winevt
winevt copied to clipboard
bannsec
Windows Event Interactions in Python
I've found everything I've needed from windows events using winevt in python, except the eventid description. For example, the description for eventid 1502 is: "The Group Policy settings for the...
This is a very useful library for me, but I've noticed some issues in my use case where `EventLog.Query()` almost immediately returns with a ERROR_TIMEOUT message. Turns out that the...
Hello, I randomly get a "ERROR:winevt.EventLog.Bookmark:Invalid descriptor" error message after providing a bookmark object to the EventLog.Subscribe() method. This does not occur right away when calling the method but afterwards,...
Hi there - This code is not working on remote computers. I'm running it on my computer trying to access a remote server's Events Log, and I keep getting "Access...
Hi, great Lib im having a hard time understanding the syntax of the queries. Let's say i want to get the event id "2003" from the log file "Operational", under...
Hi, I noticed this check when specifying the callback function of an event subscription : https://github.com/bannsec/winevt/blob/0c6ecc430e4cb95f36ae99957593f9c6783bbd46/winevt/EventLog/Subscribe.py#L155 In both python 2 and 3, `type(lambda x: x)` is `` but in python2,...
Hello I copy/pasted your 3rd example about reading events. It works sometimes, but I hit this encoding issue, most likely some event encoded in ISO-8859... ``` Traceback (most recent call...
