Last active
July 29, 2024 20:06
-
-
Save mpfund/7937e4b2feb823c0258ea8b64a971add to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import psutil | |
| import time | |
| import os | |
| def get_processes(): | |
| """Get a dictionary of current processes with their command lines.""" | |
| processes = {} | |
| for proc in psutil.process_iter(['pid', 'cmdline']): | |
| try: | |
| processes[proc.info['pid']] = proc.info['cmdline'] | |
| except (psutil.NoSuchProcess, psutil.AccessDenied, psutil.ZombieProcess): | |
| pass | |
| return processes | |
| def log_new_processes(log_file="process_log.txt"): | |
| """Log new processes and their command lines to a file.""" | |
| known_processes = get_processes() | |
| with open(log_file, 'a') as f: | |
| while True: | |
| current_processes = get_processes() | |
| # Check for new processes | |
| for pid, cmdline in current_processes.items(): | |
| if pid not in known_processes: | |
| log_entry = f"New process: PID={pid}, CMDLINE={' '.join(cmdline) if cmdline else 'N/A'}\n" | |
| print(log_entry.strip()) | |
| f.write(log_entry) | |
| # Update known processes | |
| known_processes = current_processes | |
| time.sleep(1) | |
| if __name__ == "__main__": | |
| log_file_path = os.path.join(os.path.dirname(__file__), "process_log.txt") | |
| log_new_processes(log_file_path) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import time | |
| def get_processes(): | |
| """Get a dictionary of current processes with their command lines from /proc.""" | |
| processes = {} | |
| for pid in os.listdir('/proc'): | |
| if pid.isdigit(): | |
| try: | |
| with open(os.path.join('/proc', pid, 'cmdline'), 'r') as f: | |
| cmdline = f.read().replace('\0', ' ').strip() | |
| processes[pid] = cmdline | |
| except IOError: # proc has already terminated | |
| continue | |
| return processes | |
| def log_new_processes(log_file="process_log.txt"): | |
| """Log new processes and their command lines to a file.""" | |
| known_processes = get_processes() | |
| with open(log_file, 'a') as f: | |
| while True: | |
| current_processes = get_processes() | |
| # Check for new processes | |
| for pid, cmdline in current_processes.items(): | |
| if pid not in known_processes: | |
| log_entry = f"New process: PID={pid}, CMDLINE={cmdline if cmdline else 'N/A'}\n" | |
| print(log_entry.strip()) | |
| f.write(log_entry) | |
| # Update known processes | |
| known_processes = current_processes | |
| time.sleep(1) | |
| if __name__ == "__main__": | |
| log_file_path = os.path.join(os.path.dirname(__file__), "process_log.txt") | |
| log_new_processes(log_file_path) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment