python 求组如何倒着读取window的系统日志,evtx文件?
python读取window的日志文件(.evtx)的时候,如果是正常读会读到很久之前的日志。从第一行日志往后读的话会浪费很多时间因为用最近几天的日志,想问问各位大佬如何倒着读这个文档!
回答:
示例文件 go.mod:
module daily/guigo 1.20
require (
github.com/ncruces/zenity v0.10.10
gocv.io/x/gocv v0.33.0
)
require (
github.com/akavel/rsrc v0.10.2 // indirect
github.com/dchest/jsmin v0.0.0-20220218165748-59f39799265f // indirect
github.com/josephspurrier/goversioninfo v1.4.0 // indirect
github.com/randall77/makefat v0.0.0-20210315173500-7ddd0e42c844 // indirect
github.com/stretchr/testify v1.8.0 // indirect
golang.org/x/image v0.12.0 // indirect
golang.org/x/sys v0.12.0 // indirect
)
示例代码:
import osdef readlines_reverse(filename):
with open(filename, "r", encoding="utf-8") as f:
f.seek(0, os.SEEK_END) # move to end of file
position = f.tell()
line = ""
while position >= 0:
f.seek(position) # move back one character
next_char = f.read(1)
if next_char == "\n":
yield line[::-1]
line = ""
else:
line += next_char
position -= 1
yield line[::-1]
if __name__ == "__main__":
for line in readlines_reverse("./go.mod"):
print(line)
结果:
) golang.org/x/sys v0.12.0 // indirect
golang.org/x/image v0.12.0 // indirect
github.com/stretchr/testify v1.8.0 // indirect
github.com/randall77/makefat v0.0.0-20210315173500-7ddd0e42c844 // indirect
github.com/josephspurrier/goversioninfo v1.4.0 // indirect
github.com/dchest/jsmin v0.0.0-20220218165748-59f39799265f // indirect
github.com/akavel/rsrc v0.10.2 // indirect
require (
)
gocv.io/x/gocv v0.33.0
github.com/ncruces/zenity v0.10.10
require (
go 1.20
module daily/gui
以上是 python 求组如何倒着读取window的系统日志,evtx文件? 的全部内容, 来源链接: utcz.com/p/939008.html
