|
|
|
@ -6,12 +6,10 @@ Automagically document the windows backup process |
|
|
|
__version__ = "0.0.1" |
|
|
|
__version__ = "0.0.1" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
from datetime import datetime |
|
|
|
|
|
|
|
from pathlib import Path |
|
|
|
from pathlib import Path |
|
|
|
|
|
|
|
from datetime import datetime |
|
|
|
|
|
|
|
|
|
|
|
import Evtx.Evtx as evtx |
|
|
|
import Evtx.Evtx as evtx |
|
|
|
import Evtx.Views as e_views |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
SCHEMA = "{http://schemas.microsoft.com/win/2004/08/events/event}" |
|
|
|
SCHEMA = "{http://schemas.microsoft.com/win/2004/08/events/event}" |
|
|
|
|
|
|
|
|
|
|
|
@ -50,8 +48,10 @@ def document_last_backup_time(path, last_backup_time): |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def windows(): |
|
|
|
def windows(): |
|
|
|
LOG_FILE_PATH = r"C:\Windows\System32\winevt\Logs\Microsoft-Windows-FileHistory-Core%4WHC.evtx" |
|
|
|
LOG_FILE_PATH = r"C:\Windows\System32\winevt\Logs\Microsoft-Windows-FileHistory-Core%4WHC.evtx" # noqa: E501 |
|
|
|
OUT_FILE_PATH = r"C:\Users\Holgi\Documents\safeguard_backup_documentation.txt" |
|
|
|
OUT_FILE_PATH = ( |
|
|
|
|
|
|
|
r"C:\Users\Holgi\Documents\safeguard_backup_documentation.txt" |
|
|
|
|
|
|
|
) |
|
|
|
|
|
|
|
|
|
|
|
last_backup = get_last_backup_time(Path(LOG_FILE_PATH)) |
|
|
|
last_backup = get_last_backup_time(Path(LOG_FILE_PATH)) |
|
|
|
document_last_backup_time(Path(OUT_FILE_PATH), last_backup) |
|
|
|
document_last_backup_time(Path(OUT_FILE_PATH), last_backup) |
