Operating system event monitoring package
Project description
This package implements event monitoring with processes, file system, and registry.
Installation
$ pip install pywinwatcherUsage
Process event monitoring
from threading import Thread
import keyboard
import pythoncom
import pywinwatcher
class Monitor(Thread):
def __init__(self, action):
Thread.__init__(self)
self._action = action
def run(self):
print('Start monitoring...')
#Use pythoncom.CoInitialize when starting monitoring in a thread.
pythoncom.CoInitialize()
proc_mon = pywinwatcher.ProcessMonitor(self._action)
while not keyboard.is_pressed('ctrl+q'):
proc_mon.update()
print(
proc_mon.timestamp,
proc_mon.event_type,
proc_mon.name,
proc_mon.process_id
)
pythoncom.CoUninitialize()
monitor = Monitor('сreation')
monitor.start()File system event monitoring
Example with FileMonitorAPI class use:
from threading import Thread
import keyboard
import pywinwatcher
class Monitor(Thread):
def __init__(self, action):
Thread.__init__(self)
self._action = action
def run(self):
print('Start monitoring...')
file_mon = pywinwatcher.FileMonitorAPI(Path=r'c:\\Windows')
while not keyboard.is_pressed('ctrl+q'):
file_mon.update()
print(
file_mon.timestamp,
file_mon.event_type
)
pythoncom.CoUninitialize()
monitor = Monitor()
monitor.start()Example with FileMonitorWMI class use:
from threading import Thread
import keyboard
import pythoncom
import pywinwatcher
class Monitor(Thread):
def __init__(self):
Thread.__init__(self)
def run(self):
print('Start monitoring...')
#Use pythoncom.CoInitialize when starting monitoring in a thread.
pythoncom.CoInitialize()
file_mon = pywinwatcher.FileMonitorWMI(
Drive=r'e:',
Path=r'\\Windows\\',
FileName=r'text',
Extension=r'txt'
)
while not keyboard.is_pressed('ctrl+q'):
file_mon.update()
print(
file_mon.timestamp,
file_mon.event_type
)
pythoncom.CoUninitialize()
monitor = Monitor()
monitor.start()Registry event monitoring
Example with RegistryMonitorAPI class use:
from threading import Thread
import keyboard
import pywinwatcher
class Monitor(Thread):
def __init__(self, action):
Thread.__init__(self)
self._action = action
def run(self):
print('Start monitoring...')
reg_mon = pywinwatcher.RegistryMonitorAPI(
'UnionChange',
Hive='HKEY_LOCAL_MACHINE',
KeyPath=r'SOFTWARE'
)
while not keyboard.is_pressed('ctrl+q'):
reg_mon.update()
print(
reg_mon.timestamp,
reg_mon.event_type
)
pythoncom.CoUninitialize()
monitor = Monitor()
monitor.start()Example with RegistryMonitorWMI class use:
from threading import Thread
import keyboard
import pythoncom
import pywinwatcher
class Monitor(Thread):
def __init__(self):
Thread.__init__(self)
def run(self):
print('Start monitoring...')
#Use pythoncom.CoInitialize when starting monitoring in a thread.
pythoncom.CoInitialize()
reg_mon = pywinwatcher.RegistryMonitorWMI(
'KeyChange',
Hive='HKEY_LOCAL_MACHINE',
KeyPath=r'SOFTWARE'
)
while not keyboard.is_pressed('ctrl+q'):
reg_mon.update()
print(
reg_mon.timestamp,
reg_mon.event_type
)
pythoncom.CoUninitialize()
monitor = Monitor()
monitor.start()License
MIT Copyright (c) 2021 Evgeny Drobotun
Release History
0.0.1 (05.05.2021)
First release of pywinwatcher
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
pywinwatcher-0.0.1.tar.gz
(9.7 kB
view hashes)
