def test():
# check if running on Windows NT, if not, display notice and terminate
if win32api.GetVersion() & 0x80000000:
print("This sample only runs on NT")
return
import sys, getopt
opts, args = getopt.getopt(sys.argv[1:], "rwh?c:t:v")
computer = None
do_read = do_write = 1
logType = "Application"
verbose = 0
if len(args)>0:
print("Invalid args")
usage()
return 1
for opt, val in opts:
if opt == '-t':
logType = val
if opt == '-c':
computer = val
if opt in ['-h', '-?']:
usage()
return
if opt=='-r':
do_read = 0
if opt=='-w':
do_write = 0
if opt=='-v':
verbose = verbose + 1
if do_write:
ph=win32api.GetCurrentProcess()
th = win32security.OpenProcessToken(ph,win32con.TOKEN_READ)
my_sid = win32security.GetTokenInformation(th,win32security.TokenUser)[0]
win32evtlogutil.ReportEvent(logType, 2,
strings=["The message text for event 2","Another insert"],
data = "Raw\0Data".encode("ascii"), sid = my_sid)
win32evtlogutil.ReportEvent(logType, 1, eventType=win32evtlog.EVENTLOG_WARNING_TYPE,
strings=["A warning","An even more dire warning"],
data = "Raw\0Data".encode("ascii"), sid = my_sid)
win32evtlogutil.ReportEvent(logType, 1, eventType=win32evtlog.EVENTLOG_INFORMATION_TYPE,
strings=["An info","Too much info"],
data = "Raw\0Data".encode("ascii"), sid = my_sid)
print("Successfully wrote 3 records to the log")
if do_read:
ReadLog(computer, logType, verbose > 0)
def DialPhoneBookEntry( phonebook_entry ):
isconnected = 0
conns = win32ras.EnumConnections()
for conn in conns:
#print conn
if conn[1] == phonebook_entry:
isconnected = 1
if isconnected:
print 'Connected to', phonebook_entry
else:
print 'Dialing %s . . .' % phonebook_entry
win32api.WinExec( 'rasphone -d \"%s\"' % phonebook_entry )
# TODO: handle Cancel within rasphone
status = RASCS_Disconnected
while not isconnected:
win32api.Sleep( 1000 )
conns = win32ras.EnumConnections()
for conn in conns:
if conn[1] == phonebook_entry:
hConn = conn[0]
status = win32ras.GetConnectStatus( hConn )
# intermediate states 5 = RASCS_Authenticate, 14=RASCS_Authenticated
if status[0] == RASCS_Authenticate:
if status != status[0]:
status = status[0]
print 'Authenticating...'
elif status[0] == RASCS_Authenticated:
if status != status[0]:
status = status[0]
print 'Authenticated.'
elif status[0] == RASCS_Connected:
print 'Connected.'
isconnected = 1
break
else:
print 'status:', status
else:
# *** this only works in NT4
# *** need to figure out equiv for W2K
winver = win32api.LOWORD( win32api.GetVersion() )
if winver < 5:
try:
hwnd = FindWindow( '#32770', 'Connecting to %s...' % phonebook_entry )
except win32api.error, err:
if err[0] == winerror.ERROR_PROC_NOT_FOUND:
print 'Connection cancelled.'
time.sleep( 1 )
return
def test():
# check if running on Windows NT, if not, display notice and terminate
if win32api.GetVersion() & 0x80000000:
print "This sample only runs on NT"
return
import sys, getopt
opts, args = getopt.getopt(sys.argv[1:], "rwh?c:t:v")
computer = None
do_read = do_write = 1
logType = "Application"
verbose = 0
if len(args)>0:
print "Invalid args"
usage()
return 1
for opt, val in opts:
if opt == '-t':
logType = val
if opt == '-c':
computer = val
if opt in ['-h', '-?']:
Usage()
return
if opt=='-r':
do_read = 0
if opt=='-w':
do_write = 0
if opt=='-v':
verbose = verbose + 1
if do_write:
ReportEvent(logType, 2, strings=["The message text for event 2"], data = "Raw\0Data")
ReportEvent(logType, 1, eventType=win32evtlog.EVENTLOG_WARNING_TYPE, strings=["A warning"], data = "Raw\0Data")
ReportEvent(logType, 1, eventType=win32evtlog.EVENTLOG_INFORMATION_TYPE, strings=["An info"], data = "Raw\0Data")
print "Successfully wrote 3 records to the log"
if do_read:
ReadLog(computer, logType, verbose > 0)
print(api.GetFullPathName('.'))
print(api.GetLocalTime())
print(api.GetLogicalDriveStrings().replace('\x00', ' '))
print(api.GetLogicalDrives())
print(api.GetLongPathName('C:'))
print(api.GetModuleFileName(0))
print(api.GetNativeSystemInfo())
print(hex(api.GetSysColor(con.COLOR_WINDOW)))
print(api.GetSystemDirectory())
print(api.GetSystemInfo())
print(api.GetSystemMetrics(con.SM_CXSCREEN))
print(api.GetSystemTime())
print(api.GetTickCount())
# print(api.GetTimeZoneInformation())
print(api.GetUserDefaultLangID())
print(api.GetUserName())
print(api.GetVersion())
print(api.GetVolumeInformation('C:'))
print(api.GetWindowsDirectory())
print(api.GlobalMemoryStatus())
print(api.MessageBeep())
print(api.MessageBox(0, 'hello', 'world', con.MB_OK))
size = api.RegQueryInfoKey(con.HKEY_LOCAL_MACHINE)
print(size)
for i in range(size[0]):
print(api.RegEnumKey(con.HKEY_LOCAL_MACHINE, i))
try:
print(api.SearchPath('.', 'win32con.txt'))
except:
print('error')
print(api.WinExec('Notepad'))
def __init__(self, log, appConfig, windowshostname, windowshostaddress,
wQueue):
#**************** # Define Host Events State at start.
def getNumOfEvents(self, eventType):
'''
Get current event id/num.
:param self:
:param eventType:
:return:
'''
log_handle = win32evtlog.OpenEventLog(self.waddress, eventType)
total = win32evtlog.GetNumberOfEventLogRecords(log_handle)
win32evtlog.CloseEventLog(log_handle)
return total
# ****************
self.conTries = 0 # Remote host connection tries
self.maxBurst = int(appConfig.get(
'MONITORWINDOWS', 'MAXBURSTEVENTS')) # Max sending burst
self.maxConTries = int(appConfig.get(
'MONITORWINDOWS',
'MAXCONTRIES')) # Max Conn tries until consider host died
self.log = log # App logging
self.appConfig = appConfig # App config
self.wname = windowshostname # Windows host name for this thread
self.waddress = windowshostaddress # Windows host dir for this thread
self.queue = wQueue # Thread shared Queue
self.fs = float(appConfig.get('MONITORWINDOWS',
'WFS')) # Events sampling time
self.active = True # Thread State
self.listenSystem = True if appConfig.get(
'WINDOWSEVENTS', 'SYSTEM') == (
'True' or 'true') else False # Listen Windows System Events
self.listenApplication = True if appConfig.get(
'WINDOWSEVENTS', 'APPLICATION') == (
'True' or 'true') else False # Listen Windows App Events
self.listenSecurity = True if appConfig.get(
'WINDOWSEVENTS', 'SECURITY') == (
'True' or 'true') else False # Listen Windows Security Events
self.SystemN = 0
self.ApplicationN = 0
self.SecurityN = 0
# -- Start thread:
if self.listenSystem:
try:
self.SystemN = getNumOfEvents(self, 'System')
except Exception as e:
self.log.warning('Error: Couldnt access to System events in ' +
self.wname + '. Privileges?')
if self.listenApplication:
try:
self.ApplicationN = getNumOfEvents(self, 'Application')
except Exception as e:
self.log.warning(
'Error: Couldnt access to Application events in ' +
self.wname + '. Privileges?')
if self.listenSecurity:
try:
self.SecurityN = getNumOfEvents(self, 'Security')
except Exception as e:
self.log.warning(
'Error: Couldnt access to Security events in ' +
self.wname + '. Privileges?')
if win32api.GetVersion() & 0x80000000:
print("App only runs on WindowsNT family.")
self.active = False
return
Thread.__init__(self)