python利用WMI等監控獲取windows狀態如CPU、記憶體、硬碟等資訊
安裝pywin32庫
下載地址: https://sourceforge.net/projects/pywin32/files%2Fpywin32/
選擇對應python版本的檔案。
下載後在windows安裝好。
安裝wmi庫
下載地址:https://pypi.python.org/pypi/WMI/#downloads
下載後在windows安裝好。
測試安裝結果
import win32api
import wmi如果沒有報錯就是安裝好了。
查詢可用類
import wmi
myWmi= wmi.WMI()
for cls in myWmi.classes:
print(cls)
# 可以顯示如下的可用類(省略),常用;- Win32_Processor 查CPU
- Win32_ComputerSystem 查記憶體
- Win32_LogicalDisk 查硬碟
查詢CPU資訊
從上面的可用類,有一個Win32_Processor
cpuArr = myWmi.Win32_Processor()查出來之後,它有哪些屬性可用?比方說,cpu的名字,幾核? 這時候要到MSDN查WMI資料,地址:https://msdn.microsoft.com/en-us/library/aa394373(v=vs.85).aspx
- uint32 MaxClockSpeed;
- string Name;
-
uint32 NumberOfCores;
for cpu in cpuArr : print('cpu:', cpu.loadPercentage, cpu.numberOfCores, cpu.name, cpu.maxClockSpeed/1000) # 上面查的屬性名,首字母在python中變為小寫. # cpu: 10 2 Intel(R) Pentium(R) CPU G3260 @ 3.30GHz 3.3
其他
比如查服務,查程式,查硬碟,方法同上
連線到另一臺遠端電腦
wmiService = wmi.WMI("192.168.0.1", user=r"administrator", password="123456")
#-*- coding:utf-8 -*-
import time
import datetime
import re
import subprocess
import sys
import wmi
import os
import ConfigParser
import _winreg
import win32net
import win32api
import win32con
import win32netcon
import win32security
#DEBUG=True
#DEBUG=False
#LOGFILE=r'c:\win.log'
TIME_FORMAT=r'%Y-%m-%d %H:%M:%S'
#c=wmi.WMI(privileges=["Admin","Shutdown","Security"])
#例項化wmi類
c=wmi.WMI()
#定義myWmi類並返回例項化物件
class myWmi(object):
#定義構造器
def __init__(self,wmiclass,info={},name=""):
if name:
self.obj=wmiclass(Name=name)
else:
self.obj=wmiclass()
self.info=info
return self.obj
#定義myOs類用於系統資訊查詢及設定
class myOs(object):
#定義構造器
def __init__(self,wmiobj=c,info={}):
#建立wmi例項
self.obj=wmiobj.Win32_OperatingSystem()[0] #用於獲取計算機執行環境資訊
self.cobj=wmiobj.Win32_ComputerSystem()[0] #用於獲取計算機CPU數量,記憶體大小,主機板相關資訊
self.disk_obj= wmiobj.Win32_DiskDrive() #用於獲取硬碟相關資訊
self.Partition_obj= wmiobj.Win32_LogicalDisk() #用於獲取分割槽相關資訊
self.networkAdapter_obj = wmiobj.Win32_NetworkAdapterConfiguration (IPEnabled=1) #用於配置及獲取網路連線相關資訊
self.process_obj = wmiobj.Win32_Processor()[0] #用於獲取CPU詳細資訊
self.update_obj = wmiobj.Win32_QuickFixEngineering() #用於獲取windows更新補丁相關資訊
self.info=info #定義用於存放配置資訊的字典
def get_os_info(self):
"""
返回系統相關資訊
"""
self.info["os"]=self.obj.Caption #獲取系統版本
self.info["version"]=self.obj.CSDVersion #作業系統更新版本
self.info["fullname"]=self.obj.CSName #獲取計算機名
self.info["localtime"]=datetime.datetime.strptime(str(str(self.obj.LocalDateTime ).split('.')[0]),'%Y%m%d%H%M%S') #獲取系統本地時間
self.info["lastboottime"]=datetime.datetime.strptime(str(str(self.obj.LastBootUpTime ).split('.')[0]),'%Y%m%d%H%M%S') #獲取系統上次啟動時間
self.info["os_architecture"]=self.obj.OSArchitecture #獲取作業系統型別(32bit/64bit)
self.info["mu_languages"]=self.obj.MUILanguages[0] #獲取作業系統語言版本
self.info["SerialNumber"]=self.obj.SerialNumber #獲取作業系統序列號
self.info["cpu_count"]=self.cobj.NumberOfProcessors #獲取cpu數量
self.info["mainboard"]=self.cobj.Manufacturer #獲取主機板廠商資訊
self.info["board_model"]=self.cobj.Model #獲取主機板型號
self.info["systemtype"]=self.cobj.SystemType #獲取主機板架構型別
self.info["physical_memory"]=int(self.cobj.TotalPhysicalMemory)/1024/1024 #獲取記憶體容量
self.info["cpu_name"] = self.process_obj.Name #獲取cpu型別
self.info["clock_speed"] = self.process_obj.MaxClockSpeed #獲取作業系統主頻
self.info["number_core"] = self.process_obj.NumberOfCores #獲取核心數量
self.info["data_width"] = self.process_obj.DataWidth #獲取計算機的CPU資料寬度
self.info["socket_desigination"] = self.process_obj.SocketDesignation #獲取主機板cpu介面型別
self.info["l2_cache"] = self.process_obj.L2CacheSize #獲取cpu二級快取大小
self.info["l3_cache"] = self.process_obj.L3CacheSize #獲取cpu三級快取大小
return self.info
#列印補丁更新資訊
def update_information(self):
output=open(log_path,"a+")
output.write('\n')
output.write('[Update information]\r\n')
for s in self.update_obj:
output.write('%-10s %-10s %-20s %-10s\n' %(s.HotFixID,s.InstalledOn,s.Description,s.InstalledBy))
output.write('\n')
#列印磁碟資訊
def get_diskinfo(self):
for item in self.disk_obj:
output=open(log_path,"a+")
output.write('\n')
output.write('[disk info]\r\n')
for item in self.disk_obj:
output.write('%-25s Partition: %-3s SN: %-30s %-3sG\n' %(item.Caption,str(item.Partitions),item.SerialNumber,str(int(item.Size)/1024/1024/1024)))
#output.write('%-30s Partition: %-5s SN: %-30s %-10s G\n' %(item.Caption,str(item.Partitions),item.SerialNumber,str((item.Size)/1024/1024/1024)))
output.write('\n')
break
#列印磁碟分割槽資訊
def get_partitioninfo(self):
Partition_count = len(self.Partition_obj)
output=open(log_path,"a+")
output.write('\n')
output.write('[Partition info]\r\n')
output.write('\r\n')
for x in range(len(self.Partition_obj)):
if self.Partition_obj[x].DriveType == 3:
output.write('DeviceID = %-4s FileSystem = %-5s TotalSize = %-1sG FreeSpace = %-1sG\n' %(self.Partition_obj[x].DeviceID,self.Partition_obj[x].FileSystem,str(int(self.Partition_obj[x].Size)/1024/1024/1024),str(int(self.Partition_obj[x].FreeSpace)/1024/1024/1024)))
output.write('\n')
#列印網路配置資訊
def get_networkadapter(self):
output=open(log_path,"a+")
output.write('\n')
output.write('[network info]\r\n')
for interface in self.networkAdapter_obj:
output.write('IP Address: %-10s\n' %interface.IPAddress[0])
output.write('NET Mask: %-10s\n' %interface.IPSubnet[0])
output.write('Gateway: %-10s\n' %interface.DefaultIPGateway)
output.write('Pri DNS: %-10s\n' %str(interface.DNSServerSearchOrder[0]))
output.write('Sec DNS: %-10s\n' %str(interface.DNSServerSearchOrder[1]))
output.write('Real Mac: %-10s\n' %interface.MACAddress)
output.write('\n')
break
#強制關機
def win32shutdown(self):
self.obj.Win32Shutdown()
#重啟作業系統
def reboot(self):
self.obj.Reboot()
#關閉作業系統
def shutdown(self):
self.obj.Shutdown()
#定義network_config類用於網路設定資訊查詢及設定
class network_config(object):
#定義構造器
def __init__(self,wmiobj=c):
#例項化物件
self.obj = wmiobj.Win32_NetworkAdapterConfiguration
#設定LMHOSTS
def config_setup(self):
self.obj.EnableWINS(WINSEnableLMHostsLookup=False)
#設定dns
def tcp_config(self):
interfaces = c.Win32_NetworkAdapterConfiguration(IPEnabled=True)
device_count = len(interfaces)
start_num = 0
dns = ['202.106.196.115','202.106.0.20']
while True:
for first_if in interfaces:
dns_result = first_if.SetDNSServerSearchOrder(DNSServerSearchOrder = dns)
netbios_result = first_if.SetTcpipNetbios(TcpipNetbiosOptions = 2)
start_num += 1
if start_num > device_count:
break
return dns_result,netbios_result
#############################
# #
# Service #
# #
#############################
#定於myService()類用於系統服務檢查及設定
class myService(object):
"""
control system service
"""
#定義構造器
def __init__(self,name="",wmiobj=c,**kargs):
self.name=name
kargs={}
args=""
if self.name:
self.obj=wmiobj.Win32_Service(Name=self.name)[0] #obj in the list
elif kargs:
for key in kargs:
args+=key+'='+'"'+kargs[key]+'"'+','
args=args[:-1]
cmd="wmiobj.Win32_Service("+args+")"
self.obj=eval(cmd)
else:
self.obj=wmiobj.Win32_Service()
def get_service_info(self):
service_list=[]
for ser in self.obj:
service_dict={}
service_dict["name"]=ser.Name
service_dict["displayname"]=ser.Caption
service_dict["pid"]=ser.ProcessID
service_dict["stat"]=ser.State
service_dict["startmode"]=ser.StartMode
service_list.append(service_dict)
return service_list
#獲取系統服務狀態
def status(self):
return self.obj.State
#啟動服務
def start(self):
self.obj.StartService()
#停止服務
def stop(self):
self.obj.StopService()
#關閉黑名單中系統服務
def change_mode(self,mode):
blacklist_path = sys.path[0]+'/data/svr_blacklist.txt'
f=open(blacklist_path)
svr_blacklist = f.readlines()
f.close()
for b in svr_blacklist:
b = b.strip()
for s in self.obj:
if b in s.Name:
"""
Three mode available: Auto, Manual and Disabled
"""
s.ChangeStartMode(mode)
else:
continue
break
#obj.ChangeStartMode(mode)
#刪除系統服務
def delete(self):
print "You should not delete a service, stop it instead."
#############################
# #
# Process #
# #
#############################
#定義myProcess類用於程式檢視
class myProcess(myWmi):
def __init__(self,name=""):
self.name=name
myWmi.__init__(self,c.Win32_Process,name=self.name)
def get_process_info(self):
processlist=[]
for process in self.obj:
processlist.append((process.ProcessID,process.Name,process.CreationDate,process.ExecutablePath,process.Caption))
return processlist
def get_process_owner(self):
return self.obj[0].GetOwner()
def terminate(self):
self.obj[0].Terminate()
#############################
# #
# Software #
# #
#############################
#定義mySoft類用於安裝軟體檢查
class mySoft(myWmi):
def __init__(self,name=""):
self.name=name
myWmi.__init__(self,c.Win32_Product,name=self.name)
def get_software(self):
softlist=[]
for soft in self.obj:
softlist.append((soft.Name,soft.InstallDate))
return softlist
def uninstall(self):
#self.obj[0].Uninstall()
pass
#############################
# #
# User and Group #
# #
#############################
'''
def dump(dict):
for key,value in dict.items():
print key,"=",str(value)'''
#定義myAccount類用於帳號檢查及設定
class myAccount(myWmi):
#類構造器
def __init__(self,name="",group=""):
self.uname=name
self.gname=group
self.uobj=myWmi.__init__(self,c.Win32_UserAccount,name=self.uname)
self.guobj=myWmi.__init__(self,c.Win32_GroupUser,name=self.gname)
#返回賬戶列表
def show_user_list(self):
ulist=[]
for user in self.uobj:
ulist.append(user.Name)
return ulist
#返回禁用的賬戶列表
def show_user_info(self,username):
info=win32net.NetUserGetInfo(None,username,3)
info["disabled"]=user.Disabled #Disabled is true means the account is disabled.
info["status"]=user.Status
return ulist
#返回使用者組
def show_user_in_group(self):
gulist={}
for gu in self.guobj:
if gu.GroupComponent.Name not in gulist:
gulist[gu.GroupComponent.Name]=[gu.PartComponent.Name]
else:
gulist[gu.GroupComponent.Name].append(gu.PartComponent.Name)
return gulist
#返回管理員使用者列表
def show_userlist_admin(self):
uresume = 0
while True:
admin_list = []
users, total, uresume = win32net.NetLocalGroupGetMembers (None, 'Administrators', 0, uresume)
for sid in (u['sid'] for u in users):
username, domain, type = win32security.LookupAccountSid (None, sid)
admin_list.append(username)
return admin_list
if uresume == 0:
break
#獲取當前使用者
def get_current_user(self):
return win32api.GetUserName()
#刪除使用者
def delete_user(self,username):
win32net.NetUserDel(None,username)
#新增使用者
def add_user(self,name,passwd,flags=win32netcon.UF_NORMAL_ACCOUNT|win32netcon.UF_SCRIPT,privileges=win32netcon.USER_PRIV_ADMIN):
udata={} #user info dict, can be gotten by win32net.NetUserGetInfo
udata["name"]=name
udata["password"]=passwd
udata["flags"]=flags
udata["priv"]=privileges
win32net.NetUserAdd(None, 1, udata)
#設定使用者資訊
def modify_user(self,username,udict,level=2):
win32net.NetUserSetInfo(None,username,level,udict)
#修改使用者密碼
def change_passwd(self,username,oldpass,newpass):
win32net.NetUserChangePassword(None,username,oldpass,newpass)
#重新命名賬戶
def rename_user(self,oldname,newname):
for item in self.uobj:
if oldname in item.id:
item.Rename('admin')
else:
continue
#############################
# #
# Registry #
# #
#############################
#定義myRegistry類用於登錄檔專案檢查及設定
class myRegistry(object):
"""
#print myRegistry().get_value(win32con.HKEY_LOCAL_MACHINE,r'SAM\SAM\Domains\Account\Users','Names')
#myRegistry().add_key(_winreg.HKEY_LOCAL_MACHINE,'SOFTWARE\TJTG')
#print myRegistry().list_keys(_winreg.HKEY_LOCAL_MACHINE,r'SAM\SAM\Domains\Account\Users\Names')
#myRegistry().add_value(_winreg.HKEY_LOCAL_MACHINE,'SOFTWARE\TJTG','AtionName','TJ7PP')
#myRegistry().delete_value(_winreg.HKEY_LOCAL_MACHINE,'SOFTWARE\TJTG','AtionName')
#myRegistry().delete_key(_winreg.HKEY_LOCAL_MACHINE,'SOFTWARE\TJTG')
#print myRegistry().get_value(_winreg.HKEY_LOCAL_MACHINE,r'SOFTWARE\Tracker Software\pdfxctrl.PdfPrinterPreferences','XCL_PATH')
"""
#定義建構函式
def __init__(self):
#self.obj=wmi.Registry()
self.obj=wmi.WMI(namespace='DEFAULT').StdRegProv
#列出登錄檔項
def list_keys(self,root,subkey):
result,names=self.obj.EnumKey(hDefKey=root,sSubKeyName=subkey)
if result == 2:
print "No such keys"
return names
#返回對應登錄檔項鍵值
def get_value(self,root,subkey,valuename,type="string"):
if type == "string":
result,value = self.obj.GetExpandedStringValue(hDefKey=root,sSubKeyName=subkey,sValueName=valuename)
elif type == "dword":
result,value = self.obj.GetDWORDValue(hDefKey=root,sSubKeyName=subkey,sValueName=valuename)
else:
result,value = self.obj.GetBinaryValue(hDefKey=root,sSubKeyName=subkey,sValueName=valuename)
return value
#新增登錄檔項
def add_key(self,root,subkey):
return self.obj.CreateKey(hDefKey=root,sSubKeyName=subkey)
#old value can be overwritten
#設定鍵值
def set_value(self,root,subkey,valuename,value,type):
if type == "string":
value = self.obj.SetStringValue(hDefKey=root,sSubKeyName=subkey,sValueName=valuename,sValue=value)
else:
value = self.obj.SetDWORDValue(hDefKey=root,sSubKeyName=subkey,sValueName=valuename,uValue=value)
return value
#刪除登錄檔項
def delete_key(self,root,subkey):
return self.obj.DeleteKey(root,subkey)
#刪除鍵值
def delete_value(self,root,subkey,valuename):
return self.obj.DeleteValue(root,subkey,valuename)
#獲取登錄檔中使用者列表
def get_sys_sid():
reg_user_list = myRegistry().list_keys(_winreg.HKEY_LOCAL_MACHINE,r'SAM\SAM\Domains\Account\Users')
sid_admin = u'000001F4'
reg_user_list.remove(sid_admin)
length =len(reg_user_list)
key_list = []
raw_pattern = re.compile(r'^00000')
n = 0
while True:
for m in reg_user_list:
if raw_pattern.match(m):
n += 1
if n < length:
key_list.append(m)
else:
break
break
return key_list
#檢查克隆賬戶
def chk_clone_account():
a = get_sys_sid()
sid_value = myRegistry().get_value(_winreg.HKEY_LOCAL_MACHINE, r'SAM\SAM\Domains\Account\Users\000001F4', r'F','')
#print sid_value
#檢查SID值是否為管理員SID值
for each_value in a:
path = 'SAM\SAM\Domains\Account\Users\\'+ each_value
key_value = myRegistry().get_value(_winreg.HKEY_LOCAL_MACHINE,path, r'F','')
if sid_value == key_value:
#print 'Clone Account SID is %s' %each_value
return True
else:
continue
#檢查登錄檔項中是否有隱藏帳號
reg_user_list=myRegistry().list_keys(_winreg.HKEY_LOCAL_MACHINE,r'SAM\SAM\Domains\Account\Users\Names')
ulist = myAccount().show_user_list()
for user in reg_user_list:
if user not in ulist:
#print 'Clone Account is %s' %user
return True
#############################
# #
# Win_Base_setup #
# #
#############################
#定義win_Base類用於系統基本配置
class win_Base():
#例項化
def __init__(self):
#?????ᄅW??????
self.cf=ConfigParser.ConfigParser()
self.cf.read(sys.path[0]+'/data/win_reg.ini')
#根據win_reg.ini中讀取到的配置選項,修改對應登錄檔項及對應鍵值
def win_setup(self):
#???????ᄅW??
section_start = 0
section_count = len(self.cf.sections())
section_item = self.cf.sections()
for user in section_item:
while True:
for user in section_item:
#?????ᄅW???ᄅW??????????
name = self.cf.get(user,"root")
subkey = self.cf.get(user,"sub_key")
valuename = self.cf.get(user,"value_name")
regtype = self.cf.get(user,"reg_type")
#???????ᄀ↑????
if name == 'HKEY_LOCAL_MACHINE':
a = _winreg.HKEY_LOCAL_MACHINE
elif name == 'HKEY_CLASSES_ROOT':
a = _winreg.HKEY_CLASSES_ROOT
elif name == 'HKEY_CURRENT_USER':
a = _winreg.HKEY_CURRENT_USER
else:
return name
#??????????
if regtype == "dword":
value = int(self.cf.get(user,"value"))
else:
value = self.cf.get(user,"value")
#???????ᄀ↑????
myRegistry().add_key(a,subkey)
myRegistry().set_value(a,subkey,valuename,value,regtype)
section_start += 1
if section_start == section_count:
break
#############################
# #
# Startup #
# #
#############################
#定義show_startupcommand類用於系統啟動專案檢查
def show_startupcommand():
startup_list=[]
obj=c.Win32_StartupCommand()
for s in obj:
startup_info = {}
startup_info['Name'] = s.Name
startup_info['Command'] = s.Command
#startup_info['Location'] = s.Location
#startup_info['User'] = s.User
startup_list.append(startup_info)
#if s.Command not in startup_list:
# start_value = s.Command + ' ' + s.Location
# startup_list.append((start_value))
return startup_list
'''startup_list=[]
obj=c.Win32_StartupCommand()
for s in obj:
if s.Command not in startup_list:
start_value = s.Command + ' ' + s.Location
startup_list.append((start_value))
return startup_list'''
#############################
# #
# Audit Log #
# #
#############################
def reg(string):
"""
instance of Win32_NTLogEvent
{
Category = 9;
CategoryString = "Account Logon";
ComputerName = "MICROSOF-5524EC";
EventCode = 680;
EventIdentifier = 680;
EventType = 5;
InsertionStrings = {"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0", "joe", "MICROSOF-5524EC", "0xC000006A"};
Logfile = "Security";
Message = "Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
\n
\nLogon account: joe
\n
\nSource Workstation: MICROSOF-5524EC
\n
\nError Code: 0xC000006A
\n
\n";
RecordNumber = 16267;
SourceName = "Security";
TimeGenerated = "20100424000915.000000+480";
TimeWritten = "20100424000915.000000+480";
Type = "audit failure";
User = "NT AUTHORITY\\SYSTEM";
};
instance of Win32_NTLogEvent
{
Category = 2;
CategoryString = "Logon/Logoff";
ComputerName = "MICROSOF-5524EC";
EventCode = 529;
EventIdentifier = 529;
EventType = 5;
InsertionStrings = {"joe", "MICROSOF-5524EC", "2", "Advapi ", "Negotiate", "MICROSOF-5524EC"};
Logfile = "Security";
Message = "Logon Failure:
\n
\n\tReason:\t\tUnknown user name or bad password
\n
\n\tUser Name:\tjoe
\n
\n\tDomain:\t\tMICROSOF-5524EC
\n
\n\tLogon Type:\t2
\n
\n\tLogon Process:\tAdvapi
\n
\n\tAuthentication Package:\tNegotiate
\n
\n\tWorkstation Name:\tMICROSOF-5524EC
\n";
RecordNumber = 16251;
SourceName = "Security";
TimeGenerated = "20100423091037.000000+480";
TimeWritten = "20100423091037.000000+480";
Type = "audit failure";
User = "NT AUTHORITY\\SYSTEM";
};
regex=re.compile(r'(User Name|Logon account):\s*\w*')
r=re.search(regex,string)
if r:
return r.group()
else:
return 0
class myAuditLog():
def __init__(self):
cc=wmi.WMI(privileges=["Security"])
self.obj=cc.Win32_NTLogEvent()
#type'll be success or failure.
def get_history(self,type):
log_type={'success':4,'failure':5}
s_log=[]
for s in self.obj:
if s.EventType == log_type[type]:
m=reg(s.Message)
if m:
s_log.append(s.CategoryString+', '+reg(s.Message)+', '+s.TimeWritten+', '+s.Type)
return s_log"""
#############################
# #
# Share #
# #
#############################
#定義myShare類用於共享檢查及設定
class myShare(myWmi):
def __init__(self,name=""):
myWmi.__init__(self,c.Win32_Share)
def show_share(self):
share_list=[]
for s in self.obj:
item_str = s.Name + ' ' +s.Path
share_list.append(item_str)
#print s.Name,'\t',s.Path
return share_list
def delete(self):
for s in self.obj:
s.Delete()
"""def mycmd(cmd):
try:
p=subprocess.Popen(cmd,shell=True,stdout=subprocess.PIPE,stderr=subprocess.PIPE)
(stdoutput,erroutput)=p.communicate()
except OSError:
print "command %s wrong, check the command please!" % cmd
return (stdoutput,erroutput)"""
def log(log_file,log_string,description):
try:
f=open(log_file,'a+')
#f.write(time.strftime(TIME_FORMAT))
f.write(description + '\n')
f.write(str(log_string))
f.write('\n\n')
#f.write(time.strftime(TIME_FORMAT)+' '+log_string+'\n')
f.close()
except IOError,e:
print e
#print "Can't open log file %s." % log_file
sys.exit()
def log_server(log_file,log_string):
try:
f=open(log_file,'a+')
f.write(str(log_string))
f.close()
except IOError,e:
print e
#print "Can't open log file %s." % log_file
sys.exit()
if __name__=='__main__':
#log_path = sys.path[0]+'/data/win.log'
log_path = r'c:\win.log'
#網路配置
network_config().config_setup()
network_config().tcp_config()
#系統服務設定
myService().change_mode('disabled')
#基礎配置
win_Base().win_setup()
#重新命名管理員賬戶
t = myAccount()
if 'Administrator' in t.show_userlist_admin():
t.rename_user('administrator','admin')
elif 'admin' in t.show_userlist_admin():
print 'user_admin has been chanaged!'
else:
print t.show_userlist_admin()
print 'Windows base setup has finished!!'
#帳號列表
t = myAccount().show_user_list()
output=open(log_path,"a+")
output.write('[Account List]\n')
for user in t:
output.write('Windows Account is %s\n' %user)
output.write('\n')
#系統服務
t = myService().get_service_info()
'''item_count = len(t)
n = 0
log_server(log_path,'[Service List]\n')
while True:
for item in t:
item_value = '<' +str(item['pid'])+ '> <' + item['stat']+ '> <' + item['displayname']+ '> <' + item['name'] + '> <' + item['startmode']+ '>'+'\n'
log_server(log_path,item_value)
n += 1
if n > item_count:
break
break
log_server(log_path,'\n')'''
output=open(log_path,"a+")
output.write('\n')
output.write('[Server List]\n')
for item in t:
output.write('%-35s %-60s %-5s %-8s %-10s \n' %(item['name'],item['displayname'],item['pid'],item['stat'],item['startmode']))
output.write('\n')
#系統啟動項列表
t = show_startupcommand()
output=open(log_path,"a+")
output.write('\n')
output.write('[Startup_List]\n')
for item in t:
# output.write('%-18s %-20s %-s \n' %(item['Name'],item['Command'],item['Location']))
output.write('%-20s %-s \n' %(item['Name'],item['Command']))
output.write('\n')
'''n = 0
item_count = len(t)
log_server(log_path,'[Start up]\n')
while True:
for item in t:
item_value = '<' + item + '>' + '\n'
log_server(log_path,item_value)
n += 1
if n > item_count:
break
break
log_server(log_path,'\n')'''
#共享模組
t = myShare().show_share()
output=open(log_path,"a+")
output.write('[Share Information]\n')
for user in t:
output.write('Share item is %s\n' %user)
output.write('\n')
#系統資訊檢查
t = myOs().get_os_info()
output=open(log_path,"a+")
output.write('\n')
output.write('[OS Information]\n')
for m in t.keys():
output.write("%-20s: %-s\n" %(m,t[m]))
output.write('\n')
'''
log_server(log_path,'[OS Information]\n')
item_value = '<' + str(t['fullname'])+ '> <' + str(t['version'])+ '> <' + str(t['lastboottime']) + '>' + '\n'
log_server(log_path,item_value)
log_server(log_path,'\n')'''
#Windows 更新補丁檢查
myOs().update_information()
#/*********Windows安全檢查***************/
#克隆帳號檢查
t = chk_clone_account()
if chk_clone_account():
Item_value = 'Account has been clone!\n'
log_server(log_path,'[Clone Account Check]\n')
log_server(log_path,Item_value)
log_server(log_path,'\n')
else:
Item_value = 'Account has not clone!\n'
log_server(log_path,'[Clone Account Check]\n')
log_server(log_path,Item_value)
log_server(log_path,'\n')
#系統服務設定
output=open(log_path,"a+")
toclose=[]
blacklist_path = sys.path[0]+'/data/svr_blacklist.txt'
f=open(blacklist_path)
svr_blacklist = f.readlines()
f.close()
s=myService()
svr_stat=s.get_service_info()
#print svr_blacklist
#print svr_stat
for b in svr_blacklist:
b=b.strip()
for svr in svr_stat:
if svr["name"] == b and svr["startmode"] != "Disabled":
toclose.append(b)
#output.write('*'*50+'\r\n')
output.write('[Service check]\r\n')
#output.write('*'*50+'\r\n')
for s in toclose:
output.write("%s should be disabled\r\n" % s)
#磁碟資訊
myOs().get_diskinfo()
#磁碟分割槽資訊
myOs().get_partitioninfo()
#網路卡資訊
myOs().get_networkadapter()
#系統程式列表
t = myProcess().get_process_info()
output=open(log_path,"a+")
output.write('\n')
output.write('[System processlist]\r\n')
for x in t:
if x[2] != None:
output.write('%-22s %-5s %-20s %-s\n' %(x[1],x[0],datetime.datetime.strptime(str(str(x[2]).split('.')[0]),'%Y%m%d%H%M%S'),x[3]))
output.write('\n')
#系統服務設定
#toclose=[]
blacklist_path = sys.path[0]+'/data/svr_blacklist.txt'
f=open(blacklist_path)
svr_blacklist = f.readlines()
f.close()
for b in svr_blacklist:
b = b.strip()
myService().change_mode(b,'Disabled')
print 'Windows check has finished!!'
sys.exit
相關文章
- C#使用ManagementObjectSearcher獲取本計算機CPU,硬碟,記憶體條等相關裝置資訊C#Object計算機硬碟記憶體
- delphi 獲取印表機狀態,如缺紙等問題
- 記憶體CPU監控記憶體
- Winrm 獲取遠端windows伺服器 cpu、磁碟、記憶體Windows伺服器記憶體
- 系統服務監控指標--load、CPU利用率、磁碟剩餘空間、磁碟I/O、記憶體使用情況等指標記憶體
- 如何使用 Docker 來限制 CPU、記憶體和 IO等資源?Docker記憶體
- linux查詢作業系統資訊(CPU、記憶體、硬碟)Linux作業系統記憶體硬碟
- NVIDIA Jetson平臺GPU/CPU/RAM等硬體資源利用率資料獲取及視覺化GPU視覺化
- CPU快取記憶體快取記憶體
- 利用superlance監控supervisor執行狀態
- 獲取windows 作業系統下的硬體或作業系統資訊等Windows作業系統
- Shell----監控CPU/記憶體/負載高時的程式記憶體負載
- 直播軟體搭建,java程式碼獲取記憶體資訊Java記憶體
- RabbitMQ - 記憶體磁碟監控MQ記憶體
- PowerShell 指令碼來監控 CPU、記憶體和磁碟使用情況:指令碼記憶體
- 如何用bash shell 指令碼監控 Linux記憶體、磁碟和 CPU?指令碼Linux記憶體
- CPU快取和記憶體屏障快取記憶體
- 談談CPU快取記憶體快取記憶體
- 利用 Shell 指令碼來監控 Linux 系統的記憶體指令碼Linux記憶體
- 多核cpu、cpu快取記憶體、快取一致性協議、快取行、記憶體快取記憶體協議
- cpu —>記憶體—>硬碟這種方式是不是更慢?記憶體硬碟
- 檢視伺服器型號、記憶體槽位、磁碟等資訊伺服器記憶體
- python獲取zabbix監控項圖形Python
- 提升CPU等資源的利用率,減少CPU的空轉
- Python + SeaTable | 從啟信寶網站獲取公司融資等資訊至 SeaTable 表格Python網站
- iOS微信記憶體監控iOS記憶體
- 利用html5 file api讀取本地檔案(如圖片、PDF等)HTMLAPI
- Linux: 獲取硬碟的UUID資訊Linux硬碟UI
- 檢視PHP-FPM的記憶體佔用、程序個數等資訊PHP記憶體
- dom元素操作獲取等
- vmi:獲取 windows 系統硬體資訊Windows
- Conntrack 監控,別等故障了再回來加監控
- 記憶體清理、動畫製作、CPU檢測等五款實用軟體推薦記憶體動畫
- 專案實戰:zabbix監控MySQL狀態、服務資訊MySql
- Android 分割槽和記憶體監控Android記憶體
- InfluxDB、Grafana等開源軟體的監控後門UXGrafana
- 如何獲取EMMC記憶體大小記憶體
- iOS 獲取裝置uuid,公網ip,手機ip等資訊iOSUI
- 分享下 PHP 使用 getID3 來獲取音訊、視訊等媒體檔案相關資訊PHP音訊