pm4py.connectors.extract_ocel_windows_events#

pm4py.connectors.extract_ocel_windows_events() OCEL[source]#

Extract a process mining dataframe from all the events recorded in the Windows registry as an object-centric event log.

ACTIVITY (concept:name) => concatenation of the source name of the event and the event identifier

(see https://learn.microsoft.com/en-us/previous-versions/windows/desktop/eventlogprov/win32-ntlogevent)

TIMESTAMP (time:timestamp) => timestamp of generation of the event

Object types: - categoryString: translation of the subcategory. The translation is source-specific. - computerName: name of the computer that generated this event. - eventIdentifier: identifier of the event. This is specific to the source that generated the event log entry. - eventType: 1=Error; 2=Warning; 3=Information; 4=Security Audit Success;5=Security Audit Failure; - sourceName: name of the source (application, service, driver, or subsystem) that generated the entry. - user: user name of the logged-on user when the event occurred. If the user name cannot be determined, this will be NULL.

Return type:

OCEL