You used to be able to get the Event Viewer text under Windows 2003 using the following call in Pythonwin. After switching to Windows 2008 or Windows 7 the strings are all empty!
events=win32evtlog.ReadEventLog(hEvent,flags,0)
for ev_obj in events :
msg=str(win32evtlogutil.SafeFormatMessage(ev_obj, logType))Now the majority of "msg" comes out blank. Oddly enough any newer programs the msg come out fine.
Fix:
The string messages logged can also be found as tuples in (using above code example) ev_obj.StringInserts as UNICODE strings.
Therefore, for example, to grab the strings as one msg string, you could write a quick loop like this to get you the full string.
msg = ''
for si in ev_obj.StringInserts :
msg = msg + si + ' '
print msg
No comments:
Post a Comment