我想监控一些用户不应该接触的文件。我无法取消管理员访问权限,但至少我能做的是记录他们所做的修改并发送到服务器
目前我在 python 中使用看门狗来确定文件是否在 Windows 和 Mac 上被修改、创建等。它获取事件,然后相应地打印事件。
有没有办法确定是谁干的?
import sys
import os
import time
import logging
from watchdog.observers import Observer
from watchdog.events import FileSystemEventHandler
import glob
def on_created(event):
os.chdir("D:/server/www/test_folder")
list_of_files = glob.glob("*.txt")
list_of_files.sort(key=os.path.getmtime)
last_file = list_of_files[len(list_of_files)-1]
print(last_file)
#print(last_file)
print("created")
def on_deleted(event):
print("deleted")
def on_modified(event):
print("modified")
def on_moved(event):
print("moved")
if __name__ == "__main__":
event_handler = FileSystemEventHandler()
# calling functions
event_handler.on_created = on_created
event_handler.on_deleted = on_deleted
event_handler.on_modified = on_modified
event_handler.on_moved = on_moved
path = "D:/server/www/test_folder"
observer = Observer()
observer.schedule(event_handler, path, recursive=True)
observer.start()
try:
print("Monitoreando")
while True:
time.sleep(1)
except KeyboardInterrupt:
observer.stop()
print("terminado")
observer.join()