我试图过滤subprocess.check_output来电的输出。问题是我不知道如何过滤某些“喜欢”的东西。我正在尝试过滤此格式域\用户名中的项目。该域名已知,但用户名可以是任何内容。
我曾尝试使用多个cut -d"" -f3类型的过滤器,但它不准确,它非常脏,而不是必须使用非本机Windows命令来删除安装端口的必要,必须有一个更优雅和高效这样做的方式?我希望有人可以帮助我。
以下是我到目前为止所使用的代码的截图以及我尝试过的内容
def tllocal(domain):
try:
out = subprocess.check_output(["tasklist", "/V", "/FI", "USERNAME eq %s\*" % domain]).split('\n')
tasklist = [task for task in out if task != '']
if tasklist != None:
return tasklist
else:
pass
except CalledProcessError as e:
print(e.returncode)
我做了各种不雅的尝试,类似于下面的
def tllocal(domain):
try:
#out = subprocess.check_output(["tasklist", "/V", "/FI", "USERNAME eq %s\\*" % domain]).split('\n')
cmdtask1 = 'tasklist /V /FI "USERNAME eq %s\\*" |cut -d" " -f48'
cmdtask2 = 'tasklist /V /FI "USERNAME eq %s\\*" |cut -d" " -f49'
cmdtask3 = 'tasklist /V /FI "USERNAME eq %s\\*" |cut -d" " -f50'
out1 = subprocess.check_output(cmdtask1).split('\n')
out2 = subprocess.check_output(cmdtask2).split('\n')
out3 = subprocess.check_output(cmdtask3).split('\n')
tasklist1 = [task for task in out1 if task != 'etc']
tasklist2 = [task for task in out2 if task != 'Running']
tasklist3 = [task for task in out3 if task != 'etc']
mergedlist = tasklist1 + tasklist2 + tasklist3
clean1 = [task for task in mergedlist if task != 'Console']
print clean1
except CalledProcessError as e:
print(e.returncode)
我想尝试过滤的数据如下,我试图只收集列表中的“DOMAIN \ USER”。
C:\Documents and Settings\xpuser>tasklist /V
Image Name PID Session Name Session# Mem Usage Status
User Name CPU Time Window T
itle
========================= ====== ================ ======== ============ ========
======= ================================================== ============ ========
================================================================
System Idle Process 0 Console 0 16 K Running
NT AUTHORITY\SYSTEM 25:44:53 N/A
System 4 Console 0 212 K Running
NT AUTHORITY\SYSTEM 0:00:06 N/A
smss.exe 372 Console 0 408 K Running
NT AUTHORITY\SYSTEM 0:00:00 N/A
csrss.exe 588 Console 0 3,456 K Running
NT AUTHORITY\SYSTEM 0:00:03 N/A
winlogon.exe 612 Console 0 5,420 K Running
NT AUTHORITY\SYSTEM 0:00:36 N/A
services.exe 656 Console 0 3,824 K Running
NT AUTHORITY\SYSTEM 0:00:00 N/A
lsass.exe 668 Console 0 1,736 K Running
NT AUTHORITY\SYSTEM 0:00:00 N/A
svchost.exe 824 Console 0 5,384 K Running
NT AUTHORITY\SYSTEM 0:00:00 N/A
svchost.exe 892 Console 0 4,628 K Running
NT AUTHORITY\NETWORK SERVICE 0:00:00 N/A
svchost.exe 984 Console 0 20,484 K Running
NT AUTHORITY\SYSTEM 0:00:04 N/A
svchost.exe 1032 Console 0 3,452 K Running
NT AUTHORITY\NETWORK SERVICE 0:00:00 N/A
svchost.exe 1132 Console 0 6,812 K Running
NT AUTHORITY\LOCAL SERVICE 0:00:00 N/A
spoolsv.exe 1408 Console 0 4,652 K Running
NT AUTHORITY\SYSTEM 0:00:00 N/A
svchost.exe 1512 Console 0 3,696 K Running
NT AUTHORITY\LOCAL SERVICE 0:00:00 N/A
snmp.exe 1612 Console 0 3,752 K Running
NT AUTHORITY\SYSTEM 0:00:00 N/A
alg.exe 196 Console 0 3,592 K Running
NT AUTHORITY\LOCAL SERVICE 0:00:00 N/A
explorer.exe 488 Console 0 17,004 K Running
WXP\xpuser 0:00:03 N/A
ctfmon.exe 508 Console 0 3,776 K Running
WXP\xpuser 0:00:00 N/A
MagicDisc.exe 1068 Console 0 1,236 K Running
WXP\xpuser 0:00:00 N/A
svchost.exe 1624 Console 0 3,416 K Running
NT AUTHORITY\SYSTEM 0:00:00 N/A
cmd.exe 1688 Console 0 2,696 K Running
WXP\xpuser 0:00:00 C:\WINDO
WS\system32\cmd.exe - tasklist /V
mmc.exe 2512 Console 0 13,796 K Running
WXP\xpuser 0:00:00 Computer
Management
tasklist.exe 3624 Console 0 4,704 K Running
WXP\xpuser 0:00:00 OleMainT
hreadWndName
wmiprvse.exe 2980 Console 0 5,820 K Running
NT AUTHORITY\NETWORK SERVICE 0:00:00 N/A
C:\Documents and Settings\xpuser>
答案 0 :(得分:0)
对于此特定任务,这应该为您提供域\用户字符串列表:
输入示例:
txt = """System 4 Console 0 212 K Running
NT AUTHORITY\SYSTEM 0:00:06 N/A
smss.exe 372 Console 0 408 K Running
NT AUTHORITY\SYSTEM 0:00:00 N/A"""
过滤器:
users = [word for word in txt.split() if '\\' in word]
输出:
In [18]: users
Out[18]: ['AUTHORITY\\SYSTEM', 'AUTHORITY\\SYSTEM']
In [19]: for user in users: print(user)
AUTHORITY\SYSTEM
AUTHORITY\SYSTEM
编辑:添加了.split()(错误删除)