Try   HackMD

網頁置換WatchDog實作測試

tags: Security

以下是console呈現的結果:

xx@localhost:~/文件$ python3 watchdog2.py
2022-08-12 13:51:00 - Modified file: ./logseq/.git
2022-08-12 13:51:00 - Modified file: ./logseq/.git
2022-08-12 13:51:00 - Modified directory: ./logseq
2022-08-12 13:51:03 - Created file: ./新檔案
2022-08-12 13:51:03 - Modified directory: .
2022-08-12 13:51:03 - Modified directory: .
2022-08-12 13:51:23 - Deleted file: ./新檔案
2022-08-12 13:51:23 - Modified directory: .

  • 改寫為log檔案產出

本次日誌改用append模式,寫入file,加料的字串是準備塞入主機名稱

import sys
import logging
from watchdog.observers import Observer
from watchdog.events import LoggingEventHandler

if __name__ == "__main__":
logging.basicConfig(level=logging.INFO, format='%(asctime)s, '+ '加料'+ ', %(message)s', datefmt='%Y-%m-%d %H:%M:%S',encoding='utf-8',filemode = 'a' , filename = 'monitor.csv')
path = sys.argv[1] if len(sys.argv) > 1 else '.'
event_handler = LoggingEventHandler()
observer = Observer()
observer.schedule(event_handler, path, recursive=True)
observer.start()
try:
while observer.is_alive():
observer.join(1)
finally:
observer.stop()
observer.join()

  • 改寫增加監控的dir數量

  • Error

Error 1 python執行檔案與watchdog lib同名
https://stackoverflow.com/questions/63219913/no-module-named-watchdog-observers-watchdog-is-not-a-package

Error 2 Sample Code有錯誤

import sys
import logging
from watchdog.observers import Observer
from watchdog.events import LoggingEventHandler

if __name__ == "__main__":
logging.basicConfig(level=logging.INFO,
format='%(asctime)s - %(message)s',
datefmt='%Y-%m-%d %H:%M:%S')
path = sys.argv[1] if len(sys.argv) > 1 else '.'
event_handler = LoggingEventHandler()
observer = Observer()
observer.schedule(event_handler, path, recursive=True)
observer.start()
try:
while observer.is_alive():  //這行有修正,從isAlive更正
observer.join(1)
finally:
observer.stop()
observer.join()

Error 2 ip抓到127.0.0.1

import socket
print(socket.gethostbyname(socket.gethostname()))

https://www.delftstack.com/zh-tw/howto/python/get-ip-address-python/

  • reference

https://medium.com/analytics-vidhya/monitoring-your-file-system-using-watchdog-64f7ad3279f

Last changed by 
tedyang321
0
1336

Read more

Archlinux解決方案

請先fdisk處理harddrive

Jul 24, 2024
NeuVector與Harbor整合(也可以使用Trivy),或是跟gitlab整合

grype沒有api,為了讓整個pipeline尾巴改成放到registry,後續再給deploy流程去跑,所以移除grype,改用NeuVector,本來包成tar的流程,也改成push上harbor>

Mar 23, 2024
Sonarqube與Maven

Docker的網路-

Jan 30, 2024
112年度數據應用暨資安強化論壇-資訊安全管理下的夥伴關係

衛生福利部資訊服務採購契約書與需求說明書注意事項:CNS27001、陸籍人士、大陸廠牌資通訊產品、廠商作業之檢查與稽核、資通安全責任等。輔以資安署:資訊服務採購案之資安檢核事項。https://moda.gov.tw/ACS/laws/guide/rules-guidelines/13312.ISMS文件說明。3.機房作業注意事項:防火牆、遠端管理、上版、原碼掃描、密碼封存。4.其他注意事項:系統文件與原始碼交付、軟資系統、帳號盤點、資料庫加密、校時、防毒、EDR、SOC收容、SOC事件處理、GCB、原始碼註解。

Oct 31, 2023
Read more from tedyang321
Published on HackMD