# Script by Timur@0x01337.com
# Date: 2023-11-24
<#
.Description
Clears the logs by log name.

Requires administrator privileges.

.PARAMETER logName
A name of the log list to clear.

.PARAMETER help
Displays a detailed usage description of this script.

.EXAMPLE
PS> .\Clear-Event-Logs.ps1 -logName "Windows PowerShell"

.EXAMPLE
PS> .\Clear-Event-Logs.ps1 -help
#>

# Getting command line parameters
param (
    [parameter(Mandatory = $false)][string]$logName,
    [parameter(Mandatory = $false)][switch]$help
)

$currentPrincipal = New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())
$isAdmin = $currentPrincipal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
if (!$isAdmin) {
    Write-Error "This script requires administrator privileges"
    exit 1
}

# Writing help message
if ($help) {
    get-help $MyInvocation.MyCommand.Path -Full
    exit 0
}

if (!$logName) {
    Write-Error "Log name is required"
    exit 1
}

Write-Host "Cleaning event log in [$logName]"
try {
    Clear-EventLog $logName -ErrorAction Stop
}
catch {
    Write-Error "Can't find log list [$logName]"
    exit 1
}
Write-Host "Cleaning event log in [$logName] is finished"

exit 0