Monitors and observes running processes with their command line details.
Project description
Monitors and observes running processes with their command line details.
Tested against Windows 10 / Python 3.11 / Anaconda
pip install cmdlineobserver
updated XML
This function continuously collects information about running processes, specifically their
command line details, and stores them in a Pandas DataFrame. It can be configured with a
custom breaking condition to stop data collection and save the results to a CSV file.
Parameters:
- breakcondition (callable, optional): A function that takes a DataFrame as input and
returns a boolean indicating whether to stop data collection. If not provided or set
to False, data collection continues indefinitely.
- save_path (str, optional): If specified, the collected data will be saved to a CSV
file at the specified path when the breaking condition is met.
Returns:
- pandas.DataFrame: A DataFrame containing information about running processes, including
columns such as 'CommandLine', 'ProcessId', and more.
Example:
# columns for possible conditions:
# CommandLine,CSName,Description,ExecutablePath,ExecutionState,Handle,HandleCount,InstallDate,KernelModeTime,
# MaximumWorkingSetSize,MinimumWorkingSetSize,Name,OSName,OtherOperationCount,OtherTransferCount,PageFaults,
# PageFileUsage,ParentProcessId,PeakPageFileUsage,PeakVirtualSize,PeakWorkingSetSize,Priority,PrivatePageCount,
# ProcessId,QuotaNonPagedPoolUsage,QuotaPagedPoolUsage,QuotaPeakNonPagedPoolUsage,QuotaPeakPagedPoolUsage,
# ReadOperationCount,ReadTransferCount,SessionId,Status,TerminationDate,ThreadCount,UserModeTime,
# VirtualSize,WindowsVersion,WorkingSetSize,WriteOperationCount,WriteTransferCount,procid
Example:
from cmdlineobserver import observe_cmdline
df = observe_cmdline(
#breakcondition=lambda df: not df.loc[df.CommandLine.str.contains("cmd.exe")].empty,
save_path="c:\\cmdlineobserver.csv",
)
print(df)
Note:
- The DataFrame columns correspond to various process attributes, and you can customize
the conditions to break the observation loop based on specific criteria.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
cmdlineobserver-0.10.tar.gz
(5.0 kB
view details)
Built Distribution
File details
Details for the file cmdlineobserver-0.10.tar.gz.
File metadata
- Download URL: cmdlineobserver-0.10.tar.gz
- Upload date:
- Size: 5.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 8203b2f238be096996ab56c77b47370c08b6e2ff6a13e3f5760ae3032e056195 |
|
| MD5 | 3802cc083da2487c32135b7e3eb7529a |
|
| BLAKE2b-256 | 68258554d1c5e2830f3ea924d4d43a1c4f2c836a1ea20bf96e22a7d36c987c3a |
File details
Details for the file cmdlineobserver-0.10-py3-none-any.whl.
File metadata
- Download URL: cmdlineobserver-0.10-py3-none-any.whl
- Upload date:
- Size: 7.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 7bf1944fe6c53643da068190416f22f99b308b1710ac13a01a34c7100ea52bd4 |
|
| MD5 | be772f5494c6349a749383e22b4f284a |
|
| BLAKE2b-256 | a7ae61916081922bdb39bcc3027cdf3858c7c0a633f323d5b9db83e16cfb18c7 |
