问题
The problem was the following: have a feed of the event log under windows. I was asked on irc to help to solve it. I give as an answer the solution we reached.
I was inspired by this question python listen the windows log event
回答1:
Solution
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import win32evtlog # requires pywin32 pre-installed
import win32event
server = 'localhost' # name of the target computer to get event logs
logtype = 'System' # 'Application' # 'Security'
filehandler = win32evtlog.OpenEventLog(server,logtype)
eventhandler = win32event.CreateEvent(None, 1, 0, "wait")
flags = win32evtlog.EVENTLOG_FORWARDS_READ|win32evtlog.EVENTLOG_SEEK_READ
win32evtlog.NotifyChangeEventLog(filehandler, eventhandler)
cursorlog = win32evtlog.GetNumberOfEventLogRecords(filehandler)
cursorlog+=1
print("Go to : %s" % (cursorlog))
while self.skip == False:
#the timeout delay can be set to 0xFFFFFFF for infinite timeout
result = win32event.WaitForSingleObject(eventhandler, 1)
# Timeout
if not result :
readlog = win32evtlog.ReadEventLog(filehandler, flags, cursorlog)
for event in readlog:
print("%s : [%s] : %s" % (event.TimeGenerated.Format(), event.RecordNumber, event.SourceName))
cursorlog+=len(readlog)
来源:https://stackoverflow.com/questions/26149692/how-to-have-a-feed-of-windows-log-event-under-windows