forked from Te-k/analyst-scripts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfiletimeline.py
executable file
·47 lines (38 loc) · 1.35 KB
/
filetimeline.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
#!/usr/bin/env python
import os
import sys
import argparse
def get_stat(file_path):
"""
Get stat information from a filepath
Returns (PATH, SIZE, Access Time, Modification Time, Change Time, uid, gid, access rights)
"""
stat = os.stat(file_path)
return [
file_path,
stat.st_size,
stat.st_atime,
stat.st_mtime,
stat.st_ctime,
stat.st_uid,
stat.st_gid,
oct(stat.st_mode)
]
if __name__ == '__main__':
parser = argparse.ArgumentParser(description='Create a timeline of files')
parser.add_argument('PATH', help='Path of the folder to create the timeline')
parser.add_argument('--output', '-o', help='Output file path')
args = parser.parse_args()
if not os.path.exists(args.PATH):
print("Directory does not exist")
sys.exit(1)
fout = open(args.output, "a+")
fout.write("|".join(["Path", "Size", "Access Time", "Modification Time", "Change Time", "uid", "gid", "access rights"]) + "\n")
count = 0
for root, dirs, files in os.walk(args.PATH):
for name in files:
infos = get_stat(os.path.join(root, name))
fout.write("|".join([str(a) for a in infos]) + "\n")
count += 1
fout.close()
print("Information on %i files stored in %s" % (count, args.output))