O'Reilly logo

Python Programming On Win32 by Mark Hammond, Andy Robinson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

A Simpler Way to Read Event Log Records

The function win32evtlogutil.FeedEventLogRecords() is a helper function that makes working with Event Log records easier. To use this function, you supply your own function that takes a single parameter. As records are read, your function is called with the Event Log record. To demonstrate, let’s write a function that obtains all Event Log records for the “WinSock Proxy Client” application.

First, define the “Feeder” function:

>>> def CheckRecord(record):
...     if str(record.SourceName)=="WinSock Proxy Client":
...         print "Have Event ID %s written at %s" % \
...               (record.EventID, record.TimeWritten.Format())
... 
...

Then feed Event Log records to this function. Now call FeedEventLogRecords() specifying your function as the first parameter:

>>> win32evtlogutil.FeedEventLogRecords(CheckRecord)
Have Event ID -2147483645 written at 01/27/99 11:42:22
Have Event ID -2147483645 written at 01/27/99 11:42:13
Have Event ID -2147483645 written at 01/27/99 11:42:10
Have Event ID -2147483645 written at 01/21/99 21:46:43
>>>

Note that win32evtlogutil.FeedEventLogRecords() takes additional parameters allowing you to specify which Event Log to read, and the order for records to be obtained. See the win32evtlogutil.py module for details.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required