diff --git a/pupy/modules/logs.py b/pupy/modules/logs.py index d0dceb47..900bc8c5 100644 --- a/pupy/modules/logs.py +++ b/pupy/modules/logs.py @@ -28,6 +28,8 @@ class Logs(PupyModule): help='Show time') cls.arg_parser.add_argument('-w', '--width', action='store_true', default=False, help='Show full content') + cls.arg_parser.add_argument( + '-I', '--event-id', help='Filter by event id (if applicable') def run(self, args): @@ -40,16 +42,17 @@ class Logs(PupyModule): date = datetime.fromtimestamp(item['date']) date_str = '' if date.date() == today: - date_str = date.strftime('%H:%M:%S') + date_str = Color(date.strftime('%H:%M:%S'), 'cyan') elif date.date().year == today.year: - date_str = date.strftime('%d/%m %H:%M:%S') + date_str = Color(date.strftime('%d/%m %H:%M:%S'), 'grey') else: - date_str = date.strftime('%Y/%d/%m %H:%M:%S') + date_str = Color( + date.strftime('%Y/%d/%m %H:%M:%S'), 'lightgrey') - items.append(Color(date_str, 'lightgrey')) + items.append(date_str) if 'EventID' in item: - items.append(Color('EventID: ' + str(item['EventID']), 'green')) + items.append(Color(item['EventID'], 'green')) msg = item['msg'] @@ -66,7 +69,9 @@ class Logs(PupyModule): items.append(msg) return Line(*items) - for category, events in get_last_events(args.number, args.include, args.exclude).iteritems(): + for category, events in get_last_events( + args.number, args.include, args.exclude, args.event_id + ).iteritems(): if not events: continue diff --git a/pupy/packages/windows/all/readlogs.py b/pupy/packages/windows/all/readlogs.py index 2b17a9f6..b97c3d6b 100644 --- a/pupy/packages/windows/all/readlogs.py +++ b/pupy/packages/windows/all/readlogs.py @@ -142,7 +142,9 @@ class EventLog(object): return events_count - def get_events(self, logtype, server=''): + def get_events(self, logtype, server='', filter_event_id=None): + if filter_event_id is not None: + filter_event_id = int(filter_event_id) UTC_OFFSET_TIMEDELTA = ( datetime.now() - datetime.utcnow() @@ -177,6 +179,11 @@ class EventLog(object): break for ev_obj in events: + event_id = int(winerror.HRESULT_CODE(ev_obj.EventID)) + + if filter_event_id is not None and event_id != filter_event_id: + continue + if not ev_obj.StringInserts: continue @@ -259,10 +266,9 @@ class EventLog(object): continue yield { - 'id': int(winerror.HRESULT_CODE(ev_obj.EventID)) + UTC_OFFSET_TIMEDELTA, - 'EventID': int(winerror.HRESULT_CODE(ev_obj.EventID)), + 'EventID': event_id, 'record': ev_obj.RecordNumber, - 'date': int(ev_obj.TimeGenerated), + 'date': int(ev_obj.TimeGenerated) + UTC_OFFSET_TIMEDELTA, 'computer': ev_obj.ComputerName, 'category': ev_obj.EventCategory, 'msg': message, @@ -281,7 +287,7 @@ class EventLog(object): CloseEventLog(log) - def get_last_events(self, count=10, includes=[], excludes=[]): + def get_last_events(self, count=10, includes=[], excludes=[], eventid=None): events = {} includes = [ @@ -295,7 +301,7 @@ class EventLog(object): for log in self.sources: amount = 0 - for event in self.get_events(log): + for event in self.get_events(log, filter_event_id=eventid): source = event.pop('source') if source not in events: @@ -339,5 +345,5 @@ class EventLog(object): return events -def get_last_events(count=10, includes=[], excludes=[]): - return EventLog().get_last_events(count, includes, excludes) +def get_last_events(count=10, includes=[], excludes=[], eventid=None): + return EventLog().get_last_events(count, includes, excludes, eventid)