Daren Russell wrote: > I've been having a look at the wmi module in the hope of being able to > read the event logs of a windows server and save them as a standard text > file for archival purposes. > > However, the only method I can see is the BackupEventLog method. I kind > of figured if I opened the log, and did a for loop through it I could > read each event logged - this doesn't seem to be the case ;-) (or I'm > being a bit dumb ;-) ) > > Is it possible to read individual events from an already written log > file using this module? If there is a documented method (I've found the > watcher method, but do not want this) then all pointers to relevant > documentation (or snippets of code!) appreciated.
Welcome to WMI! There's so much WMI stuff around the web (not usually referring to Python) that usually a search such as "wmi read event log" will be enough to set you on the right path: http://www.google.co.uk/search?q=wmi+read+event+log Obviously, you then have to translate the examples into Python, which is rarely difficult once you've got the hang... To get you going here's a really basic query making use only of the fact that I can get the name of the relevant WMI class from the watcher example you refer to: <code> import wmi c = wmi.WMI () # can put other server here if needed for i in c.Win32_NTLogEvent (): print i break </code> Since the "print i" bit outputs a useful dump, we can see that the Win32_NTLogEvent records have fields such as: EventType and Logfile. The EventType you have to search for: http://www.google.co.uk/search?q=Win32_NTlogevent+eventtype but amounts to 2 for, say, Warnings. Taken all together, you can query the System log for Warnings like this (you might want to qualify the time as well): <code> import wmi c = wmi.WMI () for log in c.Win32_NTLogEvent (EventType=2, Logfile="System"): print log </code> Hope that gets you on your way. TJG _______________________________________________ python-win32 mailing list [email protected] http://mail.python.org/mailman/listinfo/python-win32
