Ejemplo n.º 1
0
    def GetAFF4PathForArtifactResponses(self, output_type):
        """Use the RDFValue type to find where in AFF4 space to write results.

    Args:
      output_type: The name of a SemanticValue type.

    Returns:
      A tuple of (aff4 object, attribute, operator)

    Raises:
      ArtifactProcessingError: If there is no defined mapping.
    """

        rdf_type = artifact.GRRArtifactMappings.rdf_map.get(output_type)
        if rdf_type is None:
            raise artifact_lib.ArtifactProcessingError(
                "No defined RDF type for %s.  See the description for "
                " the store_results_in_aff4 option, you probably want it set to "
                "false. Supported types are: %s" %
                (output_type, artifact.GRRArtifactMappings.rdf_map.keys()))

        # "info/software", "InstalledSoftwarePackages", "INSTALLED_PACKAGES",
        # "Append"
        relative_path, aff4_type, aff4_attribute, operator = rdf_type

        urn = self.client_id.Add(relative_path)
        try:
            result_object = aff4.FACTORY.Open(urn,
                                              aff4_type=aff4_type,
                                              mode="w",
                                              token=self.token)
        except IOError as e:
            raise artifact_lib.ArtifactProcessingError(
                "Failed to open result object for type %s. %s" %
                (output_type, e))

        result_attr = getattr(result_object.Schema, aff4_attribute, None)
        if result_attr is None:
            raise artifact_lib.ArtifactProcessingError(
                "Failed to get attribute %s for output type %s" %
                (aff4_attribute, output_type))

        return result_object, result_attr, operator
Ejemplo n.º 2
0
  def End(self):
    # If we got no responses, and user asked for it, we error out.
    if self.args.on_no_results_error and self.state.response_count == 0:
      raise artifact_lib.ArtifactProcessingError("Artifact collector returned "
                                                 "0 responses.")
    if self.runner.output is not None:
      urn = self.runner.output.urn
    else:
      urn = self.client_id

    self.Notify("ViewObject", urn,
                "Completed artifact collection of %s. Collected %d. Errors %d."
                % (self.args.artifact_list, self.state.response_count,
                   self.state.failed_count))