def ReadHuntOutputPluginLogEntries(self,
hunt_id,
output_plugin_id,
offset,
count,
with_type=None,
cursor=None):
"""Reads hunt output plugin log entries."""
query = ("SELECT client_id, flow_id, log_entry_type, message, "
"UNIX_TIMESTAMP(timestamp) "
"FROM flow_output_plugin_log_entries "
"FORCE INDEX (flow_output_plugin_log_entries_by_hunt) "
"WHERE hunt_id = %s AND output_plugin_id = %s ")
args = [
db_utils.HuntIDToInt(hunt_id),
db_utils.OutputPluginIDToInt(output_plugin_id)
]
if with_type is not None:
query += "AND log_entry_type = %s "
args.append(int(with_type))
query += "ORDER BY log_id ASC LIMIT %s OFFSET %s"
args.append(count)
args.append(offset)
cursor.execute(query, args)
ret = []
for (client_id_int, flow_id_int, log_entry_type, message,
timestamp) in cursor.fetchall():
ret.append(
rdf_flow_objects.FlowOutputPluginLogEntry(
hunt_id=hunt_id,
client_id=db_utils.IntToClientID(client_id_int),
flow_id=db_utils.IntToFlowID(flow_id_int),
output_plugin_id=output_plugin_id,
log_entry_type=log_entry_type,
message=message,
timestamp=mysql_utils.TimestampToRDFDatetime(timestamp)))
return ret
def CountHuntOutputPluginLogEntries(self,
hunt_id,
output_plugin_id,
with_type=None,
cursor=None):
"""Counts hunt output plugin log entries."""
query = ("SELECT COUNT(*) "
"FROM flow_output_plugin_log_entries "
"FORCE INDEX (flow_output_plugin_log_entries_by_hunt) "
"WHERE hunt_id = %s AND output_plugin_id = %s ")
args = [
db_utils.HuntIDToInt(hunt_id),
db_utils.OutputPluginIDToInt(output_plugin_id)
]
if with_type is not None:
query += "AND log_entry_type = %s"
args.append(int(with_type))
cursor.execute(query, args)
return cursor.fetchone()[0]