win32evtlog.EvtQuery

PyEVT_HANDLE = EvtQuery(Path, Flags , Query , Session )

Opens a query over a log channel or exported log file

Path : str

Log channel or exported log file, depending on Flags

Flags : int

Combination of EVT_QUERY_FLAGS (EvtQuery*)

Query=None : str

Selects events to return, None or '*' for all events

Session=None : PyEVT_HANDLE

Handle to a remote session (see win32evtlog::EvtOpenSession), or None for local machine.

Accepts keyword args