Powershell: How to export Windows Eventlogs with Powershell

This is a little dirty Windows Powershell script which exports or backups Windows Eventlogs. The script creates a .evt file which can be used with the Windows Eventlog Viewer.

And with the next code it cleans up older exported Eventlogs.

UPDATE: If you wanna clean the Eventlog after the export you can do that by using the Clear-Eventlog cmdlet. (Thanks to Michel from

And here the whole “script”

Check NTFS Version

If you need to know which version of NTFS you are using you can do that with the fsutil.exe and the following command.

In my case I am testing my C:\ drive:


More on NTFS Versions on wikipedia.

Upgrading through every version of windows

