Export (0) Print
Expand All
Expand Minimize
This topic has not yet been rated - Rate this topic

Clear-CMAmtAuditLog

Updated: February 7, 2014

Applies To: System Center 2012 R2 Configuration Manager

Clear-CMAmtAuditLog

Clears audit log entries for Intel AMT-based computers.

Syntax

Parameter Set: SearchByNameMandatory
Clear-CMAmtAuditLog -DeviceName <String[]> [-Force] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: SearchByCollectionIdMandatory
Clear-CMAmtAuditLog -DeviceCollectionId <String[]> [-Force] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: SearchByCollectionNameMandatory
Clear-CMAmtAuditLog -DeviceCollectionName <String[]> [-Force] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: SearchByCollectionValueMandatory
Clear-CMAmtAuditLog -DeviceCollection <IResultObject> [-Force] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: SearchByIdMandatory
Clear-CMAmtAuditLog -DeviceId <String[]> [-Force] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: SearchByValueMandatory
Clear-CMAmtAuditLog -Device <IResultObject> [-Force] [-Confirm] [-WhatIf] [ <CommonParameters>]




Detailed Description

The Clear-CMAmtAuditLog cmdlet clears audit log entries for Intel Active Management Technology (Intel AMT)-based computers. The audit log records authorized and authenticated out-of-band management activities performed on Intel AMT computers.

Depending on your Intel AMT version, once the audit log becomes 85 percent full, noncritical log entries might not be written to the log or might overwrite old entries. This cmdlet does not stop audit logging. You can use the Disable-CMAmtAuditLog cmdlet to stop logging.

You can specify computers by using the Microsoft System Center 2012 Configuration Manager device name or device ID, or you can use the Get-CMDevice cmdlet to get a device object. You can also clear audit logs for all the devices in a System Center 2012 Configuration Manager collection. Specify a collection by using the collection name or collection ID, or you can use the Get-CMDeviceCollection cmdlet to get a device collection object.

Parameters

-Device<IResultObject>

Specifies a device object. To obtain a device object, use the Get-CMDevice cmdlet.


Aliases

InputObject

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-DeviceCollection<IResultObject>

Specifies a device collection object. To obtain a device collection object, use the Get-CMDeviceCollection cmdlet.


Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-DeviceCollectionId<String[]>

Specifies an array of IDs of device collections.


Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-DeviceCollectionName<String[]>

Specifies an array of names of device collections.


Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-DeviceId<String[]>

Specifies an array of IDs of devices.


Aliases

ResourceId

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-DeviceName<String[]>

Specifies an array of names of devices.


Aliases

Name

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-Force

Performs the action without a confirmation message.


Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

True (ByPropertyName)

Accept Wildcard Characters?

false

-Confirm

Prompts you for confirmation before executing the command.


Required?

false

Position?

named

Default Value

false

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-WhatIf

Describes what would happen if you executed the command without actually executing the command.


Required?

false

Position?

named

Default Value

false

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

<CommonParameters>

This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see about_CommonParameters.

Inputs

The input type is the type of the objects that you can pipe to the cmdlet.

Outputs

The output type is the type of the objects that the cmdlet emits.

Examples

Example 1: Clear the audit log by using an ID

This command clears the Intel AMT audit log for a device that has the ID 16777230.


PS C:\> Clear-CMAmtAuditLog -DeviceID "16777230"

Example 2: Clear audit logs for a device collection

This command clears Intel AMT audit logs for the devices in a collection named Floor03.


PS C:\> Clear-CMAmtAuditLog -DeviceCollectionName "Floor03"

Example 3: Clear the audit log by using a variable

The first command gets a device object by using the Get-CMDevice cmdlet, and stores it in the $CMD variable.

The second command clears the Intel AMT audit for the device stored in the $CMD variable. The command uses the Force parameter. Therefore, the command does not prompt you for confirmation.


PS C:\> $CMD = Get-CMDevice -Name "Accn023.Contoso.com" 
PS C:\> Clear-CMAmtAuditLog -Device $CMD -Force

Related topics

 
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.