Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #36680 > unrolled thread

Query windows event log with python

Back to article view | Back to comp.lang.python

Contents

  Query windows event log with python robey.lawrence@gmail.com - 2013-01-11 22:09 -0800
    Re: Query windows event log with python alex23 <wuwei23@gmail.com> - 2013-01-12 00:34 -0800
    Re: Query windows event log with python Tim Golden <mail@timgolden.me.uk> - 2013-01-12 09:34 +0000
      Re: Query windows event log with python robey.lawrence@gmail.com - 2013-01-12 21:55 -0800
        Re: Query windows event log with python Tim Golden <mail@timgolden.me.uk> - 2013-01-14 09:07 +0000
      Re: Query windows event log with python robey.lawrence@gmail.com - 2013-01-12 21:55 -0800

#36680 — Query windows event log with python

Hi,

I am looking to write a short program to query the windows event log.

It needs to ask the user for input for The event type (Critical, Error, and Information), and the user needs to be able to specify a date since when they want to view results.

I understand I will need the pywin32 extension, which i already have installed.

I found this piece of code to start from,

<code>
import win32evtlog # requires pywin32 pre-installed

server = 'localhost' # name of the target computer to get event logs
logtype = 'System' # 'Application' # 'Security'
hand = win32evtlog.OpenEventLog(server,logtype)
flags = win32evtlog.EVENTLOG_BACKWARDS_READ|win32evtlog.EVENTLOG_SEQUENTIAL_READ
total = win32evtlog.GetNumberOfEventLogRecords(hand)

while True:
    events = win32evtlog.ReadEventLog(hand, flags,0)
    if events:
        for event in events:
            print 'Event Category:', event.EventCategory
            print 'Time Generated:', event.TimeGenerated
            print 'Source Name:', event.SourceName
            print 'Event ID:', event.EventID
            print 'Event Type:', event.EventType
            data = event.StringInserts
            if data:
                print 'Event Data:'
                for msg in data:
                    print msg
            print
</code>

Thanks for any help.
Robey

[toc] | [next] | [standalone]

#36693

On 12 Jan, 16:09, robey.lawre...@gmail.com wrote:
> Hi,
>
> I am looking to write a short program to query the windows event log.
>
> It needs to ask the user for input for The event type (Critical, Error, and Information), and the user needs to be able to specify a date since when they want to view results.
>
> I understand I will need the pywin32 extension, which i already have installed.
>
> I found this piece of code to start from,
>
> <code>
> import win32evtlog # requires pywin32 pre-installed
>
> server = 'localhost' # name of the target computer to get event logs
> logtype = 'System' # 'Application' # 'Security'
> hand = win32evtlog.OpenEventLog(server,logtype)
> flags = win32evtlog.EVENTLOG_BACKWARDS_READ|win32evtlog.EVENTLOG_SEQUENTIAL_READ
> total = win32evtlog.GetNumberOfEventLogRecords(hand)
>
> while True:
>     events = win32evtlog.ReadEventLog(hand, flags,0)
>     if events:
>         for event in events:
>             print 'Event Category:', event.EventCategory
>             print 'Time Generated:', event.TimeGenerated
>             print 'Source Name:', event.SourceName
>             print 'Event ID:', event.EventID
>             print 'Event Type:', event.EventType
>             data = event.StringInserts
>             if data:
>                 print 'Event Data:'
>                 for msg in data:
>                     print msg
>             print
> </code>
>
> Thanks for any help.
> Robey

What would you like us to provide? Pointers to the Python tutorial? Or
all of the code?

Generally, the onus is on you to attempt to come up with solution
yourself and then to ask for assistance where required. If you want
someone to just write it for you, then you might want to mention how
you plan on recompensing them.

[toc] | [prev] | [next] | [standalone]

#36695

On 12/01/2013 06:09, robey.lawrence@gmail.com wrote:
> I am looking to write a short program to query the windows event
> log.
>
> It needs to ask the user for input for The event type (Critical,
> Error, and Information), and the user needs to be able to specify a
> date since when they want to view results.
>
> I found this piece of code to start from,

[... snip ...]

Well it looks like you have everything you need. Was there a specific 
question you wanted to ask?

TJG

[toc] | [prev] | [next] | [standalone]

#36722

On Saturday, January 12, 2013 8:34:01 PM UTC+11, Tim Golden wrote:
> On 12/01/2013 06:09, email.address@gmail.com wrote:
> 
> > I am looking to write a short program to query the windows event
> 
> > log.
> 
> >
> 
> > It needs to ask the user for input for The event type (Critical,
> 
> > Error, and Information), and the user needs to be able to specify a
> 
> > date since when they want to view results.
> 
> >
> 
> > I found this piece of code to start from,
> 
> 
> 
> [... snip ...]
> 
> 
> 
> Well it looks like you have everything you need. Was there a specific 
> 
> question you wanted to ask?
> 
> 
> 
> TJG

yes, I would like to run it in Command prompt and ask the user at the time what type and date of Event they would like to view. so i was wondering where in the code I could put something like "var=raw_input"

Thanks TJG

[toc] | [prev] | [next] | [standalone]

#36776

On 13/01/2013 05:55, robey.lawrence@gmail.com wrote:
> On Saturday, January 12, 2013 8:34:01 PM UTC+11, Tim Golden wrote:
>> On 12/01/2013 06:09, email.address@gmail.com wrote:
>> 
>>> I am looking to write a short program to query the windows event
>> 
>>> log.
>> 
>>> 
>> 
>>> It needs to ask the user for input for The event type (Critical,
>> 
>>> Error, and Information), and the user needs to be able to specify
>>> a
>> 
>>> date since when they want to view results.
>> 
>>> 
>> 
>>> I found this piece of code to start from,
>> 
>> 
>> 
>> [... snip ...]
>> 
>> 
>> 
>> Well it looks like you have everything you need. Was there a
>> specific
>> 
>> question you wanted to ask?
>> 
>> 
>> 
>> TJG
> 
> yes, I would like to run it in Command prompt and ask the user at the
> time what type and date of Event they would like to view. so i was
> wondering where in the code I could put something like
> "var=raw_input"

Ok, so your query isn't so much with accessing the event log as
with writing Python code at all. If you haven't already, could I suggest
the Python tutorial here:

  http://docs.python.org/2/tutorial/

or, if that one doesn't suit, just search for "Python tutorial" to find
something which fits your brain.

Feel free to post back here with questions once you've got started.

TJG

[toc] | [prev] | [next] | [standalone]

#36723

On Saturday, January 12, 2013 8:34:01 PM UTC+11, Tim Golden wrote:
> On 12/01/2013 06:09, email.address@gmail.com wrote:
> 
> > I am looking to write a short program to query the windows event
> 
> > log.
> 
> >
> 
> > It needs to ask the user for input for The event type (Critical,
> 
> > Error, and Information), and the user needs to be able to specify a
> 
> > date since when they want to view results.
> 
> >
> 
> > I found this piece of code to start from,
> 
> 
> 
> [... snip ...]
> 
> 
> 
> Well it looks like you have everything you need. Was there a specific 
> 
> question you wanted to ask?
> 
> 
> 
> TJG

yes, I would like to run it in Command prompt and ask the user at the time what type and date of Event they would like to view. so i was wondering where in the code I could put something like "var=raw_input"

Thanks TJG

[toc] | [prev] | [standalone]

Back to top | Article view | comp.lang.python

csiph-web