# Import files into Python

Previously, you explored how to open files in Python, convert them into strings, and read them. In this reading, you'll review the syntax needed for this. You'll also focus on why the ability to work with files is important for security analysts using Python, and you will learn about writing files.

## Working with files in cybersecurity 

Security analysts may need to access a variety of files when working in Python. Many of these files will be logs. A **log** is a record of events that occur within an organization's systems.

For instance, there may be a log containing information on login attempts. This might be used to identify unusual activity that signals attempts made by a malicious actor to access the system.

As another example, malicious actors that have breached the system might be capable of attacking software applications. An analyst might need to access a log that contains information on software applications that are experiencing issues.

## Opening files in Python

To open a file called <var>"update\_log.txt"</var> in Python for purposes of reading it, you can incorporate the following line of code:

<var>with open("update\_log.txt", "r") as file:</var>

This line consists of the <var>with</var> keyword, the <var>open()</var> function with its two parameters, and the <var>as</var> keyword followed by a variable name. You must place a colon (<var>:</var>) at the end of the line.

### with

The keyword <var>with</var> handles errors and manages external resources when used with other functions. In this case, it's used with the <var>open()</var> function in order to open a file. It will then manage the resources by closing the file after exiting the <var>with</var> statement.

**Note:** You can also use the <var>open()</var> function without the <var>with</var> keyword. However, you should close the file you opened to ensure proper handling of the file.

### open()

The <var>open()</var> function opens a file in Python.

The first parameter identifies the file you want to open. In the following file structure, <var>"update\_log.txt"</var> is located in the same directory as the Python file that will access it, <var>"log\_parser.ipynb"</var>:

[![root file system example chart.png](https://library.naruzkurai.com/uploads/images/gallery/2023-12/scaled-1680-/root-file-system-example-chart.png)](https://library.naruzkurai.com/uploads/images/gallery/2023-12/root-file-system-example-chart.png)

Because they're in the same directory, only the name of the file is required. The code can be written as <var>with open("update\_log.txt", "r") as file:</var>.

However, <var>"access\_log.txt"</var> is not in the same directory as the Python file <var>"log\_parser.ipynb"</var>. Therefore, it's necessary to specify its absolute file path. A **file path** is the location of a file or directory. An absolute file path starts from the highest-level directory, the root. In the following code, the first parameter of the <var>open()</var> function includes the absolute file path to <var>"access\_log.txt"</var>:

<var>with open("/home/analyst/logs/access\_log.txt", "r") as file:</var>

**Note:** In Python, the names of files or their file paths can be handled as string data, and like all string data, you must place them in quotation marks.

The second parameter of the <var>open()</var> function indicates what you want to do with the file. In both of these examples, the second parameter is <var>"r"</var>, which indicates that you want to read the file. Alternatively, you can use <var>"w"</var> if you want to write to a file or <var>"a"</var> if you want to append to a file.

### as

When you open a file using <var>with open()</var>, you must provide a variable that can store the file while you are within the <var>with</var> statement. You can do this through the keyword <var>as</var> followed by this variable name. The keyword <var>as</var> assigns a variable that references another object. The code <var>with open("update\_log.txt", "r") as file:</var> assigns <var>file</var> to reference the output of the <var>open()</var> function within the indented code block that follows it.

## Reading files in Python

After you use the code <var>with open("update\_log.txt", "r") as file:</var> to import <var>"update\_log.txt"</var> into the <var>file</var> variable, you should indicate what to do with the file on the indented lines that follow it. For example, this code uses the <var>.read()</var> method to read the contents of the file:

<var>with open("update\_log.txt", "r") as file:</var>

<var> updates = file.read()</var>

<var>print(updates)</var>

The <var>.read()</var> method converts files into strings. This is necessary in order to use and display the contents of the file that was read.

In this example, the <var>file</var> variable is used to generate a string of the file contents through <var>.read()</var>. This string is then stored in another variable called <var>updates</var>. After this, <var>print(updates)</var> displays the string.

Once the file is read into the <var>updates</var> string, you can perform the same operations on it that you might perform with any other string. For example, you could use the <var>.index()</var> method to return the index where a certain character or substring appears. Or, you could use <var>len()</var> to return the length of this string.

## Writing files in Python

Security analysts may also need to write to files. This could happen for a variety of reasons. For example, they might need to create a file containing the approved usernames on a new allow list. Or, they might need to edit existing files to add data or to adhere to policies for standardization.

To write to a file, you will need to open the file with <var>"w"</var> or <var>"a"</var> as the second argument of <var>open()</var>.

You should use the <var>"w"</var> argument when you want to replace the contents of an existing file. When working with the existing file <var>update\_log.txt</var>, the code <var>with open("update\_log.txt", "w") as file:</var> opens it so that its contents can be replaced.

Additionally, you can use the <var>"w"</var> argument to create a new file. For example, <var>with open("update\_log2.txt", "w") as file:</var> creates and opens a new file called <var>"update\_log2.txt"</var>.

You should use the <var>"a"</var> argument if you want to append new information to the end of an existing file rather than writing over it. The code <var>with open("update\_log.txt", "a") as file:</var> opens <var>"update\_log.txt"</var> so that new information can be appended to the end. Its existing information will not be deleted.

Like when opening a file to read from it, you should indicate what to do with the file on the indented lines that follow when you open a file to write to it. With both <var>"w"</var> and <var>"a"</var>, you can use the <var>.write()</var> method. The <var>.write()</var> method writes string data to a specified file.

The following example uses the <var>.write()</var> method to append the content of the <var>line</var> variable to the file <var>"access\_log.txt"</var>.

<var>line = "jrafael,192.168.243.140,4:56:27,True"</var>

<var>with open("access\_log.txt", "a") as file:</var>

<var> file.write(line)</var>

**Note:** Calling the <var>.write()</var> method without using the <var>with</var> keyword when importing the file might result in its arguments not being completely written to the file if the file is not properly closed in another way.

## Key takeaways

It's important for security analysts to be able to import files into Python and then read from or write to them. Importing Python files involves using the <var>with</var> keyword, the <var>open()</var> function, and the <var>as</var> keyword. Reading from and writing to files requires knowledge of the <var>.read()</var> and <var>.write()</var> methods and the arguments to the <var>open()</var> function of <var>"r"</var>, <var>"w"</var>, and <var>"a"</var>.