教程:简单步骤
  5. Restart the computer to apply the changes.
The two commands we executed immediately terminated the Windows Event Log service and prohibited it from running at startup on subsequent reboots.

2.2 Disable registration audit success log

    Press to open search, type
  1. command prompt in the text field, and click Run as administrator. WindowsS
  2. Click
  3. Yes in the pop-up prompt.
  4. Now, execute the following command:
  5. auditpol /set /subcategory:"Filtering Platform Connection" /success:disable /failure:enable<strong></strong>Windows 事件日志禁用教程:简单步骤
This command will prevent Windows from logging audit successes in the Windows Filtering Platform and will only register audit failure logs. Keep in mind that this won't completely disable Windows event logs, but it will certainly reduce the amount.

3. Use Registry Editor to disable specific logs

  1. Press to open Run, type eventvwr in the text field, and then click OK. WindowsRWindows 事件日志禁用教程:简单步骤
  2. Find the log type you want to disable and double-click it.
  3. Now, go to the Details tab and copy Guid Iisted here. Windows 事件日志禁用教程:简单步骤
  4. Press Open Run, type regedit in the text field, and click .WindowsREnter
  5. Click "Yes" in the prompt that appears.
  6. Next, paste one of the following paths in the address bar depending on the log type and click: Enter<strong>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger\EventLog -System</strong><strong>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger\EventLog-Security</strong>##Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control \WMI\Autologger\EventLog-Application<strong></strong>
  7. Locate and select the GUID you copied earlier under the relevant key in the navigation pane.
  8. Windows 事件日志禁用教程:简单步骤
  9. Double-click the
  10. Enabled DWORD on the right.
  11. Enter
  12. 0 under Numeric Data and click OK to save changes. Windows 事件日志禁用教程:简单步骤
  13. Finally, restart your computer to apply the changes.
That's it! Using the registry, you can disable specific Windows event logs, whether system, security, or application. Although the process is somewhat complex and time-consuming, the changes made here always apply.

Before you leave, learn how to check the error logs in Windows 11 to determine what is triggering the problem and eliminate it.

The above is the detailed content of Windows Event Log Disabling Tutorial: Simple Steps. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:yundongfang.com. If there is any infringement, please contact admin@php.cn delete