def DataHandlerMain(namespace, InputFilename, OutputFilename): import mcl.imports import mcl.data.Input import mcl.data.Output import mcl.status import mcl.target import mcl.object.Message mcl.imports.ImportNamesWithNamespace(namespace, 'mca.status.cmd.uptime', globals()) input = mcl.data.Input.GetInput(InputFilename) output = mcl.data.Output.StartOutput(OutputFilename, input) output.Start('UpTime', 'uptime', []) msg = mcl.object.Message.DemarshalMessage(input.GetData()) if input.GetStatus() != mcl.status.MCL_SUCCESS: errorMsg = msg.FindMessage(mcl.object.Message.MSG_KEY_RESULT_ERROR) moduleError = errorMsg.FindU32( mcl.object.Message.MSG_KEY_RESULT_ERROR_MODULE) osError = errorMsg.FindU32(mcl.object.Message.MSG_KEY_RESULT_ERROR_OS) output.RecordModuleError(moduleError, osError, errorStrings) output.EndWithStatus(input.GetStatus()) return True data = Result() data.Demarshal(msg) from mcl.object.XmlOutput import XmlOutput xml = XmlOutput() xml.Start('Uptime') xml.AddTimeElement('Duration', data.upTime) if data.idleTime.GetTimeType() != data.idleTime.MCL_TIME_TYPE_NOT_A_TIME: xml.AddTimeElement('IdleTime', data.idleTime) output.RecordXml(xml) output.EndWithStatus(mcl.target.CALL_SUCCEEDED) return True
def DataHandlerMain(namespace, InputFilename, OutputFilename): import mcl.imports import mcl.data.Input import mcl.data.Output import mcl.status import mcl.target import mcl.object.Message mcl.imports.ImportNamesWithNamespace(namespace, 'mca.status.cmd.time', globals()) input = mcl.data.Input.GetInput(InputFilename) output = mcl.data.Output.StartOutput(OutputFilename, input) output.Start('Time', 'time', []) msg = mcl.object.Message.DemarshalMessage(input.GetData()) if input.GetStatus() != mcl.status.MCL_SUCCESS: errorMsg = msg.FindMessage(mcl.object.Message.MSG_KEY_RESULT_ERROR) moduleError = errorMsg.FindU32( mcl.object.Message.MSG_KEY_RESULT_ERROR_MODULE) osError = errorMsg.FindU32(mcl.object.Message.MSG_KEY_RESULT_ERROR_OS) output.RecordModuleError(moduleError, osError, errorStrings) output.EndWithStatus(input.GetStatus()) return True from mcl.object.XmlOutput import XmlOutput xml = XmlOutput() xml.Start('Time') result = Result() result.Demarshal(msg) xml.AddTimeElement('LocalTime', result.localTime) xml.AddSubElementWithText('LocalTimeSeconds', '%u' % result.localTime.GetSeconds()) xml.AddTimeElement('SystemTime', result.systemTime) xml.AddSubElementWithText('SystemTimeSeconds', '%u' % result.systemTime.GetSeconds()) sub = xml.AddSubElement('TimeZone') sub.AddTimeElement('Bias', result.bias) if result.state == RESULT_STATE_STANDARD: sub.AddSubElementWithText('CurrentState', 'Standard') elif result.state == RESULT_STATE_DAYLIGHT: sub.AddSubElementWithText('CurrentState', 'Daylight') else: sub.AddSubElementWithText('CurrentState', 'Unknown') sub = xml.AddSubElement('DaylightSavingsTime') _writeDstInfo('Standard', result.standardBias, result.standardMonth, result.standardWeek, result.standardDay, result.standardName, sub) _writeDstInfo('Daylight', result.daylightBias, result.daylightMonth, result.daylightWeek, result.daylightDay, result.daylightName, sub) output.RecordXml(xml) output.EndWithStatus(mcl.target.CALL_SUCCEEDED) return True
def DataHandlerMain(namespace, InputFilename, OutputFilename): import mcl.imports import mcl.data.Input import mcl.data.Output import mcl.status import mcl.target import mcl.object.Message mcl.imports.ImportNamesWithNamespace(namespace, 'mca.status.cmd.activity', globals()) input = mcl.data.Input.GetInput(InputFilename) output = mcl.data.Output.StartOutput(OutputFilename, input) output.Start('Activity', 'activity', []) msg = mcl.object.Message.DemarshalMessage(input.GetData()) if input.GetStatus() != mcl.status.MCL_SUCCESS: errorMsg = msg.FindMessage(mcl.object.Message.MSG_KEY_RESULT_ERROR) moduleError = errorMsg.FindU32( mcl.object.Message.MSG_KEY_RESULT_ERROR_MODULE) osError = errorMsg.FindU32(mcl.object.Message.MSG_KEY_RESULT_ERROR_OS) output.RecordModuleError(moduleError, osError, errorStrings) output.EndWithStatus(input.GetStatus()) return True else: if msg.GetCount() == 0: output.EndWithStatus(mcl.target.CALL_SUCCEEDED) return True results = Result() results.Demarshal(msg) if results.moreData and results.lastActivity.GetTimeType( ) == results.lastActivity.MCL_TIME_TYPE_NOT_A_TIME: output.GoToBackground() from mcl.object.XmlOutput import XmlOutput xml = XmlOutput() if results.moreData: xml.Start('NewActivity') else: xml.Start('Activity') xml.AddTimeElement('Last', results.lastActivity) output.RecordXml(xml) if results.moreData: output.End() return True output.EndWithStatus(mcl.target.CALL_SUCCEEDED) return True
def DataHandlerMain(namespace, InputFilename, OutputFilename): import mcl.imports import mcl.data.Input import mcl.data.Output import mcl.status import mcl.target import mcl.object.Message mcl.imports.ImportNamesWithNamespace(namespace, 'mca.security.cmd.eventlogquery', globals()) input = mcl.data.Input.GetInput(InputFilename) output = mcl.data.Output.StartOutput(OutputFilename, input) output.Start('EventLogQuery', 'eventlogquery', []) msg = mcl.object.Message.DemarshalMessage(input.GetData()) if input.GetStatus() != mcl.status.MCL_SUCCESS: errorMsg = msg.FindMessage(mcl.object.Message.MSG_KEY_RESULT_ERROR) moduleError = errorMsg.FindU32(mcl.object.Message.MSG_KEY_RESULT_ERROR_MODULE) osError = errorMsg.FindU32(mcl.object.Message.MSG_KEY_RESULT_ERROR_OS) output.RecordModuleError(moduleError, osError, errorStrings) output.EndWithStatus(input.GetStatus()) return True atLeastOneOpened = False while msg.GetNumRetrieved() < msg.GetCount(): if mcl.CheckForStop(): output.EndWithStatus(mcl.target.CALL_FAILED) return False logmsg = msg.FindMessage(MSG_KEY_RESULT_LOG) opened = ResultLogStatus() opened.Demarshal(logmsg) if opened.opened: atLeastOneOpened = True from mcl.object.XmlOutput import XmlOutput xml = XmlOutput() if opened.opened == False: errStr = output.TranslateOsError(opened.error) xml.Start('ErrLog') xml.AddAttribute('osError', errStr) xml.AddAttribute('name', opened.logName) elif logmsg.PeekByKey(MSG_KEY_RESULT_LOG_INFO): eventInfo = ResultLogInfo() eventInfo.Demarshal(logmsg) xml.Start('EventLog') xml.AddAttribute('name', opened.logName) xml.AddAttribute('mostRecentRecordNum', '%u' % eventInfo.mostRecentRecNum) xml.AddAttribute('numRecords', '%u' % eventInfo.numRecords) xml.AddAttribute('oldestRecordNum', '%u' % eventInfo.oldestRecNum) xml.AddTimeElement('Time', eventInfo.mostRecentRecTime) else: xml.Start('Records') xml.AddAttribute('name', opened.logName) while logmsg.GetNumRetrieved() < logmsg.GetCount(): if mcl.CheckForStop(): output.EndWithStatus(mcl.target.CALL_FAILED) return False recordmsg = logmsg.FindMessage(MSG_KEY_RESULT_RECORD) record = ResultRecord() record.Demarshal(recordmsg) _handleEventRecord(xml, recordmsg, record) output.RecordXml(xml) if atLeastOneOpened: output.EndWithStatus(mcl.target.CALL_SUCCEEDED) else: output.EndWithStatus(mcl.target.CALL_FAILED) return True
def DataHandlerMain(namespace, InputFilename, OutputFilename): import mcl.imports import mcl.data.Input import mcl.data.Output import mcl.status import mcl.target import mcl.object.Message mcl.imports.ImportNamesWithNamespace(namespace, 'mca.file.cmd.fileattributes', globals()) ATTRIBS_TO_XML = { ATTRIB_ARCHIVE: 'FILE_ATTRIBUTE_ARCHIVE', ATTRIB_COMPRESSED: 'FILE_ATTRIBUTE_COMPRESSED', ATTRIB_DIRECTORY: 'FILE_ATTRIBUTE_DIRECTORY', ATTRIB_ENCRYPTED: 'FILE_ATTRIBUTE_ENCRYPTED', ATTRIB_HIDDEN: 'FILE_ATTRIBUTE_HIDDEN', ATTRIB_NORMAL: 'FILE_ATTRIBUTE_NORMAL', ATTRIB_OFFLINE: 'FILE_ATTRIBUTE_OFFLINE', ATTRIB_READONLY: 'FILE_ATTRIBUTE_READONLY', ATTRIB_REPARSE_POINT: 'FILE_ATTRIBUTE_REPARSE_POINT', ATTRIB_SPARSE_FILE: 'FILE_ATTRIBUTE_SPARSE_FILE', ATTRIB_SYSTEM: 'FILE_ATTRIBUTE_SYSTEM', ATTRIB_TEMPORARY: 'FILE_ATTRIBUTE_TEMPORARY', ATTRIB_NOT_INDEXED: 'FILE_ATTRIBUTE_NOT_CONTENT_INDEXED', ATTRIB_DEVICE: 'FILE_ATTRIBUTE_DEVICE', ATTRIB_OWNER_READ: 'FILE_ATTRIBUTE_OWNER_READ', ATTRIB_OWNER_WRITE: 'FILE_ATTRIBUTE_OWNER_WRITE', ATTRIB_OWNER_EXEC: 'FILE_ATTRIBUTE_OWNER_EXEC', ATTRIB_GROUP_READ: 'FILE_ATTRIBUTE_GROUP_READ', ATTRIB_GROUP_WRITE: 'FILE_ATTRIBUTE_GROUP_WRITE', ATTRIB_GROUP_EXEC: 'FILE_ATTRIBUTE_GROUP_EXEC', ATTRIB_WORLD_READ: 'FILE_ATTRIBUTE_WORLD_READ', ATTRIB_WORLD_WRITE: 'FILE_ATTRIBUTE_WORLD_WRITE', ATTRIB_WORLD_EXEC: 'FILE_ATTRIBUTE_WORLD_EXEC', ATTRIB_SET_UID: 'FILE_ATTRIBUTE_SET_UID', ATTRIB_SET_GID: 'FILE_ATTRIBUTE_SET_GID', ATTRIB_STICKY_BIT: 'FILE_ATTRIBUTE_STICKY_BIT' } input = mcl.data.Input.GetInput(InputFilename) output = mcl.data.Output.StartOutput(OutputFilename, input) output.Start('FileAttributes', 'fileattributes', []) msg = mcl.object.Message.DemarshalMessage(input.GetData()) if input.GetStatus() != mcl.status.MCL_SUCCESS: errorMsg = msg.FindMessage(mcl.object.Message.MSG_KEY_RESULT_ERROR) moduleError = errorMsg.FindU32( mcl.object.Message.MSG_KEY_RESULT_ERROR_MODULE) osError = errorMsg.FindU32(mcl.object.Message.MSG_KEY_RESULT_ERROR_OS) output.RecordModuleError(moduleError, osError, errorStrings) output.EndWithStatus(input.GetStatus()) return True results = Result() results.Demarshal(msg) from mcl.object.XmlOutput import XmlOutput xml = XmlOutput() if results.set: xml.Start('OriginalFileAttribs') else: xml.Start('FileAttribs') xml.AddAttribute('file', results.file) xml.AddAttribute('size', '%u' % results.size) if len(results.owner) > 0: xml.AddAttribute('owner', results.owner) if len(results.group) > 0: xml.AddAttribute('group', results.group) xml.AddTimeElement('Accessed', results.ftAccessed) xml.AddTimeElement('Created', results.ftCreated) xml.AddTimeElement('Modified', results.ftModified) xml.AddAttribute('attributeMask', '0x%08x' % results.attributes) for attrib in ATTRIBS_TO_XML.keys(): if results.attributes & attrib: xml.AddSubElement(ATTRIBS_TO_XML[attrib]) if results.attributes & ATTRIB_REPARSE_POINT: reparse = ReparseResult() reparse.Demarshal(msg) if reparse.type != REPARSE_TYPE_COULD_NOT_READ: sub = xml.AddSubElement('Reparse') sub.AddAttribute('flags', '0x%08x' % reparse.flags) if reparse.type == REPARSE_TYPE_MICROSOFT: sub.AddAttribute('type', 'windows') if reparse.flags & REPARSE_FLAG_SURROGATE: sub.AddSubElement('FILE_REPARSE_FLAG_SURROGATE') if reparse.flags & REPARSE_FLAG_MOUNT_POINT: sub.AddSubElement('FILE_REPARSE_FLAG_MOUNT_POINT') if reparse.flags & REPARSE_FLAG_MICROSOFT_HSM: sub.AddSubElement('FILE_REPARSE_FLAG_MICROSOFT_HSM') if reparse.flags & REPARSE_FLAG_MICROSOFT_SIS: sub.AddSubElement('FILE_REPARSE_FLAG_MICROSOFT_SIS') if reparse.flags & REPARSE_FLAG_MICROSOFT_DFS: sub.AddSubElement('FILE_REPARSE_FLAG_MICROSOFT_DFS') if reparse.flags & REPARSE_FLAG_SYMLINK: sub.AddSubElement('FILE_REPARSE_FLAG_SYMLINK') if reparse.flags & REPARSE_FLAG_DFSR: sub.AddSubElement('FILE_REPARSE_FLAG_DFSR') elif reparse.type == REPARSE_TYPE_THIRD_PARTY: sub.AddAttribute('type', 'unknown') else: sub.AddAttribute('type', 'unknown') sub.AddSubElementWithText('Data1', reparse.reparseData1) sub.AddSubElementWithText('Data2', reparse.reparseData2) sub.AddSubElementWithText('Data3', reparse.reparseData3) sub.AddSubElementWithText('Data4', reparse.reparseData4) output.RecordXml(xml) output.EndWithStatus(mcl.target.CALL_SUCCEEDED) return True