how to read event log under “Applications and Services Logs” in python?

Question

I want to read some event logs that are under "Applications and Services Logs" using win32evtlog.

I can read event logs that are part of "System", "Application", "security" and other standard logs. but when I try to read some logs for example from "Microsoft-Windows-TerminalServices-LocalSessionManager/Operational", I will get logs of "Application".

I tried to use something like the here but I can't seem to be able to do in python.

import win32evtlog

server = 'localhost'
logtype = "Microsoft-Windows-TerminalServices-LocalSessionManager/Operational"
handle = win32evtlog.OpenEventLog(server, logtype)
flags = win32evtlog.EVENTLOG_FORWAEDS_READ | win32evtlog.EVENTLOG_SEQUENTIAL_READ
while True:
    events = win32evtlog.ReadEventLog(hand, flags,0)
    if events:
        for event in events:
           print ('Source Name:', event.SourceName)
           print ('Event ID:', event.EventID)
           print ('Time Generated:', event.TimeGenerated)

I prefer to use pywin32 but it is not a must.

score 0 · Answer 1 · answered Jun 01 '21 at 14:09

0

There is a typo in line

flags = win32evtlog.EVENTLOG_FORWAEDS_READ | win32evtlog.EVENTLOG_SEQUENTIAL_READ

You wrote EVENTLOG_FORWAEDS_READ instead of EVENTLOG_FORWARDS_READ

answered Jun 01 '21 at 14:09

kemalbastak

28
1
3

how to read event log under “Applications and Services Logs” in python?

1 Answers1