Hi ,
Information : This script is for Software monitoring which generates the alert if any new software installed ,uninstalled or updated
Note :You need to run the script as usual and ignore the error for first time, because to get the software details which need to compare with changes and gives alert .
Code:
import os,sys,_winreg,re,socket,difflib,filecmp
path="C:\ProgramData\Installed.txt"
path2="C:\ProgramData\Installed2.txt"
fnd=0
fnd1=0
val=0
val1=0
def alert(arg):
sys.stderr.write("%d%d%d" % (arg, arg, arg))
def files():
file_name = "Installed.txt"
cur_dir = "C:\ProgramData"
file_list = os.listdir(cur_dir)
parent_dir = os.path.dirname(cur_dir)
if file_name in file_list:
global fnd
fnd=1
else:
print "File not found"
global fnd1
fnd1=1
def collectprograms(rtkey,pK,kA):
import _winreg
import os
list=[]
store=[]
oK=_winreg.OpenKey(rtkey,pK,0,kA)
i=0
if fnd==1:
File2=open(path2,"a+")
elif fnd1==1:
File1=open(path,"a+")
while True:
try:
bkey=_winreg.EnumKey(oK,i)
vkey=os.path.join(pK,bkey)
oK1=_winreg.OpenKey(rtkey,vkey,0,kA)
try:
DN,bla=_winreg.QueryValueEx(oK1,'DisplayName')
DV,bla=_winreg.QueryValueEx(oK1,'DisplayVersion')
inlist=[DN.strip(), DV.strip()]
if inlist[1]=="None":
gh=0
else:
if fnd==1:
File2.write(inlist[0]+" "+inlist[1]+"
")
elif fnd1==1:
File1.write(inlist[0]+" "+inlist[1]+"
")
except:
pass
i+=1
except:
break
_winreg.CloseKey(oK)
def swchanges():
list1=[]
ale=0
v=filecmp.cmp(path,path2)
if False==0:
with open(path) as file:
data=file.read()
with open(path2) as file:
data2=file.read()
text1Lines = data.splitlines(1)
text2Lines = data2.splitlines(1)
diffInstance = difflib.Differ()
diffList = list(diffInstance.compare(text2Lines, text1Lines))
for line in diffList:
if line[0] == '-':
print "Installed softwares are :"
list1.append(line)
print line
ale=ale+1
diffList = list(diffInstance.compare(text1Lines, text2Lines))
for line in diffList:
if line[0] == '-':
print "Uninstalled softwares are :"
print line
list1.append(line)
ale=ale+1
if v==True:
print "No changes in Softwares at end point "
if len(text1Lines)==len(text2Lines):
count=1
for i in range(0,len(text2Lines)):
v=cmp(text1Lines[i],text2Lines[i])
if v==0:
continue
elif v==1:
print text1Lines[i]+ " Lower version is replaced with "+text2Lines[i]
elif v== -1:
print text1Lines[i]+" has Updated to "+text2Lines[i]
k=[]
for i in list1:
j = i.replace('- ','')
k.append(j)
for i in text1Lines:
for j in k:
if i==j:
text1Lines.remove(i)
for i in text2Lines:
for j in k:
if i==j:
text2Lines.remove(i)
if len(text1Lines)==len(text2Lines):
count=1
for i in range(0,len(text2Lines)):
v=cmp(text1Lines[i],text2Lines[i])
if v==0:
continue
elif v==1:
print text1Lines[i]+ " Lower version is replaced with "+text2Lines[i]
elif v== -1:
print text1Lines[i]+"Updated to "+text2Lines[i]
if ale>0:
alert(1)
else:
alert(0)
def programsinstalled():
print"
"
uninstallkey='SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall'
if 'PROGRAMFILES(X86)' in os.environ.keys():
rklist=[(_winreg.HKEY_LOCAL_MACHINE,uninstallkey,_winreg.KEY_WOW64_32KEY | _winreg.KEY_READ),
(_winreg.HKEY_LOCAL_MACHINE,uninstallkey,_winreg.KEY_WOW64_64KEY | _winreg.KEY_READ),
(_winreg.HKEY_CURRENT_USER,uninstallkey,_winreg.KEY_WOW64_32KEY | _winreg.KEY_READ),
(_winreg.HKEY_CURRENT_USER,uninstallkey,_winreg.KEY_WOW64_64KEY | _winreg.KEY_READ)]
else:
rklist=[(_winreg.HKEY_LOCAL_MACHINE,uninstallkey,_winreg.KEY_READ),
(_winreg.HKEY_CURRENT_USER,uninstallkey,_winreg.KEY_READ)]
collected=''
uninstalled=''
error=''
blacklisted=''
hasnoss=[]
ic=0
uc=0
ec=0
for i in rklist:
col=collectprograms(i[0], i[1], i[2])
name=os.environ['username']
print 'PC-NAME : '+name
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.connect(("8.8.8.8", 80))
print "IP-ADDRESS : " + (s.getsockname()[0])
files()
programsinstalled()
swchanges()
os.remove(path2)
Sample output :
20170602-sw-changes.json (5.98 KB)
