How can I delete a single Windows event log entry using the wevtutil command?

You can use the wevtutil command with an XPath query to filter out specific EventRecordIDs. For example, to delete a single log entry with EventRecordID=1112 from the Security log, run: `wevtutil epl Security 1.evtx "/q:*[System [(EventRecordID!=1112)]]"`. This exports all logs except that entry to a new .evtx file, which you then overwrite onto the original system file. For more details, see the original article on Penetration Techniques - Deleting Single Windows Log Entries.