def testListLogsWithoutClientIds(self):
hunt_urn = self.StartHunt()
if data_store.RelationalDBReadEnabled():
client_ids = self.SetupClients(2)
self.AssignTasksToClients(client_ids)
data_store.REL_DB.WriteFlowLogEntries([
rdf_flow_objects.FlowLogEntry(
client_id=client_ids[0].Basename(),
flow_id=hunt_urn.Basename(),
hunt_id=hunt_urn.Basename(),
message="Sample message: foo."),
rdf_flow_objects.FlowLogEntry(
client_id=client_ids[1].Basename(),
flow_id=hunt_urn.Basename(),
hunt_id=hunt_urn.Basename(),
message="Sample message: bar.")
])
else:
hunt_obj = aff4.FACTORY.Open(hunt_urn, mode="rw")
hunt_obj.Log("Sample message: foo.")
hunt_obj.Log("Sample message: bar.")
logs = list(self.api.Hunt(hunt_urn.Basename()).ListLogs())
self.assertLen(logs, 2)
self.assertEqual(logs[0].data.log_message, "Sample message: foo.")
self.assertEqual(logs[1].data.log_message, "Sample message: bar.")
def AddLogToHunt(self, hunt_id, client_id, message):
if isinstance(client_id, rdfvalue.RDFURN):
client_id = client_id.Basename()
if isinstance(hunt_id, rdfvalue.RDFURN):
hunt_id = hunt_id.Basename()
if data_store.RelationalDBEnabled():
flow_id = self._EnsureClientHasHunt(client_id, hunt_id)
data_store.REL_DB.WriteFlowLogEntries([
rdf_flow_objects.FlowLogEntry(
client_id=client_id,
flow_id=flow_id,
hunt_id=hunt_id,
message=message)
])
else:
hunt_obj = aff4.FACTORY.Open(rdfvalue.RDFURN("hunts").Add(hunt_id))
logs_collection_urn = hunt_obj.logs_collection_urn
log_entry = rdf_flows.FlowLog(
client_id=client_id,
urn=rdf_client.ClientURN(client_id).Add(hunt_id),
flow_name=hunt_obj.__class__.__name__,
log_message=message)
with data_store.DB.GetMutationPool() as pool:
grr_collections.LogCollection.StaticAdd(
logs_collection_urn, log_entry, mutation_pool=pool)
def AddLogToHunt(self, hunt_id, client_id, message):
flow_id = self._EnsureClientHasHunt(client_id, hunt_id)
data_store.REL_DB.WriteFlowLogEntry(
rdf_flow_objects.FlowLogEntry(client_id=client_id,
flow_id=flow_id,
hunt_id=hunt_id,
message=message))
def _AddLogToFlow(self, client_id, flow_id, log_string):
if data_store.RelationalDBFlowsEnabled():
entry = rdf_flow_objects.FlowLogEntry(message=log_string)
data_store.REL_DB.WriteFlowLogEntries(client_id, flow_id, [entry])
else:
flow_urn = rdfvalue.RDFURN(client_id).Add("flows").Add(flow_id)
with aff4.FACTORY.Open(flow_urn, token=self.token) as fd:
fd.Log(log_string)
def Log(self, format_str, *args):
"""Logs the message using the flow's standard logging.
Args:
format_str: Format string
*args: arguments to the format string
"""
log_entry = rdf_flow_objects.FlowLogEntry(message=format_str % args)
data_store.REL_DB.WriteFlowLogEntries(self.rdf_flow.client_id,
self.rdf_flow.flow_id, [log_entry])
def Run(self):
with test_lib.FakeTime(42):
hunt_id = self.CreateHunt(creator=self.token.username)
client_id = self.SetupClient(0)
flow_id = flow_test_lib.StartFlow(
flows_processes.ListProcesses,
client_id=client_id,
parent_hunt_id=hunt_id)
with test_lib.FakeTime(52):
data_store.REL_DB.WriteFlowLogEntries([
rdf_flow_objects.FlowLogEntry(
client_id=client_id,
flow_id=flow_id,
hunt_id=hunt_id,
message="Sample message: foo")
])
with test_lib.FakeTime(55):
data_store.REL_DB.WriteFlowLogEntries([
rdf_flow_objects.FlowLogEntry(
client_id=client_id,
flow_id=flow_id,
hunt_id=hunt_id,
message="Sample message: bar")
])
self.Check(
"ListHuntLogs",
args=hunt_plugin.ApiListHuntLogsArgs(hunt_id=hunt_id),
replace={hunt_id: "H:123456"})
self.Check(
"ListHuntLogs",
args=hunt_plugin.ApiListHuntLogsArgs(hunt_id=hunt_id, count=1),
replace={hunt_id: "H:123456"})
self.Check(
"ListHuntLogs",
args=hunt_plugin.ApiListHuntLogsArgs(
hunt_id=hunt_id, offset=1, count=1),
replace={hunt_id: "H:123456"})
def testListLogsWithoutClientIds(self):
hunt_id = self.StartHunt()
client_ids = self.SetupClients(2)
self.AssignTasksToClients(client_ids)
data_store.REL_DB.WriteFlowLogEntries([
rdf_flow_objects.FlowLogEntry(client_id=client_ids[0],
flow_id=hunt_id,
hunt_id=hunt_id,
message="Sample message: foo."),
rdf_flow_objects.FlowLogEntry(client_id=client_ids[1],
flow_id=hunt_id,
hunt_id=hunt_id,
message="Sample message: bar.")
])
logs = list(self.api.Hunt(hunt_id).ListLogs())
self.assertLen(logs, 2)
self.assertEqual(logs[0].data.log_message, "Sample message: foo.")
self.assertEqual(logs[1].data.log_message, "Sample message: bar.")
def _WriteHuntLogEntries(self):
hunt_obj = rdf_hunt_objects.Hunt(hunt_id=hunt.RandomHuntId(),
description="foo")
self.db.WriteHuntObject(hunt_obj)
for i in range(10):
client_id, flow_id = self._SetupHuntClientAndFlow(
client_id="C.12345678901234A%d" % i, hunt_id=hunt_obj.hunt_id)
self.db.WriteFlowLogEntries(
client_id, flow_id,
[rdf_flow_objects.FlowLogEntry(message="blah%d" % i)])
return hunt_obj
def Log(self, format_str, *args):
"""Logs the message using the flow's standard logging.
Args:
format_str: Format string
*args: arguments to the format string
"""
log_entry = rdf_flow_objects.FlowLogEntry(
client_id=self.rdf_flow.client_id,
flow_id=self.rdf_flow.flow_id,
hunt_id=self.rdf_flow.parent_hunt_id,
message=format_str % args)
data_store.REL_DB.WriteFlowLogEntries([log_entry])
if self.rdf_flow.parent_hunt_id:
db_compat.ProcessHuntFlowLog(self.rdf_flow, format_str % args)
def _WriteNestedAndNonNestedLogEntries(self, hunt_obj):
client_id, flow_id = self._SetupHuntClientAndFlow(hunt_id=hunt_obj.hunt_id)
self.db.WriteFlowLogEntries([
rdf_flow_objects.FlowLogEntry(
client_id=client_id,
# Top-level hunt-induced flows should have hunt's ids.
flow_id=flow_id,
hunt_id=hunt_obj.hunt_id,
message="blah")
])
for i in range(10):
_, nested_flow_id = self._SetupHuntClientAndFlow(
client_id=client_id,
parent_flow_id=flow_id,
hunt_id=hunt_obj.hunt_id,
flow_id=flow.RandomFlowId())
self.db.WriteFlowLogEntries([
rdf_flow_objects.FlowLogEntry(
client_id=client_id,
flow_id=nested_flow_id,
hunt_id=hunt_obj.hunt_id,
message="blah_%d" % i)
])
def testReadHuntLogEntriesReturnsEntryFromSingleHuntFlow(self):
hunt_obj = rdf_hunt_objects.Hunt(
hunt_id=hunt.RandomHuntId(), description="foo")
self.db.WriteHuntObject(hunt_obj)
client_id, flow_id = self._SetupHuntClientAndFlow(
client_id="C.12345678901234AA", hunt_id=hunt_obj.hunt_id)
self.db.WriteFlowLogEntries(client_id, flow_id,
[rdf_flow_objects.FlowLogEntry(message="blah")])
hunt_log_entries = self.db.ReadHuntLogEntries(hunt_obj.hunt_id, 0, 10)
self.assertLen(hunt_log_entries, 1)
self.assertIsInstance(hunt_log_entries[0], rdf_flow_objects.FlowLogEntry)
self.assertEqual(hunt_log_entries[0].hunt_id, hunt_obj.hunt_id)
self.assertEqual(hunt_log_entries[0].client_id, client_id)
self.assertEqual(hunt_log_entries[0].flow_id, flow_id)
self.assertEqual(hunt_log_entries[0].message, "blah")
def ReadHuntLogEntries(self, hunt_id, offset, count, with_substring=None):
"""Reads hunt log entries of a given hunt using given query options."""
all_entries = []
for flow_obj in self._GetHuntFlows(hunt_id):
for entry in self.ReadFlowLogEntries(
flow_obj.client_id,
flow_obj.flow_id,
0,
sys.maxsize,
with_substring=with_substring):
all_entries.append(
rdf_flow_objects.FlowLogEntry(
hunt_id=hunt_id,
client_id=flow_obj.client_id,
flow_id=flow_obj.flow_id,
timestamp=entry.timestamp,
message=entry.message))
return sorted(all_entries, key=lambda x: x.timestamp)[offset:offset + count]
def Log(self, format_str: str, *args: object) -> None:
"""Logs the message using the flow's standard logging.
Args:
format_str: Format string
*args: arguments to the format string
"""
# If there are no formatting arguments given, we do not format the message.
# This behaviour is in-line with `logging.*` functions and allows one to log
# messages with `%` without weird workarounds.
if not args:
message = format_str
else:
message = format_str % args
log_entry = rdf_flow_objects.FlowLogEntry(
client_id=self.rdf_flow.client_id,
flow_id=self.rdf_flow.flow_id,
hunt_id=self.rdf_flow.parent_hunt_id,
message=message)
data_store.REL_DB.WriteFlowLogEntry(log_entry)
def ReadHuntLogEntries(self,
hunt_id,
offset,
count,
with_substring=None,
cursor=None):
"""Reads hunt log entries of a given hunt using given query options."""
hunt_id_int = db_utils.HuntIDToInt(hunt_id)
query = (
"SELECT client_id, flow_id, message, UNIX_TIMESTAMP(timestamp) "
"FROM flow_log_entries "
"FORCE INDEX(flow_log_entries_by_hunt) "
"WHERE hunt_id = %s AND flow_id = hunt_id ")
args = [hunt_id_int]
if with_substring is not None:
query += "AND message LIKE %s "
args.append("%" + db_utils.EscapeWildcards(with_substring) + "%")
query += "ORDER BY timestamp ASC LIMIT %s OFFSET %s"
args.append(count)
args.append(offset)
cursor.execute(query, args)
flow_log_entries = []
for client_id_int, flow_id_int, message, timestamp in cursor.fetchall(
):
flow_log_entries.append(
rdf_flow_objects.FlowLogEntry(
client_id=db_utils.IntToClientID(client_id_int),
flow_id=db_utils.IntToFlowID(flow_id_int),
hunt_id=hunt_id,
message=message,
timestamp=mysql_utils.TimestampToRDFDatetime(timestamp)))
return flow_log_entries
def _AddLogToFlow(self, client_id, flow_id, log_string):
entry = rdf_flow_objects.FlowLogEntry(
client_id=client_id, flow_id=flow_id, message=log_string)
data_store.REL_DB.WriteFlowLogEntries([entry])
def Run(self):
if data_store.RelationalDBEnabled():
with test_lib.FakeTime(42):
hunt_id = self.CreateHunt()
client_id = self.SetupClient(0).Basename()
flow_id = flow_test_lib.StartFlow(flows_processes.ListProcesses,
client_id=client_id,
parent_hunt_id=hunt_id)
with test_lib.FakeTime(52):
data_store.REL_DB.WriteFlowLogEntries([
rdf_flow_objects.FlowLogEntry(
client_id=client_id,
flow_id=flow_id,
hunt_id=hunt_id,
message="Sample message: foo")
])
with test_lib.FakeTime(55):
data_store.REL_DB.WriteFlowLogEntries([
rdf_flow_objects.FlowLogEntry(
client_id=client_id,
flow_id=flow_id,
hunt_id=hunt_id,
message="Sample message: bar")
])
else:
with test_lib.FakeTime(42):
client_id = self.SetupClient(0)
flow_id = "H:123456"
with self.CreateHunt(description="the hunt") as hunt_obj:
hunt_id = hunt_obj.urn.Basename()
logs_collection_urn = hunt_obj.logs_collection_urn
log_entry = rdf_flows.FlowLog(
client_id=client_id,
urn=client_id.Add(flow_id),
flow_name=hunt_obj.__class__.__name__,
log_message="Sample message: foo")
with test_lib.FakeTime(52):
with data_store.DB.GetMutationPool() as pool:
grr_collections.LogCollection.StaticAdd(
logs_collection_urn, log_entry, mutation_pool=pool)
log_entry = rdf_flows.FlowLog(
client_id=client_id,
urn=client_id.Add(flow_id),
flow_name=hunt_obj.__class__.__name__,
log_message="Sample message: bar")
with test_lib.FakeTime(55):
with data_store.DB.GetMutationPool() as pool:
grr_collections.LogCollection.StaticAdd(
logs_collection_urn, log_entry, mutation_pool=pool)
self.Check("ListHuntLogs",
args=hunt_plugin.ApiListHuntLogsArgs(hunt_id=hunt_id),
replace={hunt_id: "H:123456"})
self.Check("ListHuntLogs",
args=hunt_plugin.ApiListHuntLogsArgs(hunt_id=hunt_id,
count=1),
replace={hunt_id: "H:123456"})
self.Check("ListHuntLogs",
args=hunt_plugin.ApiListHuntLogsArgs(hunt_id=hunt_id,
offset=1,
count=1),
replace={hunt_id: "H:123456"})
