Python UniqueDomainsVisitedPlugin Exemples

Exemple #1

    def testUniqueDomainExtraction(self):
        """Tests for the unique domains plugin."""
        event_queue = single_process.SingleProcessQueue()
        knowledge_base = self._SetUpKnowledgeBase()

        # Fill the incoming queue with events.
        test_queue_producer = queue.ItemQueueProducer(event_queue)
        events = [
            self._CreateTestEventObject(test_event)
            for test_event in self.TEST_EVENTS
        ]
        test_queue_producer.ProduceItems(events)

        # Set up the plugin.
        analysis_plugin = unique_domains_visited.UniqueDomainsVisitedPlugin(
            event_queue)

        analysis_report_queue_consumer = self._RunAnalysisPlugin(
            analysis_plugin, knowledge_base)
        analysis_reports = self._GetAnalysisReportsFromQueue(
            analysis_report_queue_consumer)

        self.assertEqual(len(analysis_reports), 1)
        report_text = analysis_reports[0].GetString()
        for event_object in self.TEST_EVENTS:
            self.assertIn(event_object.get(u'domain', u''), report_text)

Exemple #2

Fichier : unique_domains_visited.py Projet : tavernier/plaso

    def testExamineEventAndCompileReport(self):
        """Tests the ExamineEvent and CompileReport functions."""
        plugin = unique_domains_visited.UniqueDomainsVisitedPlugin()
        storage_writer = self._AnalyzeEvents(self._TEST_EVENTS, plugin)

        self.assertEqual(len(storage_writer.analysis_reports), 1)

        analysis_report = storage_writer.analysis_reports[0]

        report_text = analysis_report.GetString()
        for event_dictionary in self._TEST_EVENTS:
            domain = event_dictionary.get('domain', '')
            self.assertIn(domain, report_text)

Exemple #3

    def testExamineEventAndCompileReport(self):
        """Tests the ExamineEvent and CompileReport functions."""
        plugin = unique_domains_visited.UniqueDomainsVisitedPlugin()
        storage_writer = self._AnalyzeEvents(self._TEST_EVENTS, plugin)

        self.assertEqual(len(storage_writer.analysis_reports), 1)

        analysis_report = storage_writer.analysis_reports[0]

        self.assertEqual(analysis_report.analysis_counter['firstevent.com'], 1)
        self.assertEqual(analysis_report.analysis_counter['secondevent.net'],
                         1)
        self.assertEqual(analysis_report.analysis_counter['thirdevent.org'], 1)
        self.assertEqual(analysis_report.analysis_counter['fourthevent.co'], 1)

Exemple #4

    def testExamineEventAndCompileReport(self):
        """Tests the ExamineEvent and CompileReport functions."""
        plugin = unique_domains_visited.UniqueDomainsVisitedPlugin()
        storage_writer = self._AnalyzeEvents(self._TEST_EVENTS, plugin)

        self.assertEqual(storage_writer.number_of_analysis_reports, 1)

        analysis_report = storage_writer.GetAttributeContainerByIndex(
            reports.AnalysisReport.CONTAINER_TYPE, 0)

        self.assertEqual(analysis_report.analysis_counter['firstevent.com'], 1)
        self.assertEqual(analysis_report.analysis_counter['secondevent.net'],
                         1)
        self.assertEqual(analysis_report.analysis_counter['thirdevent.org'], 1)
        self.assertEqual(analysis_report.analysis_counter['fourthevent.co'], 1)

Exemple #5

Fichier : unique_domains_visited.py Projet : jnaghdi/plaso

    def testExamineEventAndCompileReport(self):
        """Tests the ExamineEvent and CompileReport functions."""
        events = []
        for event_dictionary in self._TEST_EVENTS:
            event_dictionary['url'] = 'https://{0:s}/{1:s}'.format(
                event_dictionary['domain'], event_dictionary['path'])

            event = self._CreateTestEventObject(event_dictionary)
            events.append(event)

        plugin = unique_domains_visited.UniqueDomainsVisitedPlugin()
        storage_writer = self._AnalyzeEvents(events, plugin)

        self.assertEqual(len(storage_writer.analysis_reports), 1)

        analysis_report = storage_writer.analysis_reports[0]

        report_text = analysis_report.GetString()
        for event_dictionary in self._TEST_EVENTS:
            domain = event_dictionary.get('domain', '')
            self.assertIn(domain, report_text)