def open_dump(input_dump, columns, *, sieve=None, repres=None): abs_input_dump = os.path.abspath(input_dump) print_info(f'Opening USB event dump: "{abs_input_dump}"') try: with open(abs_input_dump, 'r', encoding='utf-8') as dump: events_dumped = json.load(dump) except json.decoder.JSONDecodeError as e: print_critical('Failed to decode event dump (JSON)', initial_error=str(e)) return if not events_dumped: print_critical('This dump is empty!') return events_to_show = _filter_events(events_dumped, sieve) if not events_to_show: print_info('No USB events found!') return if columns: table_data = [[COLUMN_NAMES[name] for name in columns]] else: columns = [key for key in COLUMN_NAMES.keys()] table_data = [[val for val in COLUMN_NAMES.values()]] _represent_events(events_to_show, columns, table_data, 'USB-Event-Dump', repres)
def event_history(self, columns, *, indent=4, sieve=None, repres=None): self._events_to_show = _filter_events(self._all_events, sieve) if not self._events_to_show: print_info('No USB events found!') return if not cfg.QUIET and cfg.ISATTY: choice, abs_filename = _output_choice('event history', 'history.json', 'history/') if choice == '2': try: _dump_events(self._events_to_show, 'event history', abs_filename, indent) except USBRipError as e: print_critical(str(e), initial_error=e.errors['initial_error']) return # elif choice == '1' or choice == '': if columns: table_data = [[COLUMN_NAMES[name] for name in columns]] else: columns = [key for key in COLUMN_NAMES.keys()] table_data = [[val for val in COLUMN_NAMES.values()]] _represent_events(self._events_to_show, columns, table_data, 'USB-History-Events', repres)
def search_violations(self, input_auth, attributes, columns, *, indent=4, sieve=None, repres=None): print_info( f'Opening authorized device list: "{os.path.abspath(input_auth)}"') try: auth = _process_auth_list(input_auth, indent) except json.decoder.JSONDecodeError as e: print_critical('Failed to decode authorized device list (JSON)', initial_error=str(e)) return print_info('Searching for violations') if not attributes: attributes = auth.keys() for event in self._all_events: try: if any(event[key] not in vals and event[key] is not None for key, vals in zip(attributes, auth.values())): self._violations.append(event) except KeyError as e: print_critical('No such attribute in authorized device list', initial_error=str(e)) return self._events_to_show = _filter_events(self._violations, sieve) if not self._events_to_show: print_info('No USB violation events found!') return if not cfg.QUIET and cfg.ISATTY: number, filename = _output_choice('violation', 'viol.json', 'violations/') if number is None: return elif number == 1: try: _dump_events(self._events_to_show, 'violations', filename, indent) except USBRipError as e: print_critical(str(e), initial_error=e.errors['initial_error']) return if columns: table_data = [[COLUMN_NAMES[name] for name in columns]] else: columns = [key for key in COLUMN_NAMES.keys()] table_data = [[val for val in COLUMN_NAMES.values()]] _represent_events(self._events_to_show, columns, table_data, 'USB-Violation-Events', repres)
def _validate_column_args(args): if 'column' in args and args.column: for column in args.column: if column not in COLUMN_NAMES.keys(): usbrip_arg_error(column + ': Invalid column name')