Filemon-ish behavior by Python?
Tim Golden
tim.golden at viacom-outdoor.co.uk
Tue Mar 30 03:08:54 EST 2004
>I like filemon, but I'd like it better if I could run it at the
>command line, and have the option of piping the output all over the
>place. Does anyone out there know of an existing utility that can do
>this, or, barring that, can you point me to a good place to start on
>making such a tool using Python? I'm not sure what I would have to
>hook into to watch these operations on the disk.
Glancing at the filemon blurb on the sysinternals website, they describe
its operation as follows:
"On Windows NT the heart of FileMon is a file system driver
that creates and attaches filter device objects to target
file system device objects so that FileMon will see all
IRPs and FastIO requests directed at drives"
It might be possible to do this in Python using ctypes
and -- from my experience -- many hours of toil and sweat
oscillating between the MSDN documentation, other peoples'
examples, and the ctypes data structures. (Altho' I defer
to the many millions of people better qualified than I am
to determine this) But could I just ask: do you want
exactly what filemon is showing, or do you have a
slightly different requirement which filemon happens to
satisfy? It occurs to me that if you were just after, say,
audit logging, or noting file changes or something else,
then it might be possible to employ some other approach.
TJG
________________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The
service is powered by MessageLabs. For more information on a proactive
anti-virus service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________
More information about the Python-list
mailing list