Re: [python-win32] Python parser for Windows Event Logs

Message: 3 Date: Thu, 16 Jul 2009 16:08:51 -0700 From: Tim Roberts t...@probo.com To: python-win32@python.org Subject: Re: [python-win32] Python parser for Windows Event Logs Message-ID: 4a5fb303.7010...@probo.com Content-Type: text/plain; charset=ISO-8859-1 Tony Cappellini wrote: I've added

Re: [python-win32] Python parser for Windows Event Logs

Tony Cappellini wrote: while 1: events=win32evtlog.ReadEventLog(hand,flags,0) if not events: break for event in events: print event.EventID, event.StringInserts then it all works as expected. This is what I'm doing. I have added the while 1 last week, after

Re: [python-win32] Python parser for Windows Event Logs

Tony Cappellini wrote: Similar. I saved one of the application event logs, and although Tim, would you try parsing the SystemEventLog (from Windows XP)? This is the one I'm having problems with, not the application log. It shouldn't make one whit of difference. The format of

Re: [python-win32] Python parser for Windows Event Logs

Tony Cappellini wrote: I've added the While loop Mark suggested but still see the same issue. GetNumberOfEventLogRecords() still returns 6 events, However the object returned from ReadEvenLog() still only contains 3 objects The next call to ReadeventLog() returns None I tried to send this

Re: [python-win32] Python parser for Windows Event Logs

Ok- I've figured out the problem. After Mark suggested doing the call to ReadEventLog() inside of the while loop, I had accidentally left a call to ReadEventLog() outside of the loop. So the data coming back from that was just thrown away. The reason I didn't see that call is because all of

Re: [python-win32] Python parser for Windows Event Logs

I've added the While loop Mark suggested but still see the same issue. GetNumberOfEventLogRecords() still returns 6 events, However the object returned from ReadEvenLog() still only contains 3 objects The next call to ReadeventLog() returns None flags =

Re: [python-win32] Python parser for Windows Event Logs

Tony Cappellini wrote: I've added the While loop Mark suggested but still see the same issue. GetNumberOfEventLogRecords() still returns 6 events, However the object returned from ReadEvenLog() still only contains 3 objects The next call to ReadeventLog() returns None ... Would anyone be

Re: [python-win32] Python parser for Windows Event Logs

Tony Cappellini wrote: I've added the While loop Mark suggested but still see the same issue. GetNumberOfEventLogRecords() still returns 6 events, However the object returned from ReadEvenLog() still only contains 3 objects The next call to ReadeventLog() returns None OK, in my test,

Re: [python-win32] Python parser for Windows Event Logs

That didn't really change anything. GetNumberOfEventLogRecords() tells me there are 6 events, However the object returned from ReadEvenLog() still only contains 3 objects flags = win32evtlog.EVENTLOG_BACKWARDS_READ|win32evtlog.EVENTLOG_SEQUENTIAL_READ events = win32evtlog.ReadEventLog(hand,

Re: [python-win32] Python parser for Windows Event Logs

Check out the ReadEventLog code in win32evtlogutil.py - you will notice you need a loop like: while 1: objects = win32evtlog.ReadEventLog(h, readFlags, 0) if not objects: break Mark On 11/07/2009 1:38 PM, Tony Cappellini wrote: Ok, I'm able to

Re: [python-win32] Python parser for Windows Event Logs

I'll give that a try. I was using this for my reference http://timgolden.me.uk/pywin32-docs/Windows_NT_Eventlog.html On 7/11/09, Mark Hammond skippy.hamm...@gmail.com wrote: Check out the ReadEventLog code in win32evtlogutil.py - you will notice you need a loop like: while 1:

Re: [python-win32] Python parser for Windows Event Logs

Tony Cappellini wrote: Tim G's winsys wrapper will only read the live event logs. However, the native Win32 event log APIs can all read a saved .evt file just as well as a live log. You need to look into the win32evtlog module. win32evtlog.OpenBackupEventLog should let you access

Re: [python-win32] Python parser for Windows Event Logs

Ok, I'm able to parse Event51 logs now. However, there seems to be a problem with the object returned from ReadEventLogs() GetNumberOfEvents() tells me there are 6 events. I can see all sixe events using the EventViewer in Control Panle, on Widnwos XP. However, the iterator returned from

[python-win32] Python parser for Windows Event Logs

Does anyone know if there is a Python module which will parse Windows Event Logs? Using the EventViewer is tedious, and I'd rather be abel to do this programmatically. Thanks ___ python-win32 mailing list python-win32@python.org

Re: [python-win32] Python parser for Windows Event Logs

Check wmi module: http://timgolden.me.uk/python/wmi.html It has some functions to access windows logs.. Regards 2009/7/9 Tony Cappellini cappy2...@gmail.com Does anyone know if there is a Python module which will parse Windows Event Logs? Using the EventViewer is tedious, and I'd rather be

Re: [python-win32] Python parser for Windows Event Logs

Thanks, but those just monitor events. I need to pull some very specific data from an event log file, after I know the event has already occurred. Tim has another module called winsys, and there is an object which handles some aspects of reading event logs.

Re: [python-win32] Python parser for Windows Event Logs

Tony Cappellini wrote: Thanks, but those just monitor events. I need to pull some very specific data from an event log file, after I know the event has already occurred. Tim has another module called winsys, and there is an object which handles some aspects of reading event logs.