As discussed previously, the text for a message is not written to the
Event Log, just the inserts specific to
this record. Obtaining the text for an Event Log record isn’t a
trivial matter; it requires you to look up the registry, then call a
complicated Win32 function to format the message. Fortunately, the
module comes to the rescue.
There are two functions in this module that deal with formatting
returns a formatted message, raising
an exception if an error occurs (such as not being able to locate the
source of the message text).
is similar, but it traps the
exceptions and returns a useful value. Let’s change the feeder
function to print the full Event Log message:
>>> def CheckRecord(record): ... if str(record.SourceName)=="WinSock Proxy Client": ... print win32evtlogutil.SafeFormatMessage(record) ...
And feed Event Log records to it:
>>> win32evtlogutil.FeedEventLogRecords(CheckRecord) Application [DCCMAN.EXE]. The application was started while the service manager was locked and NtLmSsp wasn't running. If the application will try to remote via WinSock Proxy it can cause a deadlock with the service manager. [and lots more boring stuff!]