def Main(): """The main program function. Returns: bool: True if successful or False if not. """ argument_parser = argparse.ArgumentParser(description=( 'Extracts information from Windows Restore Point rp.log files.')) argument_parser.add_argument('-d', '--debug', dest='debug', action='store_true', default=False, help='enable debug output.') argument_parser.add_argument( 'source', nargs='?', action='store', metavar='PATH', default=None, help='path of the Windows Restore Point rp.log file.') options = argument_parser.parse_args() if not options.source: print('Source file missing.') print('') argument_parser.print_help() print('') return False logging.basicConfig(level=logging.INFO, format='[%(levelname)s] %(message)s') output_writer = output_writers.StdoutWriter() try: output_writer.Open() except IOError as exception: print( 'Unable to open output writer with error: {0!s}'.format(exception)) print('') return False log_file = rp_log.RestorePointLogFile(debug=options.debug, output_writer=output_writer) log_file.Open(options.source) print('Windows Restore Point rp.log information:') print('') log_file.Close() output_writer.Close() return True
def testReadFileObject(self): """Tests the ReadFileObject function.""" output_writer = test_lib.TestOutputWriter() test_file = rp_log.RestorePointLogFile(debug=True, output_writer=output_writer) test_file_path = self._GetTestFilePath(['rp.log']) test_file.Open(test_file_path)
def testReadFileHeader(self): """Tests the _ReadFileHeader function.""" output_writer = test_lib.TestOutputWriter() test_file = rp_log.RestorePointLogFile(output_writer=output_writer) test_file_path = self._GetTestFilePath(['rp.log']) with open(test_file_path, 'rb') as file_object: test_file._ReadFileHeader(file_object)
def testDebugPrintFileFooter(self): """Tests the _DebugPrintFileFooter function.""" output_writer = test_lib.TestOutputWriter() test_file = rp_log.RestorePointLogFile(output_writer=output_writer) data_type_map = test_file._GetDataTypeMap('rp_log_file_footer') file_footer = data_type_map.CreateStructureValues(creation_time=1) test_file._DebugPrintFileFooter(file_footer)
def testDebugPrintFileHeader(self): """Tests the _DebugPrintFileHeader function.""" output_writer = test_lib.TestOutputWriter() test_file = rp_log.RestorePointLogFile(output_writer=output_writer) data_type_map = test_file._GetDataTypeMap('rp_log_file_header') file_header = data_type_map.CreateStructureValues( description='Description'.encode('utf-16-le'), event_type=1, restore_point_type=2, sequence_number=3) test_file._DebugPrintFileHeader(file_header)