This script is intended for use in Symantec Data Loss Prevention and provide an ability to sort incidents not only by file name but also by separate subfolders in it's path.
You need to create following Custom Attributes:
- FPath_Drive_Letter
- FPath_Root_Folder
- FPath_SubFolder_1
- FPath_SubFolder_2
- FPath_SubFolder_3
- FPath_SubFolder_4
'''
Created on 8 feb 2016
@author: Stepanov Alexander x-and@yandex.ru'''
import sys
import traceback
import codecs
reload(sys)
sys.setdefaultencoding('cp1251')
sys.stdout = codecs.getwriter('cp1251')(sys.stdout,'replace')
# Switch this to 0 when in production mode.
debugMode = 0
filePath=""
FolderList = ('FPath_Root_Folder',\
'FPath_SubFolder_1',\
'FPath_SubFolder_2',\
'FPath_SubFolder_3',\
'FPath_SubFolder_4')
def main(args):
try:
attributeMap = parseInput(args)
try:
filePath = attributeMap["endpoint-file-path"]
except:
return
if filePath !="" :
tempTuple = filePath.split(":")
print "FPath_Drive_Letter =",tempTuple[0]
File_Path_Temp = filePath.split("\\")
i = 0
while(FolderList):
try:
tempTuple = File_Path_Temp[i+2]
try:
print FolderList[i],"=",File_Path_Temp[i+1]
i+=1
except:
print FolderList[i],"=",""
break
except:
print FolderList[i],"=",""
return
return
except:
error()
print "There was an error while executing the File Path script (",args[0],"). Something went wrong!"
return "something went wrong!"
def parseInput(args):
# Input data is a list of key value pairs seperated by carraige return
# Create a python dictionary to create the attribute map
attributeMap = {}
delimiter = "="
for item in args:
if delimiter in item:
tuple = item.split(delimiter)
attributeMap[tuple[0]] = tuple[1]
return attributeMap
def error():
# "SCRIPT PROCESSING ERROR"
if(debugMode):
#print "Script Processing Error"
traceback.print_exc(file=sys.stdout)
return ""
if __name__ == "__main__":
if(len(sys.argv) == 0):
error()
else:
main(sys.argv)