Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Query windows event log with python
2,320 views
Skip to first unread message
robey.l...@gmail.com
Jan 12, 2013, 1:09:21 AM1/12/13
to
Hi,
I am looking to write a short program to query the windows event log.
It needs to ask the user for input for The event type (Critical, Error, and Information), and the user needs to be able to specify a date since when they want to view results.
I understand I will need the pywin32 extension, which i already have installed.
I found this piece of code to start from,
<code>
import win32evtlog # requires pywin32 pre-installed
server = 'localhost' # name of the target computer to get event logs
logtype = 'System' # 'Application' # 'Security'
hand = win32evtlog.OpenEventLog(server,logtype)
flags = win32evtlog.EVENTLOG_BACKWARDS_READ|win32evtlog.EVENTLOG_SEQUENTIAL_READ
total = win32evtlog.GetNumberOfEventLogRecords(hand)
while True:
events = win32evtlog.ReadEventLog(hand, flags,0)
if events:
for event in events:
print 'Event Category:', event.EventCategory
print 'Time Generated:', event.TimeGenerated
print 'Source Name:', event.SourceName
print 'Event ID:', event.EventID
print 'Event Type:', event.EventType
data = event.StringInserts
if data:
print 'Event Data:'
for msg in data:
print msg
print
</code>
Thanks for any help.
Robey
I am looking to write a short program to query the windows event log.
It needs to ask the user for input for The event type (Critical, Error, and Information), and the user needs to be able to specify a date since when they want to view results.
I understand I will need the pywin32 extension, which i already have installed.
I found this piece of code to start from,
<code>
import win32evtlog # requires pywin32 pre-installed
server = 'localhost' # name of the target computer to get event logs
logtype = 'System' # 'Application' # 'Security'
hand = win32evtlog.OpenEventLog(server,logtype)
flags = win32evtlog.EVENTLOG_BACKWARDS_READ|win32evtlog.EVENTLOG_SEQUENTIAL_READ
total = win32evtlog.GetNumberOfEventLogRecords(hand)
while True:
events = win32evtlog.ReadEventLog(hand, flags,0)
if events:
for event in events:
print 'Event Category:', event.EventCategory
print 'Time Generated:', event.TimeGenerated
print 'Source Name:', event.SourceName
print 'Event ID:', event.EventID
print 'Event Type:', event.EventType
data = event.StringInserts
if data:
print 'Event Data:'
for msg in data:
print msg
</code>
Thanks for any help.
Robey
alex23
Jan 12, 2013, 3:34:19 AM1/12/13
to
all of the code?
Generally, the onus is on you to attempt to come up with solution
yourself and then to ask for assistance where required. If you want
someone to just write it for you, then you might want to mention how
you plan on recompensing them.
Tim Golden
Jan 12, 2013, 4:34:01 AM1/12/13
to pytho...@python.org
On 12/01/2013 06:09, robey.l...@gmail.com wrote:
> I am looking to write a short program to query the windows event
> log.
>
> It needs to ask the user for input for The event type (Critical,
> Error, and Information), and the user needs to be able to specify a
> date since when they want to view results.
>
> I am looking to write a short program to query the windows event
> log.
>
> It needs to ask the user for input for The event type (Critical,
> Error, and Information), and the user needs to be able to specify a
> date since when they want to view results.
>
> I found this piece of code to start from,
[... snip ...]
Well it looks like you have everything you need. Was there a specific
question you wanted to ask?
TJG
robey.l...@gmail.com
Jan 13, 2013, 12:55:33 AM1/13/13
to pytho...@python.org
On Saturday, January 12, 2013 8:34:01 PM UTC+11, Tim Golden wrote:
yes, I would like to run it in Command prompt and ask the user at the time what type and date of Event they would like to view. so i was wondering where in the code I could put something like "var=raw_input"
Thanks TJG
Thanks TJG
robey.l...@gmail.com
Jan 13, 2013, 12:55:33 AM1/13/13
to comp.lan...@googlegroups.com, pytho...@python.org
On Saturday, January 12, 2013 8:34:01 PM UTC+11, Tim Golden wrote:
Tim Golden
Jan 14, 2013, 4:07:06 AM1/14/13
to Pytho...@python.org
with writing Python code at all. If you haven't already, could I suggest
the Python tutorial here:
http://docs.python.org/2/tutorial/
or, if that one doesn't suit, just search for "Python tutorial" to find
something which fits your brain.
Feel free to post back here with questions once you've got started.
TJG
mons....@gmail.com
Mar 29, 2019, 11:06:13 PM3/29/19
to
lol cheeky as.
server = 'x' # name of the target computer to get event logs
source = 'x' # 'Application' # 'Security'
hand = win32evtlog.OpenEventLog(server, source)
log = win32evtlog.ReadEventLog(hand, flags, 0, )
i wanna keep going hard as i do and learn it but keep getting a nonsensical error
OverflowError: days=1834132873; must have magnitude <= 999999999
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
SystemError: <built-in function ReadEventLog> returned a result with an error set
cant find much info, tried a few win32 modules to see if it made a difference.
server = 'x' # name of the target computer to get event logs
source = 'x' # 'Application' # 'Security'
hand = win32evtlog.OpenEventLog(server, source)
flags = win32evtlog.EVENTLOG_BACKWARDS_READ | win32evtlog.EVENTLOG_SEQUENTIAL_READ
total = win32evtlog.GetNumberOfEventLogRecords(hand)
event_no = 1
total = win32evtlog.GetNumberOfEventLogRecords(hand)
log = win32evtlog.ReadEventLog(hand, flags, 0, )
i wanna keep going hard as i do and learn it but keep getting a nonsensical error
OverflowError: days=1834132873; must have magnitude <= 999999999
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
SystemError: <built-in function ReadEventLog> returned a result with an error set
cant find much info, tried a few win32 modules to see if it made a difference.
0 new messages