def testSearchFileContents(self):
pattern = "searching/*.log"
client_mock = action_mocks.GrepClientMock()
path = os.path.join(self.base_path, pattern)
args = grep.SearchFileContentArgs(
paths=[path], pathtype=rdf_paths.PathSpec.PathType.OS)
args.grep.literal = rdf_standard.LiteralExpression(
"session opened for user dearjohn")
args.grep.mode = rdf_client.GrepSpec.Mode.ALL_HITS
# Run the flow.
for s in flow_test_lib.TestFlowHelper(
grep.SearchFileContent.__name__,
client_mock,
client_id=self.client_id,
args=args,
token=self.token):
session_id = s
fd = flow.GRRFlow.ResultCollectionForFID(session_id)
# Make sure that there is a hit.
self.assertEqual(len(fd), 1)
first = fd[0]
self.assertEqual(first.offset, 350)
self.assertEqual(first.data,
"session): session opened for user dearjohn by (uid=0")
def testSearchFileContents(self):
pattern = "searching/*.log"
client_mock = action_mocks.ActionMock("Find", "Grep", "StatFile")
path = os.path.join(self.base_path, pattern)
args = grep.SearchFileContentArgs(
paths=[path], pathtype=rdf_paths.PathSpec.PathType.OS)
args.grep.literal = rdf_standard.LiteralExpression(
"session opened for user dearjohn")
args.grep.mode = rdf_client.GrepSpec.Mode.ALL_HITS
# Run the flow.
for s in test_lib.TestFlowHelper(
"SearchFileContent",
client_mock,
client_id=self.client_id,
args=args,
token=self.token):
session_id = s
fd = aff4.FACTORY.Open(
session_id.Add(flow_runner.RESULTS_SUFFIX), token=self.token)
# Make sure that there is a hit.
self.assertEqual(len(fd), 1)
first = fd[0]
self.assertEqual(first.offset, 350)
self.assertEqual(first.data,
"session): session opened for user dearjohn by (uid=0")
def testSearchFileContents(self):
pattern = "test_data/*.log"
client_mock = action_mocks.ActionMock("Find", "Grep", "StatFile")
path = os.path.join(os.path.dirname(self.base_path), pattern)
args = grep.SearchFileContentArgs(
paths=[path], pathtype=rdf_paths.PathSpec.PathType.OS)
args.grep.literal = rdf_standard.LiteralExpression(
"session opened for user dearjohn")
args.grep.mode = rdf_client.GrepSpec.Mode.ALL_HITS
# Run the flow.
for _ in test_lib.TestFlowHelper("SearchFileContent",
client_mock,
client_id=self.client_id,
output="analysis/grep/testing",
args=args,
token=self.token):
pass
fd = aff4.FACTORY.Open(rdfvalue.RDFURN(
self.client_id).Add("/analysis/grep/testing"),
token=self.token)
# Make sure that there is a hit.
self.assertEqual(len(fd), 1)
first = fd[0]
self.assertEqual(first.offset, 350)
self.assertEqual(
first.data, "session): session opened for user dearjohn by (uid=0")