本文整理汇总了Python中win32evtlog.EVENTLOG_SEQUENTIAL_READ属性的典型用法代码示例。如果您正苦于以下问题:Python win32evtlog.EVENTLOG_SEQUENTIAL_READ属性的具体用法?Python win32evtlog.EVENTLOG_SEQUENTIAL_READ怎么用?Python win32evtlog.EVENTLOG_SEQUENTIAL_READ使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类win32evtlog
的用法示例。
在下文中一共展示了win32evtlog.EVENTLOG_SEQUENTIAL_READ属性的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_basic
# 需要导入模块: import win32evtlog [as 别名]
# 或者: from win32evtlog import EVENTLOG_SEQUENTIAL_READ [as 别名]
def test_basic(self):
logtype = 'Application'
elh = win32evtlog.OpenEventLog(None, logtype)
num_recs = win32evtlog.GetNumberOfEventLogRecords(elh)
try:
h = logging.handlers.NTEventLogHandler('test_logging')
except pywintypes.error as e:
if e.winerror == 5: # access denied
raise unittest.SkipTest('Insufficient privileges to run test')
raise
r = logging.makeLogRecord({'msg': 'Test Log Message'})
h.handle(r)
h.close()
# Now see if the event is recorded
self.assertLess(num_recs, win32evtlog.GetNumberOfEventLogRecords(elh))
flags = win32evtlog.EVENTLOG_BACKWARDS_READ | \
win32evtlog.EVENTLOG_SEQUENTIAL_READ
found = False
GO_BACK = 100
events = win32evtlog.ReadEventLog(elh, flags, GO_BACK)
for e in events:
if e.SourceName != 'test_logging':
continue
msg = win32evtlogutil.SafeFormatMessage(e, logtype)
if msg != 'Test Log Message\r\n':
continue
found = True
break
msg = 'Record not found in event log, went back %d records' % GO_BACK
self.assertTrue(found, msg=msg)
# Set the locale to the platform-dependent default. I have no idea
# why the test does this, but in any case we save the current locale
# first and restore it at the end.
示例2: _list_evt_xp
# 需要导入模块: import win32evtlog [as 别名]
# 或者: from win32evtlog import EVENTLOG_SEQUENTIAL_READ [as 别名]
def _list_evt_xp(self, server, logtype):
"""Retrieves the contents of the event log for Windows XP"""
self.logger.info('Exporting logs for : ' + logtype)
hand = win32evtlog.OpenEventLog(server, logtype)
flags = win32evtlog.EVENTLOG_FORWARDS_READ | win32evtlog.EVENTLOG_SEQUENTIAL_READ
total = win32evtlog.GetNumberOfEventLogRecords(hand)
sum_evt = 0
while True:
events = win32evtlog.ReadEventLog(hand, flags, 0)
sum_evt += len(events)
if events:
for event in events:
data = event.StringInserts
date = datetime.datetime(event.TimeGenerated.year, event.TimeGenerated.month,
event.TimeGenerated.day, event.TimeGenerated.hour,
event.TimeGenerated.minute, event.TimeGenerated.second).strftime(
'%d/%m/%Y %H:%M:%S')
# print date + ' : ' + log_type + ' -> ' + log_data
if data:
yield unicode(event.EventCategory), unicode(event.SourceName), unicode(event.EventID), unicode(
event.EventType), date, list(data)
else:
yield unicode(event.EventCategory), unicode(event.SourceName), unicode(event.EventID), unicode(
event.EventType), date, []
if sum_evt >= total:
break
示例3: __read_from_event_log
# 需要导入模块: import win32evtlog [as 别名]
# 或者: from win32evtlog import EVENTLOG_SEQUENTIAL_READ [as 别名]
def __read_from_event_log(self, source, event_types):
event_log = win32evtlog.OpenEventLog(self._server, source)
if not event_log:
self._logger.error("Unknown error opening event log for '%s'" % source)
return
# we read events in reverse from the end of the log to avoid problems when
# seeking directly to a record in a large log file
flags = (
win32evtlog.EVENTLOG_BACKWARDS_READ | win32evtlog.EVENTLOG_SEQUENTIAL_READ
)
offset = -1
# use the checkpoint if it exists
if source in self._checkpoints:
offset = self._checkpoints[source]
# a list of events that we haven't yet seen
event_list = []
try:
events = True
while events:
events = win32evtlog.ReadEventLog(event_log, flags, offset)
for event in events:
# special case for when there was no offset, in which case
# the first event will be the latest event so use that for the
# new offset
if offset == -1:
self._checkpoints[source] = event.RecordNumber
events = False
break
# if we encounter our last seen record, then we are done
elif (
offset == event.RecordNumber
or len(event_list) >= self._maximum_records
):
events = False
break
else:
# add the event to our list of interested events
# if it is one we are interested in
if event.EventType in event_types:
event_list.append(event)
except Exception as error:
self._logger.error(
"Error reading from event log: %s",
six.text_type(error),
limit_once_per_x_secs=self._error_repeat_interval,
limit_key="EventLogError",
)
# now print out records in reverse order (which will put them in correct chronological order
# because we initially read them in reverse)
for event in reversed(event_list):
self.__log_event(source, event)
self._checkpoints[source] = event.RecordNumber