liunx pyinotify的安装和使用
发布时间:2020-12-13 23:38:13 所属栏目:Linux 来源:网络整理
导读:介绍此功能是检测目录的操作的事件 1.安装? 在百度云盘下载或者在gits上下载安装包 链接:https://pan.baidu.com/s/1Lqt872YEgEo_bNPEnEJMaw 提取码:bjl2 # git clone https: // github.com/seb-m/pyinotify.git # cd pyinotify/ # ls# python setup.py ins
|
介绍此功能是检测目录的操作的事件 1.安装? 在百度云盘下载或者在gits上下载安装包 链接:https://pan.baidu.com/s/1Lqt872YEgEo_bNPEnEJMaw # git clone https://github.com/seb-m/pyinotify.git # cd pyinotify/ # ls # python setup.py install 2.使用在代码中直接导入就可以 # -*- coding: utf-8 -*- # !/usr/bin/env python import os import Queue import datetime import pyinotify import logging #debug import threading,time pos = 0 save_pos = 0 filename ="" # filename1 ="" pathname ="" class Singleton(type): def __call__(cls,*args,**kwargs): if not hasattr(cls,‘instance‘): cls.instance = super(Singleton,cls).__call__(*args,**kwargs) return cls.instance def __new__(cls,name,bases,dct): return type.__new__(cls,dct) def __init__(cls,dct): super(Singleton,cls).__init__(name,dct) class AuditLog(object): __metaclass__ = Singleton def __init__(self): FORMAT = (‘%(asctime)s.%(msecs)d-%(levelname)s‘ ‘[%(filename)s:%(lineno)d:%(funcName)s]: %(message)s‘) DATEFMT = ‘%Y-%m-%d %H:%M:%S‘ logging.basicConfig(level=logging.DEBUG,format=FORMAT,datefmt=DATEFMT) logging.debug("__init__") self.log_queue = Queue.Queue(maxsize=1000) self.str = "AuditLog" def start(self,path): # path as: /var/log/auth.log try: print "start:",threading.currentThread() if( not os.path.exists(path)): logging.debug("文件路径不存在") return logging.debug("文件路径:{}".format(path)) global pathname pathname = path # # 输出前面的log # printlog() file = path[:path.rfind(‘/‘)] global filename global filename1 filename = path[path.rfind(‘/‘)+1:] filename1 = filename + ".1" print "filename:",filename," filename1 ",filename1 # watch manager wm = pyinotify.WatchManager() wm.add_watch(file,pyinotify.ALL_EVENTS,rec=True) eh = MyEventHandler() # notifier notifier = pyinotify.Notifier(wm,eh) notifier.loop() except Exception as e: logging.error(‘[AuditLog]:send error: %s‘,str(e)) return def read_log_file(self): global pos global save_pos try: # if( not os.pathname.exists(pathname)): # logging.debug("读取的文件不存在") # return fd = open(pathname) if pos != 0: fd.seek(pos,0) while True: line = fd.readline() if line.strip(): logging.debug("put queue:{}".format(line.strip())) try: self.log_queue.put_nowait(line.strip()) except Queue.Full: logging.warn(‘send_log_queue is full now‘) pos = fd.tell() save_pos = pos else: break fd.close() except Exception,e: logging.error(‘[AuditLog]:send error: %s‘,str(e)) def read_log1_file(self): try: global save_pos global pos pos = 0 pathname1 = pathname + ".1" # if( not os.pathname1.exists(pathname1)): # logging.debug("读取的文件不存在") # return fd = open(pathname1) if save_pos != 0: fd.seek(save_pos,0) while True: line = fd.readline() if line.strip(): if save_pos > fd.tell() : print save_pos," ",fd.tell() continue try: self.log_queue.put_nowait(line.strip()) logging.debug("put queue:{}".format(line.strip())) except Queue.Full: logging.warn(‘send_log_queue is full now‘) else: save_pos = 0 break fd.close() except Exception,str(e)) def __del__(self): print "del" class MyEventHandler(pyinotify.ProcessEvent): print "MyEventHandler :",threading.currentThread() def __init__(self): print "MyEventHandler __init__" self.auditLogObject = AuditLog() print self.auditLogObject.str # 当文件被修改时调用函数 def process_IN_MODIFY(self,event): #文件修改 print "process_IN_MODIFY",event.name def process_IN_CREATE(self,event): #文件创建 # logging.debug("process_IN_CREATE") print "create event:",event.name # log.log.1 global save_pos try: if(event.name == filename): print "==" self.auditLogObject.read_log1_file() else: logging.debug("审计的文件不相同{} {}".format(filename1).format(event.name)) except Exception as e: logging.error(‘[AuditLog]:send error: %s‘,str(e)) def process_IN_DELETE(self,event): #文件删除 # logging.debug("process_IN_DELETE") print "delete event:",event.name def process_IN_ACCESS(self,event): #访问 # logging.debug("process_IN_ACCESS") print "ACCESS event:",event.name def process_IN_ATTRIB(self,event): #属性 # logging.debug("process_IN_ATTRIB") print "ATTRIB event: 文件属性",event.name def process_IN_CLOSE_NOWRITE(self,event): # logging.debug("process_IN_CLOSE_NOWRITE") print "CLOSE_NOWRITE event:",event.name def process_IN_CLOSE_WRITE(self,event): # 关闭写入 # logging.debug("process_IN_CLOSE_WRITE") print "CLOSE_WRITE event:",event.name try: if(event.name == filename): self.auditLogObject.read_log_file() else: logging.debug("文件名不对 不是审计文件") return except Exception as e: logging.error(‘[AuditLog]:send error: %s‘,str(e)) def process_IN_OPEN(self,event): # 打开 # logging.debug("process_IN_OPEN") print "OPEN event:",event.name def Producer(): try: auditLogObj = AuditLog() auditLogObj.start("./log/log.log") except Exception as e: logging.error(‘[auditLog]:send error: %s‘,str(e)) def Consumer(): try: print "Consumer" auditLogObject = AuditLog() print auditLogObject.str while True: print "ddd" time.sleep(1) while auditLogObject.log_queue.qsize() != 0 : print "queue size",auditLogObject.log_queue.qsize() print auditLogObject.log_queue.get() # time.sleep(5) except Exception as e: logging.error(‘[AuditLog]:send error: %s‘,str(e)) if __name__ == ‘__main__‘: # a = threading.Thread(target=Producer,) # a.start() b = threading.Thread(target=Consumer,) b.start() (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |