event_logs
– Event Logs¶
Each Windows machine comes equipped with an expandable set of event logs for tracking system- or application-level event information. This module offers a Pythonic interface to event logs, including iterating over them, checking their length and accessing them by means of easy monikers, regardless of what machine they’re on.
Each Windows system comes with predefined Event Logs called (in the English-language versions): Application, System, Security. Certain Microsoft applications create extra ones, but most applications create an event source against the Applications log.
In principal, event sources are key to the way in which event logs work. An event source represents a DLL and a resource file containing messages, possibly in multiple languages, possibly containing placeholders for the calling application to fill in with the name of a file or a user or whatever. It’s linked to one of the event logs (Application, System, etc). When you log an event, you do it via an event source handle.
In reality, it’s perfectly possible to log an event against an event source
which doesn’t exist. You’ll get a bit of boilerplate text in the event
message saying that something couldn’t be found, but the event will log.
This module allows creation of simple event sources, via the EventSource.create()
method and at present forces an event source to exist before a record can
be logged against it.
Functions¶
Of these functions, the two you’re most likely to need are: event_log()
,
which returns an EventLog
corresponding to the named log,
which you can then iterate over; and log_event()
, which logs an event
against a named source.
Classes¶
Exceptions¶
Constants¶
References¶
See also
- Event Logs
- Documentation on microsoft.com for event logs
- Using the event_logs module
- Cookbook examples of using the eventlogs module
To Do¶
- New Vista / 2008 Event Logs mechanism
- Some way of incorporating DLLs of messages
- Using EVENTLOG_SEEK_READ for better random access