How to trap the event of a new process starting with wmi

G

gel

Below is how it is down with vbscript. What is the best way to convert
this to python?

strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer &
"\root\cimv2")
Set colMonitoredProcesses = objWMIService. _
ExecNotificationQuery("select * from __instancecreationevent " _
& " within 1 where TargetInstance isa 'Win32_Process'")
i = 0

Do While i = 0
Set objLatestProcess = colMonitoredProcesses.NextEvent
Wscript.Echo objLatestProcess.TargetInstance.Name
Loop
 
G

gel

gel said:
Below is how it is down with vbscript. What is the best way to convert
this to python?

strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer &
"\root\cimv2")
Set colMonitoredProcesses = objWMIService. _
ExecNotificationQuery("select * from __instancecreationevent " _
& " within 1 where TargetInstance isa 'Win32_Process'")
i = 0

Do While i = 0
Set objLatestProcess = colMonitoredProcesses.NextEvent
Wscript.Echo objLatestProcess.TargetInstance.Name
Loop

A better question might be is there a method or guide for converting
from vbs wmi to python wmi?
 
P

placid

gel said:
A better question might be is there a method or guide for converting
from vbs wmi to python wmi?

Dont know about converting vbs to python but using Tim Golden's wmi
module to trap the event of a new process starting is easy.

wmi module can be found at http://timgolden.me.uk/python/wmi.html

and if you want to trap closing down of processes then change
notification_type to "Deletion"


-Cheers
 
G

gel

placid said:
Dont know about converting vbs to python but using Tim Golden's wmi
module to trap the event of a new process starting is easy.

wmi module can be found at http://timgolden.me.uk/python/wmi.html


and if you want to trap closing down of processes then change
notification_type to "Deletion"


-Cheers

Great, thanks for that, where did you find details on using it. I am
already using it for another part, but could not find information on
watching processes start and stop.
 
P

placid

gel said:
Great, thanks for that, where did you find details on using it. I am
already using it for another part, but could not find information on
watching processes start and stop.

ive been using the wmi module for 1.5 months and i had some help from
the author of the module (Tim Golden).
 
G

gel

placid said:
ive been using the wmi module for 1.5 months and i had some help from
the author of the module (Tim Golden).

Do you have any docs that might help me?
 
G

gel

gel said:
Do you have any docs that might help me?


What would be the best way to watch for multiple pieces of software at
the same time, eg. watching for the start up of calc.exe notepad.exe.
Or even how could I query what the value of the attribute Name is equal
to in the object calc_created from the example above?
 
P

placid

the only information i have is from using help(wmi.WMI) and from the
examples on Tim Golden's website
What would be the best way to watch for multiple pieces of software at
the same time, eg. watching for the start up of calc.exe notepad.exe.

Well to watch for multiple process at the same time you need to use
Threads and have written one found at
http://www.google.com/notebook/public/14017391689116447001/BDUsxIgoQkcSO3bQh
Or even how could I query what the value of the attribute Name is equal
to in the object calc_created from the example above?

Im not quite sure what youre asking.

-Cheers
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,969
Messages
2,570,161
Members
46,705
Latest member
Stefkari24

Latest Threads

Top