How to Read the Event Log
This functionality is easy to demonstrate. Let’s open the Event Log and read the first few records:
>>> import win32evtlog >>> h=win32evtlog.OpenEventLog(None, "Application")
You’ve now opened the application Event Log. To read records sequentially backwards from the end, combine the flags using the Python bitwise-or operator ( | ):
>>> flags= win32evtlog.EVENTLOG_BACKWARDS_READ|win32evtlog.EVENTLOG_SEQUENTIAL_READ >>> records=win32evtlog.ReadEventLog(h, flags, 0) >>> len(records) 7
This call to ReadEventLog() returned seven Event
Log records. Let’s look at some of the properties of the first
one:
>>> records[0] <PyEventLogRecord object at 187d040>
It’s one of our objects; let’s look inside:
>>> records[0].SourceName L'WinSock Proxy Client' >>> records[0].TimeWritten.Format() '01/27/99 11:42:22' >>>
This first record was written by the “Winsock Proxy Client,” and you can see the date and time it was written. Note the L prefix on the returned string. All strings are returned as Unicode objects.
Get Python Programming On Win32 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
