파이썬 코드로 윈도우 이벤트 읽기

win32evtlogutil을 사용하면 파이썬 코드로 윈도우 이벤트를 간편하게 읽을 수 있습니다.

 

사용 예제 코드(main.py)는 다음과 같습니다.

import win32evtlog

events = win32evtlog.ReadEventLog(
  win32evtlog.OpenEventLog('localhost', 'Application'),
  win32evtlog.EVENTLOG_BACKWARDS_READ | win32evtlog.EVENTLOG_SEQUENTIAL_READ,
  0
)
for event in events:
  print('EventCategory:', event.EventCategory)
  print('TimeGenerated:', event.TimeGenerated)
  print('SourceName:', event.SourceName)
  print('EventID:', event.EventID)
  print('EventType:', event.EventType)
  print()

 

코드를 다음과 같이 실행합니다.

> python main.py
EventCategory: 9876
TimeGenerated: 2022-05-09 11:33:53
SourceName: AppName
EventID: 1234
EventType: 2

EventCategory: 9876
TimeGenerated: 2022-05-09 11:33:52
SourceName: AppName
EventID: 1234
EventType: 2

EventCategory: 9876
TimeGenerated: 2022-05-09 11:33:52
SourceName: AppName
EventID: 1234
EventType: 2

EventCategory: 9876
TimeGenerated: 2022-05-09 11:33:52
SourceName: AppName
EventID: 1234
EventType: 2

EventCategory: 9876
TimeGenerated: 2022-05-09 11:33:52
SourceName: AppName
EventID: 1234
EventType: 2

EventCategory: 9876
TimeGenerated: 2022-05-09 11:33:52
SourceName: AppName
EventID: 1234
EventType: 2