santiago-salas-v/wake_sleep_from_event_log.py

## wake_sleep_from_event_log.py
import win32evtlog
import win32evtlogutil
import win32con
import winerror
import time
import sys
import traceback
from os.path import exists
from pandas import read_csv
from matplotlib import pyplot as plt
from pandas.plotting import register_matplotlib_converters
register_matplotlib_converters()  # pandas converters for matplotlib

# Original code from:
# miniconda3\Lib\site-packages\win32\Demos\eventLogDemo.py

# initialize variables
flags = win32evtlog.EVENTLOG_FORWARDS_READ | \
    win32evtlog.EVENTLOG_SEQUENTIAL_READ

# This dict converts the event type into a human readable form
evt_dict = {win32con.EVENTLOG_AUDIT_FAILURE: 'EVENTLOG_AUDIT_FAILURE',
            win32con.EVENTLOG_AUDIT_SUCCESS: 'EVENTLOG_AUDIT_SUCCESS',
            win32con.EVENTLOG_INFORMATION_TYPE: 'EVENTLOG_INFORMATION_TYPE',
            win32con.EVENTLOG_WARNING_TYPE: 'EVENTLOG_WARNING_TYPE',
            win32con.EVENTLOG_ERROR_TYPE: 'EVENTLOG_ERROR_TYPE',
            win32con.EVENTLOG_SUCCESS: 'EVENTLOG_SUCCESS'}
computer = 'xps13-knhcng3'
logtype = 'System'
columns = ['time', 'computer', 'src', 'cat', 'record',
           'event_id', 'event_type', 'msg']

if not exists('event_log.csv'):
    # open event log
    h = win32evtlog.OpenEventLog(computer, logtype)
    print(logtype, ' events found since:')

    # file to write to
    sep_char = '|'
    f = open('event_log.csv', 'w', encoding='utf-8')
    f.write('sep=' + sep_char + '\n')
    f.write(sep_char.join(columns) + '\n')

    try:
        events = 1
        while events:
            events = win32evtlog.ReadEventLog(h, flags, 0)
            for ev_obj in events:
                the_time = ev_obj.TimeGenerated
                ymd = ['year', 'month', 'day']
                hms = ['hour', 'minute', 'second']
                ymd_str = '-'.join(
                    [str(getattr(the_time, param)) for param in ymd])
                hms_str = ':'.join(
                    [str(getattr(the_time, param)) for param in hms])
                datetime_str = ymd_str + ' ' + hms_str
                computer = str(ev_obj.ComputerName)
                cat = str(ev_obj.EventCategory)
                src = str(ev_obj.SourceName)
                record = str(ev_obj.RecordNumber)
                evt_id = str(winerror.HRESULT_CODE(ev_obj.EventID))
                evt_type = str(evt_dict[ev_obj.EventType])
                msg = win32evtlogutil.SafeFormatMessage(
                    ev_obj, logtype
                ).replace(sep_char, 'sep_char').splitlines()
                if len(msg) > 1:
                    msg = str(msg)
                elif len(msg) == 0:
                    msg = ''
                elif len(msg) == 1:
                    msg = str(msg[0])
                str_line = sep_char.join([
                    datetime_str, computer,
                    src, cat,
                    record, evt_id,
                    evt_type, msg]) + '\n'
                print(str_line.encode())
                f.write(str_line)
        win32evtlog.CloseEventLog(h)
    except BaseException:
        print(traceback.print_exc(sys.exc_info()))
    f.close()

df = read_csv('event_log.csv', sep='|', skiprows=[0, 1],
              names=columns, parse_dates=[0])
df_shutdown = df[df['event_id'] == 6006]
df_startup = df[df['event_id'] == 6005]
df_unplanned_shutdown = df[df['event_id'] == 6008]
df_sleep = df[
    df['src'].str.contains('Kernel-Power') &
    (df['event_id'] == 42)
]
df_wake = df[
    df['src'].str.contains('Kernel-Power') &
    (df['event_id'] == 131)
]
# events:
# shutdown 6006; startup 6005, unplanned shutdown 6008
# with source Kernel-Power: standby 42; wake 131
# with source Kernel-General: wake 1
events_of_interest = (
    df['event_id'] == 6006) | (
    df['event_id'] == 6005) | (
    df['event_id'] == 6008) | (
    df['src'].str.contains('Kernel-Power') & (
        df['event_id'] == 42)) | (
    df['src'].str.contains('Kernel-General') & (
        df['event_id'] == 1)
)


df_events = df[events_of_interest]
df_on_off = (
    df_events['event_id'] == 6005) | (
    df_events['event_id'] == 1)
df_on_off.name = 'on_off'
df_events = df_events.join(df_on_off, how='left')
df_delta_t = (
    df_events['time'].shift(-1) - df_events['time']
).apply(lambda x: x.total_seconds())
df_delta_t.name = 'delta_t'
df_events = df_events.join(df_delta_t, how='left')
df_events = df_events.dropna(subset=['delta_t'])  # drop NaN

plt.hist(df_events['delta_t'] / 3600.0, 30,
         label='on')
plt.hist(df_events['delta_t'][
    df_events['on_off'].apply(lambda x: not x)
] / 3600.0, 30,
    label='off')
plt.xlabel('delta_t / h')
plt.ylabel('freq')
plt.xlim([0, 15])
plt.legend()

fig, ax = plt.subplots()
y = df_events['delta_t'][
    df_events['on_off']].cumsum() / 3600
x = df_events['time'][
    df_events['on_off']]
ax.plot(x, y, '>', label='on', fillstyle='none')
y = df_events['delta_t'][
    df_events['on_off'].apply(lambda x: not x)].cumsum() / 3600
x = df_events['time'][
    df_events['on_off'].apply(lambda x: not x)]
ax.plot(x, y, 'o', label='off', fillstyle='none')
ax.legend()
ax.set_xlabel('t')
ax.set_ylabel(r'$\Sigma{\Delta t}$ / h')

fig2, ax2 = plt.subplots()
ax2 = plt.subplot(2, 1, 1)
plt.hist(df_events['time'][
    df_events['on_off']
].apply(lambda x: x.hour), 24, label='on')
plt.hist(df_events['time'][
    df_events['on_off'].apply(lambda x: not x)
].apply(lambda x: x.hour), 24, label='off')
plt.xlabel('hour')
plt.ylabel('freq')
plt.legend()
ax3 = plt.subplot(2, 1, 2)
plt.hist(df_events['time'][
    df_events['on_off']
].apply(lambda x: x.weekday()), 7, label='on')
plt.hist(df_events['time'][
    df_events['on_off'].apply(lambda x: not x)
].apply(lambda x: x.weekday()), 7, label='off')
plt.xlabel('weekday')
plt.ylabel('freq')
plt.legend()

plt.tight_layout()

print(df_events[['time', 'event_id', 'on_off', 'delta_t']])

plt.show()
	import win32evtlog
	import win32evtlogutil
	import win32con
	import winerror
	import time
	import sys
	import traceback
	from os.path import exists
	from pandas import read_csv
	from matplotlib import pyplot as plt
	from pandas.plotting import register_matplotlib_converters
	register_matplotlib_converters() # pandas converters for matplotlib

	# Original code from:
	# miniconda3\Lib\site-packages\win32\Demos\eventLogDemo.py

	# initialize variables
	flags = win32evtlog.EVENTLOG_FORWARDS_READ \| \
	win32evtlog.EVENTLOG_SEQUENTIAL_READ

	# This dict converts the event type into a human readable form
	evt_dict = {win32con.EVENTLOG_AUDIT_FAILURE: 'EVENTLOG_AUDIT_FAILURE',
	win32con.EVENTLOG_AUDIT_SUCCESS: 'EVENTLOG_AUDIT_SUCCESS',
	win32con.EVENTLOG_INFORMATION_TYPE: 'EVENTLOG_INFORMATION_TYPE',
	win32con.EVENTLOG_WARNING_TYPE: 'EVENTLOG_WARNING_TYPE',
	win32con.EVENTLOG_ERROR_TYPE: 'EVENTLOG_ERROR_TYPE',
	win32con.EVENTLOG_SUCCESS: 'EVENTLOG_SUCCESS'}
	computer = 'xps13-knhcng3'
	logtype = 'System'
	columns = ['time', 'computer', 'src', 'cat', 'record',
	'event_id', 'event_type', 'msg']

	if not exists('event_log.csv'):
	# open event log
	h = win32evtlog.OpenEventLog(computer, logtype)
	print(logtype, ' events found since:')

	# file to write to
	sep_char = '\|'
	f = open('event_log.csv', 'w', encoding='utf-8')
	f.write('sep=' + sep_char + '\n')
	f.write(sep_char.join(columns) + '\n')

	try:
	events = 1
	while events:
	events = win32evtlog.ReadEventLog(h, flags, 0)
	for ev_obj in events:
	the_time = ev_obj.TimeGenerated
	ymd = ['year', 'month', 'day']
	hms = ['hour', 'minute', 'second']
	ymd_str = '-'.join(
	[str(getattr(the_time, param)) for param in ymd])
	hms_str = ':'.join(
	[str(getattr(the_time, param)) for param in hms])
	datetime_str = ymd_str + ' ' + hms_str
	computer = str(ev_obj.ComputerName)
	cat = str(ev_obj.EventCategory)
	src = str(ev_obj.SourceName)
	record = str(ev_obj.RecordNumber)
	evt_id = str(winerror.HRESULT_CODE(ev_obj.EventID))
	evt_type = str(evt_dict[ev_obj.EventType])
	msg = win32evtlogutil.SafeFormatMessage(
	ev_obj, logtype
	).replace(sep_char, 'sep_char').splitlines()
	if len(msg) > 1:
	msg = str(msg)
	elif len(msg) == 0:
	msg = ''
	elif len(msg) == 1:
	msg = str(msg[0])
	str_line = sep_char.join([
	datetime_str, computer,
	src, cat,
	record, evt_id,
	evt_type, msg]) + '\n'
	print(str_line.encode())
	f.write(str_line)
	win32evtlog.CloseEventLog(h)
	except BaseException:
	print(traceback.print_exc(sys.exc_info()))
	f.close()

	df = read_csv('event_log.csv', sep='\|', skiprows=[0, 1],
	names=columns, parse_dates=[0])
	df_shutdown = df[df['event_id'] == 6006]
	df_startup = df[df['event_id'] == 6005]
	df_unplanned_shutdown = df[df['event_id'] == 6008]
	df_sleep = df[
	df['src'].str.contains('Kernel-Power') &
	(df['event_id'] == 42)
	]
	df_wake = df[
	df['src'].str.contains('Kernel-Power') &
	(df['event_id'] == 131)
	]
	# events:
	# shutdown 6006; startup 6005, unplanned shutdown 6008
	# with source Kernel-Power: standby 42; wake 131
	# with source Kernel-General: wake 1
	events_of_interest = (
	df['event_id'] == 6006) \| (
	df['event_id'] == 6005) \| (
	df['event_id'] == 6008) \| (
	df['src'].str.contains('Kernel-Power') & (
	df['event_id'] == 42)) \| (
	df['src'].str.contains('Kernel-General') & (
	df['event_id'] == 1)
	)


	df_events = df[events_of_interest]
	df_on_off = (
	df_events['event_id'] == 6005) \| (
	df_events['event_id'] == 1)
	df_on_off.name = 'on_off'
	df_events = df_events.join(df_on_off, how='left')
	df_delta_t = (
	df_events['time'].shift(-1) - df_events['time']
	).apply(lambda x: x.total_seconds())
	df_delta_t.name = 'delta_t'
	df_events = df_events.join(df_delta_t, how='left')
	df_events = df_events.dropna(subset=['delta_t']) # drop NaN

	plt.hist(df_events['delta_t'] / 3600.0, 30,
	label='on')
	plt.hist(df_events['delta_t'][
	df_events['on_off'].apply(lambda x: not x)
	] / 3600.0, 30,
	label='off')
	plt.xlabel('delta_t / h')
	plt.ylabel('freq')
	plt.xlim([0, 15])
	plt.legend()

	fig, ax = plt.subplots()
	y = df_events['delta_t'][
	df_events['on_off']].cumsum() / 3600
	x = df_events['time'][
	df_events['on_off']]
	ax.plot(x, y, '>', label='on', fillstyle='none')
	y = df_events['delta_t'][
	df_events['on_off'].apply(lambda x: not x)].cumsum() / 3600
	x = df_events['time'][
	df_events['on_off'].apply(lambda x: not x)]
	ax.plot(x, y, 'o', label='off', fillstyle='none')
	ax.legend()
	ax.set_xlabel('t')
	ax.set_ylabel(r'$\Sigma{\Delta t}$ / h')

	fig2, ax2 = plt.subplots()
	ax2 = plt.subplot(2, 1, 1)
	plt.hist(df_events['time'][
	df_events['on_off']
	].apply(lambda x: x.hour), 24, label='on')
	plt.hist(df_events['time'][
	df_events['on_off'].apply(lambda x: not x)
	].apply(lambda x: x.hour), 24, label='off')
	plt.xlabel('hour')
	plt.ylabel('freq')
	plt.legend()
	ax3 = plt.subplot(2, 1, 2)
	plt.hist(df_events['time'][
	df_events['on_off']
	].apply(lambda x: x.weekday()), 7, label='on')
	plt.hist(df_events['time'][
	df_events['on_off'].apply(lambda x: not x)
	].apply(lambda x: x.weekday()), 7, label='off')
	plt.xlabel('weekday')
	plt.ylabel('freq')
	plt.legend()

	plt.tight_layout()

	print(df_events[['time', 'event_id', 'on_off', 'delta_t']])

	plt.show()