Untitled

for event in events:
                xml_content = win32evtlog.EvtRender(event, win32evtlog.EvtRenderEventXml)
                # parse xml content
                xml = ET.fromstring(xml_content)
                # xml namespace, root element has a xmlns definition, so we have to use the namespace
                ns = '{http://schemas.microsoft.com/win/2004/08/events/event}'
                
                try:
                    substatus = xml[1][9].text
                    message = xml.find(f'.//{ns}Message').text
                except IndexError:
                    #print('Substatus field not found in event.')
                    substatus = None
                    message = None

                event_id = xml.find(f'.//{ns}EventID').text
                computer = xml.find(f'.//{ns}Computer').text
                channel = xml.find(f'.//{ns}Channel').text
                execution = xml.find(f'.//{ns}Execution')
                time_created = xml.find(f'.//{ns}TimeCreated').get('SystemTime')
                level = xml.find(f'.//{ns}Level').text