Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Python > Query windows event log with python

Reply
Thread Tools

Query windows event log with python

 
 
robey.lawrence@gmail.com
Guest
Posts: n/a
 
      01-12-2013
Hi,

I am looking to write a short program to query the windows event log.

It needs to ask the user for input for The event type (Critical, Error, and Information), and the user needs to be able to specify a date since when they want to view results.

I understand I will need the pywin32 extension, which i already have installed.

I found this piece of code to start from,

<code>
import win32evtlog # requires pywin32 pre-installed

server = 'localhost' # name of the target computer to get event logs
logtype = 'System' # 'Application' # 'Security'
hand = win32evtlog.OpenEventLog(server,logtype)
flags = win32evtlog.EVENTLOG_BACKWARDS_READ|win32evtlog.EV ENTLOG_SEQUENTIAL_READ
total = win32evtlog.GetNumberOfEventLogRecords(hand)

while True:
events = win32evtlog.ReadEventLog(hand, flags,0)
if events:
for event in events:
print 'Event Category:', event.EventCategory
print 'Time Generated:', event.TimeGenerated
print 'Source Name:', event.SourceName
print 'Event ID:', event.EventID
print 'Event Type:', event.EventType
data = event.StringInserts
if data:
print 'Event Data:'
for msg in data:
print msg
print
</code>

Thanks for any help.
Robey
 
Reply With Quote
 
 
 
 
alex23
Guest
Posts: n/a
 
      01-12-2013
On 12 Jan, 16:09, (E-Mail Removed) wrote:
> Hi,
>
> I am looking to write a short program to query the windows event log.
>
> It needs to ask the user for input for The event type (Critical, Error, and Information), and the user needs to be able to specify a date since whenthey want to view results.
>
> I understand I will need the pywin32 extension, which i already have installed.
>
> I found this piece of code to start from,
>
> <code>
> import win32evtlog # requires pywin32 pre-installed
>
> server = 'localhost' # name of the target computer to get event logs
> logtype = 'System' # 'Application' # 'Security'
> hand = win32evtlog.OpenEventLog(server,logtype)
> flags = win32evtlog.EVENTLOG_BACKWARDS_READ|win32evtlog.EV ENTLOG_SEQUENTIAL_READ
> total = win32evtlog.GetNumberOfEventLogRecords(hand)
>
> while True:
> * * events = win32evtlog.ReadEventLog(hand, flags,0)
> * * if events:
> * * * * for event in events:
> * * * * * * print 'Event Category:', event.EventCategory
> * * * * * * print 'Time Generated:', event.TimeGenerated
> * * * * * * print 'Source Name:', event.SourceName
> * * * * * * print 'Event ID:', event.EventID
> * * * * * * print 'Event Type:', event.EventType
> * * * * * * data = event.StringInserts
> * * * * * * if data:
> * * * * * * * * print 'Event Data:'
> * * * * * * * * for msg in data:
> * * * * * * * * * * print msg
> * * * * * * print
> </code>
>
> Thanks for any help.
> Robey


What would you like us to provide? Pointers to the Python tutorial? Or
all of the code?

Generally, the onus is on you to attempt to come up with solution
yourself and then to ask for assistance where required. If you want
someone to just write it for you, then you might want to mention how
you plan on recompensing them.
 
Reply With Quote
 
 
 
 
Tim Golden
Guest
Posts: n/a
 
      01-12-2013
On 12/01/2013 06:09, http://www.velocityreviews.com/forums/(E-Mail Removed) wrote:
> I am looking to write a short program to query the windows event
> log.
>
> It needs to ask the user for input for The event type (Critical,
> Error, and Information), and the user needs to be able to specify a
> date since when they want to view results.
>
> I found this piece of code to start from,


[... snip ...]

Well it looks like you have everything you need. Was there a specific
question you wanted to ask?

TJG
 
Reply With Quote
 
robey.lawrence@gmail.com
Guest
Posts: n/a
 
      01-13-2013
On Saturday, January 12, 2013 8:34:01 PM UTC+11, Tim Golden wrote:
> On 12/01/2013 06:09, (E-Mail Removed) wrote:
>
> > I am looking to write a short program to query the windows event

>
> > log.

>
> >

>
> > It needs to ask the user for input for The event type (Critical,

>
> > Error, and Information), and the user needs to be able to specify a

>
> > date since when they want to view results.

>
> >

>
> > I found this piece of code to start from,

>
>
>
> [... snip ...]
>
>
>
> Well it looks like you have everything you need. Was there a specific
>
> question you wanted to ask?
>
>
>
> TJG


yes, I would like to run it in Command prompt and ask the user at the time what type and date of Event they would like to view. so i was wondering where in the code I could put something like "var=raw_input"

Thanks TJG
 
Reply With Quote
 
robey.lawrence@gmail.com
Guest
Posts: n/a
 
      01-13-2013
On Saturday, January 12, 2013 8:34:01 PM UTC+11, Tim Golden wrote:
> On 12/01/2013 06:09, (E-Mail Removed) wrote:
>
> > I am looking to write a short program to query the windows event

>
> > log.

>
> >

>
> > It needs to ask the user for input for The event type (Critical,

>
> > Error, and Information), and the user needs to be able to specify a

>
> > date since when they want to view results.

>
> >

>
> > I found this piece of code to start from,

>
>
>
> [... snip ...]
>
>
>
> Well it looks like you have everything you need. Was there a specific
>
> question you wanted to ask?
>
>
>
> TJG


yes, I would like to run it in Command prompt and ask the user at the time what type and date of Event they would like to view. so i was wondering where in the code I could put something like "var=raw_input"

Thanks TJG
 
Reply With Quote
 
Tim Golden
Guest
Posts: n/a
 
      01-14-2013
On 13/01/2013 05:55, (E-Mail Removed) wrote:
> On Saturday, January 12, 2013 8:34:01 PM UTC+11, Tim Golden wrote:
>> On 12/01/2013 06:09, (E-Mail Removed) wrote:
>>
>>> I am looking to write a short program to query the windows event

>>
>>> log.

>>
>>>

>>
>>> It needs to ask the user for input for The event type (Critical,

>>
>>> Error, and Information), and the user needs to be able to specify
>>> a

>>
>>> date since when they want to view results.

>>
>>>

>>
>>> I found this piece of code to start from,

>>
>>
>>
>> [... snip ...]
>>
>>
>>
>> Well it looks like you have everything you need. Was there a
>> specific
>>
>> question you wanted to ask?
>>
>>
>>
>> TJG

>
> yes, I would like to run it in Command prompt and ask the user at the
> time what type and date of Event they would like to view. so i was
> wondering where in the code I could put something like
> "var=raw_input"


Ok, so your query isn't so much with accessing the event log as
with writing Python code at all. If you haven't already, could I suggest
the Python tutorial here:

http://docs.python.org/2/tutorial/

or, if that one doesn't suit, just search for "Python tutorial" to find
something which fits your brain.

Feel free to post back here with questions once you've got started.

TJG
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ASP Problem: "IIS log failed to write entry" in Event Log cherryparadise001@gmail.com ASP General 0 05-26-2006 01:52 AM
My.Log.Writeexception not writing to Application Event Log. =?Utf-8?B?VG9tIFdpbmdlcnQ=?= ASP .Net 0 01-20-2006 06:41 PM
My.Log.WriteException not writing to Event Log with ASP.Net 2.0 Tom Wingert ASP .Net Web Services 0 01-12-2006 06:46 PM
Need help on the Permissions needed to log to Event Log from ASP.NET? Henrik_the_boss ASP .Net 0 11-05-2003 10:14 AM



Advertisments