Python WMI 名字问题
我无法使用 WMI 查询日志“Security”。其他日志工作正常。这是我使用的:
import wmi
c = wmi.GetObject(r"winmgmts:{impersonationLevel=delegate,(Security)}!\\.\root\cimv2")
for i in c.ExecQuery("SELECT * FROM Win32_NTLogEvent WHERE Logfile = 'Security'"):
print i
它返回空结果,并在安全日志中创建记录“审核失败”。正如我所提到的,我可以查询所有其他日志,但不能查询特定的日志。 所以我猜问题出在
c = wmi.GetObject(这里有一个问题)
I can not query log "Security" using WMI. Other logs works fine. Here is what i use:
import wmi
c = wmi.GetObject(r"winmgmts:{impersonationLevel=delegate,(Security)}!\\.\root\cimv2")
for i in c.ExecQuery("SELECT * FROM Win32_NTLogEvent WHERE Logfile = 'Security'"):
print i
It return me empty result, and in security log create reacord "audit failed". As i mentioned, i can query all other logs, but not this one specific.
so i guess problem is in
c = wmi.GetObject(here is a problem)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您是否考虑过采用
win32evtlog方式?这是我过去使用过的一部分,它似乎工作得很好...这并不是一个真正完整的实现,但希望它能让您回到正轨!
Have you considered going the
win32evtlogway? This is part of what I have used in the past and it seems to work well...This isn't really a complete implementation, but hopefully it gets you back on track!