This script is intended for use in Symantec Data Loss Prevention and provide an ability to sort incidents not only by file name but also by separate subfolders in it's path.
You need to create following Custom Attributes:
''' Created on 8 feb 2016 @author: Stepanov Alexander x-and@yandex.ru ''' import sys import traceback import codecs reload(sys) sys.setdefaultencoding('cp1251') sys.stdout = codecs.getwriter('cp1251')(sys.stdout,'replace') # Switch this to 0 when in production mode. debugMode = 0 filePath="" FolderList = ('FPath_Root_Folder',\ 'FPath_SubFolder_1',\ 'FPath_SubFolder_2',\ 'FPath_SubFolder_3',\ 'FPath_SubFolder_4') def main(args): try: attributeMap = parseInput(args) try: filePath = attributeMap["endpoint-file-path"] except: return if filePath !="" : tempTuple = filePath.split(":") print "FPath_Drive_Letter =",tempTuple[0] File_Path_Temp = filePath.split("\\") i = 0 while(FolderList): try: tempTuple = File_Path_Temp[i+2] try: print FolderList[i],"=",File_Path_Temp[i+1] i+=1 except: print FolderList[i],"=","" break except: print FolderList[i],"=","" return return except: error() print "There was an error while executing the File Path script (",args[0],"). Something went wrong!" return "something went wrong!" def parseInput(args): # Input data is a list of key value pairs seperated by carraige return # Create a python dictionary to create the attribute map attributeMap = {} delimiter = "=" for item in args: if delimiter in item: tuple = item.split(delimiter) attributeMap[tuple[0]] = tuple[1] return attributeMap def error(): # "SCRIPT PROCESSING ERROR" if(debugMode): #print "Script Processing Error" traceback.print_exc(file=sys.stdout) return "" if __name__ == "__main__": if(len(sys.argv) == 0): error() else: main(sys.argv)