Hi, I'm new to python, i want to read some specific events form Event Viewer
and then compare it with something else. For example I want to read event 552
and all o fits' properties: Date, Time, Type, User, Computer, Source, Category,
EventID and all description and put it in a file.I've tried something with
win32evtlogutil but i think i'm missing something. Can someone help me here ? I
know that isn't diffcult, maybe someone can point me to the right direction
I found this, it's working for a few events , but I need to read info about
specific events, for example 18,19, 1014, 206
Thank you.
import win32evtlog
import win32evtlogutil
flags = win32evtlog.EVENTLOG_BACKWARDS_READ|win32evtlog.EVENTLOG_SEQUENTIAL_READ
hand=win32evtlog.OpenEventLog("test", "System")
try:
events=1
while events:
events=win32evtlog.ReadEventLog(hand,flags,0)
for ev_obj in events:
#data is recent enough, so print it out
computer=str(ev_obj.ComputerName)
cat=str(ev_obj.EventCategory)
level=str(ev_obj.EventType )
src=str(ev_obj.SourceName)
record=str(ev_obj.RecordNumber)
evt_id=str(winerror.HRESULT_CODE(ev_obj.EventID))
evt_type=str(evt_dict[ev_obj.EventType])
msg = str(win32evtlogutil.SafeFormatMessage(ev_obj, logtype))
print evt_id
print msg
win32evtlog.CloseEventLog(hand)
except:
print traceback.print_exc(sys.exc_info())
_______________________________________________
python-win32 mailing list
python-win32@python.org
http://mail.python.org/mailman/listinfo/python-win32
