def GetSummary(self):
"""Gets a client summary object.
Returns:
rdf_client.ClientSummary
"""
self.max_age = 0
summary = rdf_client.ClientSummary(client_id=self.urn)
summary.system_info.node = self.Get(self.Schema.HOSTNAME)
summary.system_info.system = self.Get(self.Schema.SYSTEM)
summary.system_info.release = self.Get(self.Schema.OS_RELEASE)
summary.system_info.version = str(self.Get(self.Schema.OS_VERSION, ""))
summary.system_info.kernel = self.Get(self.Schema.KERNEL)
summary.system_info.fqdn = self.Get(self.Schema.FQDN)
summary.system_info.machine = self.Get(self.Schema.ARCH)
summary.system_info.install_date = self.Get(self.Schema.INSTALL_DATE)
kb = self.Get(self.Schema.KNOWLEDGE_BASE)
if kb:
summary.users = kb.users
summary.interfaces = self.Get(self.Schema.INTERFACES)
summary.client_info = self.Get(self.Schema.CLIENT_INFO)
summary.serial_number = self.Get(
self.Schema.HARDWARE_INFO).serial_number
summary.timestamp = self.age
summary.system_manufacturer = self.Get(
self.Schema.HARDWARE_INFO).system_manufacturer
return summary
def Run(self):
# Fix the time to avoid regressions.
with test_lib.FakeTime(42):
self.SetupClients(1)
start_handler = flow_plugin.ApiStartRobotGetFilesOperationHandler()
start_args = flow_plugin.ApiStartRobotGetFilesOperationArgs(
hostname="Host", paths=["/test"])
start_result = start_handler.Handle(start_args, token=self.token)
# Exploit the fact that 'get files' operation id is effectively a flow
# URN.
flow_urn = rdfvalue.RDFURN(start_result.operation_id)
# Put something in the output collection
flow_obj = aff4.FACTORY.Open(flow_urn,
aff4_type=flow.GRRFlow,
token=self.token)
with aff4.FACTORY.Create(
flow_obj.GetRunner().output_urn,
aff4_type=sequential_collection.GeneralIndexedCollection,
token=self.token) as collection:
collection.Add(rdf_client.ClientSummary())
self.Check("GET",
"/api/robot-actions/get-files/%s" %
start_result.operation_id,
replace={flow_urn.Basename(): "F:ABCDEF12"})
def Run(self):
# Fix the time to avoid regressions.
with test_lib.FakeTime(42):
client_urn = self.SetupClients(1)[0]
# Delete the certificates as it's being regenerated every time the
# client is created.
with aff4.FACTORY.Open(client_urn, mode="rw",
token=self.token) as client_obj:
client_obj.DeleteAttribute(client_obj.Schema.CERT)
flow_id = flow.GRRFlow.StartFlow(
flow_name=discovery.Interrogate.__name__,
client_id=client_urn,
token=self.token)
# Put something in the output collection
flow_obj = aff4.FACTORY.Open(flow_id,
aff4_type=flow.GRRFlow.__name__,
token=self.token)
flow_state = flow_obj.Get(flow_obj.Schema.FLOW_STATE)
with aff4.FACTORY.Create(
flow_state.context.output_urn,
aff4_type=aff4_collections.RDFValueCollection.__name__,
token=self.token) as collection:
collection.Add(rdf_client.ClientSummary())
self.Check("GET",
"/api/flows/%s/%s/status" %
(client_urn.Basename(), flow_id.Basename()),
replace={flow_id.Basename(): "F:ABCDEF12"})
def GetSummary(self):
"""Gets a client summary object.
Returns:
rdf_client.ClientSummary
"""
self.max_age = 0
summary = rdf_client.ClientSummary(client_id=self.urn)
summary.system_info.node = self.Get(self.Schema.HOSTNAME)
summary.system_info.system = self.Get(self.Schema.SYSTEM)
summary.system_info.release = self.Get(self.Schema.OS_RELEASE)
summary.system_info.version = str(self.Get(self.Schema.OS_VERSION, ""))
summary.system_info.kernel = self.Get(self.Schema.KERNEL)
summary.system_info.fqdn = self.Get(self.Schema.FQDN)
summary.system_info.machine = self.Get(self.Schema.ARCH)
summary.system_info.install_date = self.Get(self.Schema.INSTALL_DATE)
# This should be summary.users = self.Get(self.Schema.USER) but older
# clients may return serialized users here.
users = self.Get(self.Schema.USER)
if users:
summary.users = [rdf_client.User(u) for u in users]
summary.interfaces = self.Get(self.Schema.LAST_INTERFACES)
summary.client_info = self.Get(self.Schema.CLIENT_INFO)
summary.serial_number = self.Get(
self.Schema.HARDWARE_INFO).serial_number
summary.timestamp = self.age
summary.system_manufacturer = self.Get(
self.Schema.HARDWARE_INFO).system_manufacturer
return summary
def GetSummary(self):
"""Gets a client summary object.
Returns:
rdf_client.ClientSummary
Raises:
ValueError: on bad cloud type
"""
summary = rdf_client.ClientSummary()
summary.client_id = self.client_id
summary.timestamp = self.timestamp
summary.system_info.release = self.os_release
summary.system_info.version = str(self.os_version or "")
summary.system_info.kernel = self.kernel
summary.system_info.machine = self.arch
summary.system_info.install_date = self.install_time
kb = self.knowledge_base
if kb:
summary.system_info.fqdn = kb.fqdn
summary.system_info.system = kb.os
summary.users = kb.users
summary.interfaces = self.interfaces
summary.client_info = self.startup_info.client_info
if kb.os_release:
summary.system_info.release = kb.os_release
if kb.os_major_version:
summary.system_info.version = "%d.%d" % (
kb.os_major_version, kb.os_minor_version)
hwi = self.hardware_info
if hwi:
summary.serial_number = hwi.serial_number
summary.system_manufacturer = hwi.system_manufacturer
summary.system_uuid = hwi.system_uuid
cloud_instance = self.cloud_instance
if cloud_instance:
summary.cloud_type = cloud_instance.cloud_type
if cloud_instance.cloud_type == "GOOGLE":
summary.cloud_instance_id = cloud_instance.google.unique_id
elif cloud_instance.cloud_type == "AMAZON":
summary.cloud_instance_id = cloud_instance.amazon.instance_id
else:
raise ValueError("Bad cloud type: %s" %
cloud_instance.cloud_type)
return summary
def GetSummary(self):
"""Gets a client summary object.
Returns:
rdf_client.ClientSummary
Raises:
ValueError: on bad cloud type
"""
self.max_age = 0
summary = rdf_client.ClientSummary(client_id=self.urn)
summary.system_info.node = self.Get(self.Schema.HOSTNAME)
summary.system_info.system = self.Get(self.Schema.SYSTEM)
summary.system_info.release = self.Get(self.Schema.OS_RELEASE)
summary.system_info.version = str(self.Get(self.Schema.OS_VERSION, ""))
summary.system_info.kernel = self.Get(self.Schema.KERNEL)
summary.system_info.fqdn = self.Get(self.Schema.FQDN)
summary.system_info.machine = self.Get(self.Schema.ARCH)
summary.system_info.install_date = self.Get(self.Schema.INSTALL_DATE)
kb = self.Get(self.Schema.KNOWLEDGE_BASE)
if kb:
summary.users = kb.users
summary.interfaces = self.Get(self.Schema.INTERFACES)
summary.client_info = self.Get(self.Schema.CLIENT_INFO)
hwi = self.Get(self.Schema.HARDWARE_INFO)
if hwi:
summary.serial_number = hwi.serial_number
summary.system_manufacturer = hwi.system_manufacturer
summary.timestamp = self.age
cloud_instance = self.Get(self.Schema.CLOUD_INSTANCE)
if cloud_instance:
summary.cloud_type = cloud_instance.cloud_type
if cloud_instance.cloud_type == "GOOGLE":
summary.cloud_instance_id = cloud_instance.google.unique_id
elif cloud_instance.cloud_type == "AMAZON":
summary.cloud_instance_id = cloud_instance.amazon.instance_id
else:
raise ValueError("Bad cloud type: %s" %
cloud_instance.cloud_type)
return summary
def Run(self):
# Fix the time to avoid regressions.
with test_lib.FakeTime(42):
self.SetupClients(1)
start_handler = flow_plugin.ApiStartRobotGetFilesOperationHandler()
start_args = flow_plugin.ApiStartRobotGetFilesOperationArgs(
hostname="Host", paths=["/test"])
start_result = start_handler.Handle(start_args, token=self.token)
# Exploit the fact that 'get files' operation id is effectively a flow
# URN.
flow_urn = rdfvalue.RDFURN(start_result.operation_id)
# Put something in the output collection
collection = flow.GRRFlow.ResultCollectionForFID(flow_urn,
token=self.token)
collection.Add(rdf_client.ClientSummary())
self.Check("GetRobotGetFilesOperationState",
args=flow_plugin.ApiGetRobotGetFilesOperationStateArgs(
operation_id=start_result.operation_id),
replace={flow_urn.Basename(): "F:ABCDEF12"})
def testRdfFormatter(self):
"""Hints format RDF values with arbitrary values and attributes."""
# Create a complex RDF value
rdf = rdf_client.ClientSummary()
rdf.system_info.system = "Linux"
rdf.system_info.node = "coreai.skynet.com"
# Users (repeated)
rdf.users = [rdf_client.User(username=u) for u in ("root", "jconnor")]
# Interface (nested, repeated)
addresses = [
rdf_client.NetworkAddress(human_readable=a)
for a in ("1.1.1.1", "2.2.2.2", "3.3.3.3")
]
eth0 = rdf_client.Interface(ifname="eth0", addresses=addresses[:2])
ppp0 = rdf_client.Interface(ifname="ppp0", addresses=addresses[2])
rdf.interfaces = [eth0, ppp0]
template = ("{system_info.system} {users.username} {interfaces.ifname} "
"{interfaces.addresses.human_readable}\n")
hinter = hints.Hinter(template=template)
expected = "Linux root,jconnor eth0,ppp0 1.1.1.1,2.2.2.2,3.3.3.3"
result = hinter.Render(rdf)
self.assertEqual(expected, result)
