def testCopyAttributesFromSessionStart(self):
"""Tests the CopyAttributesFromSessionStart function."""
attribute_container = sessions.Session()
session_start = sessions.SessionStart(
identifier=attribute_container.identifier)
attribute_container.CopyAttributesFromSessionStart(session_start)
def testReadAndWriteSerializedSessionStart(self):
"""Test ReadSerialized and WriteSerialized of SessionStart."""
timestamp = int(time.time() * 1000000)
session_identifier = '{0:s}'.format(uuid.uuid4().hex)
expected_session_start = sessions.SessionStart(
identifier=session_identifier)
expected_session_start.timestamp = timestamp
expected_session_start.product_name = 'plaso'
expected_session_start.product_version = plaso.__version__
json_string = (json_serializer.JSONAttributeContainerSerializer.
WriteSerialized(expected_session_start))
self.assertIsNotNone(json_string)
session_start = (json_serializer.JSONAttributeContainerSerializer.
ReadSerialized(json_string))
self.assertIsNotNone(session_start)
self.assertIsInstance(session_start, sessions.SessionStart)
expected_session_start_dict = {
'debug_mode': False,
'identifier': session_identifier,
'product_name': 'plaso',
'product_version': plaso.__version__,
'timestamp': timestamp
}
session_start_dict = session_start.CopyToDict()
self.assertEqual(sorted(session_start_dict.items()),
sorted(expected_session_start_dict.items()))
def testStorageWriter(self):
"""Test the storage writer."""
event_objects = test_lib.CreateTestEventObjects()
session_start = sessions.SessionStart()
preprocessing_object = event.PreprocessObject()
with shared_test_lib.TempDirectory() as temp_directory:
temp_file = os.path.join(temp_directory, u'storage.plaso')
storage_writer = zip_file.ZIPStorageFileWriter(
temp_file, preprocessing_object)
storage_writer.Open()
storage_writer.WriteSessionStart(session_start)
for event_object in event_objects:
storage_writer.AddEvent(event_object)
storage_writer.WriteSessionCompletion()
storage_writer.Close()
storage_file = zipfile.ZipFile(
temp_file, mode='r', compression=zipfile.ZIP_DEFLATED)
expected_filename_list = sorted([
u'event_data.000001',
u'event_index.000001',
u'event_timestamps.000001',
u'information.dump',
u'metadata.txt',
u'session_completion.000001',
u'session_start.000001'])
filename_list = sorted(storage_file.namelist())
self.assertEqual(len(filename_list), 7)
self.assertEqual(filename_list, expected_filename_list)
def _CreateSessionStart(self,
command_line_arguments=None,
filter_file=None,
parser_filter_expression=None,
preferred_encoding=u'utf-8'):
"""Creates the session start information.
Args:
command_line_arguments: optional string containing the command line
arguments.
filter_file: optional string containing the path to a file with find
specifications.
parser_filter_expression: optional string containining the parser filter
expression.
preferred_encoding: optional string containing the preferred encoding.
Returns:
A session start attribute container (instance of SessionStart).
"""
session_start = sessions.SessionStart()
session_start.command_line_arguments = command_line_arguments
session_start.filter_expression = self._filter_expression
session_start.filter_file = filter_file
session_start.debug_mode = self._debug_mode
session_start.parser_filter_expression = parser_filter_expression
session_start.preferred_encoding = preferred_encoding
return session_start
def testGetAttributeNames(self):
"""Tests the GetAttributeNames function."""
attribute_container = sessions.SessionStart()
expected_attribute_names = [
'identifier', 'product_name', 'product_version', 'timestamp'
]
attribute_names = sorted(attribute_container.GetAttributeNames())
self.assertEqual(attribute_names, expected_attribute_names)
def testWriteSessionStartAndCompletion(self):
"""Tests the WriteSessionStart and WriteSessionCompletion functions."""
session = sessions.Session()
session_start = sessions.SessionStart(identifier=session.identifier)
session_completion = sessions.SessionCompletion(
identifier=session.identifier)
with shared_test_lib.TempDirectory() as temp_directory:
temp_file = os.path.join(temp_directory, 'plaso.sqlite')
storage_file = sqlite_file.SQLiteStorageFile(
storage_type=definitions.STORAGE_TYPE_TASK)
storage_file.Open(path=temp_file, read_only=False)
storage_file.WriteSessionStart(session_start)
storage_file.WriteSessionCompletion(session_completion)
storage_file.Close()
def testCopyToDict(self):
"""Tests the CopyToDict function."""
timestamp = int(time.time() * 1000000)
session_identifier = '{0:s}'.format(uuid.uuid4().hex)
session_start = sessions.SessionStart(identifier=session_identifier)
session_start.timestamp = timestamp
session_start.product_name = 'plaso'
session_start.product_version = plaso.__version__
self.assertEqual(session_start.identifier, session_identifier)
expected_dict = {
'debug_mode': False,
'identifier': session_start.identifier,
'product_name': 'plaso',
'product_version': plaso.__version__,
'timestamp': timestamp}
test_dict = session_start.CopyToDict()
self.assertEqual(test_dict, expected_dict)
def testCopyToDict(self):
"""Tests the CopyToDict function."""
timestamp = int(time.time() * 1000000)
session_identifier = u'{0:s}'.format(uuid.uuid4().get_hex())
session_start = sessions.SessionStart(identifier=session_identifier)
session_start.timestamp = timestamp
session_start.product_name = u'plaso'
session_start.product_version = plaso.GetVersion()
self.assertEquals(session_start.identifier, session_identifier)
expected_dict = {
u'debug_mode': False,
u'identifier': session_start.identifier,
u'product_name': u'plaso',
u'product_version': plaso.GetVersion(),
u'timestamp': timestamp
}
test_dict = session_start.CopyToDict()
self.assertEqual(test_dict, expected_dict)
def testProcessSources(self):
"""Tests the ProcessSources function."""
source_path = os.path.join(self._TEST_DATA_PATH, u'ímynd.dd')
os_path_spec = path_spec_factory.Factory.NewPathSpec(
dfvfs_definitions.TYPE_INDICATOR_OS, location=source_path)
source_path_spec = path_spec_factory.Factory.NewPathSpec(
dfvfs_definitions.TYPE_INDICATOR_TSK,
location=u'/',
parent=os_path_spec)
self._test_engine.PreprocessSources([source_path_spec])
session_start = sessions.SessionStart()
storage_writer = fake_storage.FakeStorageWriter()
storage_writer.Open()
storage_writer.WriteSessionStart(session_start)
self._test_engine.ProcessSources([source_path_spec],
storage_writer,
parser_filter_expression=u'filestat')
self.assertEqual(len(storage_writer.event_objects), 15)
def testProcessSources(self):
"""Tests the PreprocessSources and ProcessSources function."""
test_engine = multi_process.MultiProcessEngine(
maximum_number_of_queued_items=100)
source_path = os.path.join(self._TEST_DATA_PATH, u'ímynd.dd')
os_path_spec = path_spec_factory.Factory.NewPathSpec(
dfvfs_definitions.TYPE_INDICATOR_OS, location=source_path)
source_path_spec = path_spec_factory.Factory.NewPathSpec(
dfvfs_definitions.TYPE_INDICATOR_TSK,
location=u'/',
parent=os_path_spec)
test_engine.PreprocessSources([source_path_spec])
session_start = sessions.SessionStart()
storage_writer = fake_storage.FakeStorageWriter()
storage_writer.Open()
storage_writer.WriteSessionStart(session_start)
test_engine.ProcessSources([source_path_spec],
storage_writer,
parser_filter_expression=u'filestat')
