Question: I would like latch commands that would allow me to go into the Admin Tools Event Viewer and copy and clear each log.
Answer: The event viewer is a graphical program so it is not possible to actually run the program in batch. Microsoft introduced command line versions of some of the Admin Tools in Windows 2000 and XP but these are not available in Windows NT.
There is an easy way to make the copies of the log files that you want and I have created a cmd file that will do this for you. The file swaps you to the directory where the log files are actually stored and then copies them. There are three log files called appevent.evt, secevent.evt, and sysevent.evt and I have set the commands up to copy them to app%1.evt sec%1.evt, and sys%1.evt respectively (where %1 is whatever you type in as a parameter when executing the command). For example executing logbak xyz will create copies of the log files as appxyz.evt, secxyz.evt, and sysxyz.evt. If these files already exist then they will be overwritten. Also because this command just does straight copies of the files, you don't need administrator access in order to run it.
There is a problem with trying to clear the log files in batch while they are in use so I haven't tried to include this in the command. The default for the log settings for each log is to overwrite log entries after seven days. If you are going to run the backup copy more frequently than once a week then you may want to go into the Log Settings option in the Log menu of the event viewer program and change this.
The only way I can think of that you might be able to use to clear the event logs is to make backup copies of the logs immediately after clearing them and then include statements in the autoexec.bat file to copy these "empty" files back over the log files. I haven't actually tested this so I am not sure if it will work so if you decide to try this it is entirely at your own risk.
This article written by Stephen Chapman, Felgall Pty Ltd.