Query windows event log with python

robey.lawrence at gmail.com robey.lawrence at gmail.com
Sat Jan 12 07:09:21 CET 2013


I am looking to write a short program to query the windows event log.

It needs to ask the user for input for The event type (Critical, Error, and Information), and the user needs to be able to specify a date since when they want to view results.

I understand I will need the pywin32 extension, which i already have installed.

I found this piece of code to start from,

import win32evtlog # requires pywin32 pre-installed

server = 'localhost' # name of the target computer to get event logs
logtype = 'System' # 'Application' # 'Security'
hand = win32evtlog.OpenEventLog(server,logtype)
total = win32evtlog.GetNumberOfEventLogRecords(hand)

while True:
    events = win32evtlog.ReadEventLog(hand, flags,0)
    if events:
        for event in events:
            print 'Event Category:', event.EventCategory
            print 'Time Generated:', event.TimeGenerated
            print 'Source Name:', event.SourceName
            print 'Event ID:', event.EventID
            print 'Event Type:', event.EventType
            data = event.StringInserts
            if data:
                print 'Event Data:'
                for msg in data:
                    print msg

Thanks for any help.

More information about the Python-list mailing list