How retrieve from Python win32evtlog rest of info?

问题

Using win32evtlog I can get next info:

events = win32evtlog.ReadEventLog(loghandle, flags, 0)
while events:
    for event in events:
        print 'Event Category:', event.EventCategory
        print 'Time Generated:', event.TimeGenerated
        print 'Source Name:', event.SourceName
        print 'Event ID:', event.EventID
        print 'Event Type:', event.EventType
        data = event.StringInserts
        if data:
            print 'Event Data:'
            for msg in data:
                print msg
    events = win32evtlog.ReadEventLog(loghandle, flags, 0)

But if we look at event structure:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
  <Provider Name="PRNAME" /> 
  <EventID Qualifiers="0">18</EventID> 
  <Level>0</Level> 
  <Task>0</Task> 
  <Keywords>0xa0000000000000</Keywords> 
  <TimeCreated SystemTime="2012-04-03T05:30:02.000000000Z" /> 
  <EventRecordID>2387524</EventRecordID> 
  <Channel>PRNAME</Channel> 
  <Computer>A00001</Computer> 
  <Security /> 
  </System>
- <EventData>
  <Data>tst</Data> 
  <Binary>01020304</Binary> 
  </EventData>
  </Event>

We can find there additional info:

• Channel name - that is different from Provider name
• EventRecordId
• Computer
• Binary

and other. How to get them? I especially need Binary and EventRecordId, but I guess there have to be way to get all data from event log.

回答1:

If you don't mind to use BeautifulSoup over the xml formatted data, then here is an example

from bs4 import BeautifulSoup

soup = BeautifulSoup(event_log_as_xml)

print soup.find("channel").text
print soup.find("eventrecordid").text
print soup.find("computer").text
print soup.find("binary").text

回答2:

Have you tried this ?

events = win32evtlog.ReadEventLog(loghandle, flags, 0)
if events:
  print dir(events[0])

Myself I get some of the fields you were looking for:

• RecordNumber
• ComputerName

来源：https://stackoverflow.com/questions/22862430/how-retrieve-from-python-win32evtlog-rest-of-info