コード例 #1
0
def clean_event_logs():
    lognames = ['Application', 'Security', 'System']
    machine = None
    for logname in lognames:
        h = win32evtlog.OpenEventLog(machine, logname)
        win32evtlog.ClearEventLog(h, None)
        win32evtlog.CloseEventLog(h)
コード例 #2
0
def BackupClearLog(logType):
    datePrefix = time.strftime("%Y%m%d", time.localtime(time.time()))
    fileExists = 1
    retry = 0
    while fileExists:
        if retry == 0:
            index = ""
        else:
            index = "-%d" % retry
        try:
            fname = os.path.join(
                win32api.GetTempPath(),
                "%s%s-%s" % (datePrefix, index, logType) + ".evt")
            os.stat(fname)
        except os.error:
            fileExists = 0
        retry = retry + 1
    # OK - have unique file name.
    try:
        hlog = win32evtlog.OpenEventLog(None, logType)
    except win32evtlogutil.error as details:
        print("Could not open the event log", details)
        return
    try:
        if win32evtlog.GetNumberOfEventLogRecords(hlog) == 0:
            print("No records in event log %s - not backed up" % logType)
            return
        win32evtlog.ClearEventLog(hlog, fname)
        print("Backed up %s log to %s" % (logType, fname))
    finally:
        win32evtlog.CloseEventLog(hlog)
コード例 #3
0
def clear_log(log_name, target_computer=None):
    '''
    Clears event log.
    A clear log event will be add it after the log was clear.

    log_name
        str

    target_computer
        None or str
    '''

    handler = _get_event_handler(log_name, target_computer)
    win32evtlog.ClearEventLog(handler, log_name)
    _close_event_handler(handler)
コード例 #4
0
ファイル: WinUtils.py プロジェクト: wflk/Vanapagan 
def clearEvents():
	elog = win32evtlog.OpenEventLog(None, "Application")
	win32evtlog.ClearEventLog(elog, None)
	win32evtlog.CloseEventLog(elog)
コード例 #5
0
 def clear_event_log(self):
     hlog = win32evtlog.OpenEventLog(None, self.providerName)
     win32evtlog.ClearEventLog(hlog, None)
     win32evtlog.CloseEventLog(hlog)
コード例 #6
0
ファイル: backupEventLog.py プロジェクト: BahBalia/Cloud 
	while fileExists:
		if retry == 0:
			index = ""
		else:
			index = "-%d" % retry
		try:
			fname = os.path.join(win32api.GetTempPath(), "%s%s-%s" % (datePrefix, index, logType) + ".evt")
			os.stat(fname)
		except os.error:
			fileExists = 0
		retry = retry + 1
	# OK - have unique file name.
	try:
		hlog = win32evtlog.OpenEventLog(None, logType)
	except win32evtlogutil.error, details:
		print "Could not open the event log", details
		return
	try:
		if win32evtlog.GetNumberOfEventLogRecords(hlog)==0:
			print "No records in event log %s - not backed up" % logType
			return
		win32evtlog.ClearEventLog(hlog, fname)
		print "Backed up %s log to %s" % (logType, fname)
	finally:
		win32evtlog.CloseEventLog(hlog)
		
if __name__=='__main__':
	BackupClearLog("Application")
	BackupClearLog("System")
	BackupClearLog("Security")
コード例 #7
0
 def clearEvt(self,log_type):
     hand = win32evtlog.OpenEventLog("localhost", log_type)  # Handle the Event Viewer
     win32evtlog.ClearEventLog(hand, None)
コード例 #8
0
        tzkey = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, tzpath, 0,
                               winreg.KEY_WRITE)  #Open for Writing
        winreg.SetValueEx(tzkey, "TimeZoneKeyName", 0, winreg.REG_SZ,
                          seltz)  #Change Value of Open Key
        winreg.CloseKey(tzkey)  #Close it
    except OSError:
        print("Error Modifying Registry")
    try:
        randomizeFileTime(
            file)  #send file to destroy MAC attributes under random time-zone
    except OSError:
        print("Error Reading " + file)
print("MAC Times Randomized for Above Files")

#win32evtlog.ReadEventLog(handle, readtype, 0)
win32evtlog.ClearEventLog(handle, None)
win32evtlog.CloseEventLog(handle)

###Guarantees basic logs wiped
type2 = "Security"
type3 = "Setup"
type4 = "Application"

#handle2 = win32evtlog.OpenEventLog(pcname, type2)
#win32evtlog.ReadEventLog(handle2, readtype, 0)
#win32evtlog.ClearEventLog(handle2, None)
#print("Security Log Cleared")
handle3 = win32evtlog.OpenEventLog(pcname, type3)
win32evtlog.ReadEventLog(handle3, readtype, 0)
win32evtlog.ClearEventLog(handle3, None)
win32evtlog.CloseEventLog(handle3)