def testAnalyzeEvents(self):
"""Tests the AnalyzeEvents function."""
test_file_path = self._GetTestFilePath(['psort_test.plaso'])
self._SkipIfPathNotExists(test_file_path)
session = sessions.Session()
knowledge_base_object = knowledge_base.KnowledgeBase()
output_mediator_object = output_mediator.OutputMediator(
knowledge_base_object,
data_location=shared_test_lib.TEST_DATA_PATH)
output_mediator_object.SetPreferredLanguageIdentifier('en-US')
output_module = null.NullOutputModule(output_mediator_object)
data_location = ''
analysis_plugin = tagging.TaggingAnalysisPlugin()
analysis_plugins = {'tagging': analysis_plugin}
# TODO: set tag file.
configuration = configurations.ProcessingConfiguration()
test_engine = psort.PsortMultiProcessEngine()
with shared_test_lib.TempDirectory() as temp_directory:
temp_file = os.path.join(temp_directory, 'storage.plaso')
shutil.copyfile(test_file_path, temp_file)
storage_writer = storage_factory.StorageFactory.CreateStorageWriter(
definitions.DEFAULT_STORAGE_FORMAT, session, temp_file)
counter = test_engine.AnalyzeEvents(knowledge_base_object,
storage_writer, output_module,
data_location,
analysis_plugins,
configuration)
# TODO: assert if tests were successful.
_ = counter
test_filter = filters_test_lib.TestEventFilter()
with shared_test_lib.TempDirectory() as temp_directory:
temp_file = os.path.join(temp_directory, 'storage.plaso')
shutil.copyfile(test_file_path, temp_file)
storage_writer = storage_factory.StorageFactory.CreateStorageWriter(
definitions.DEFAULT_STORAGE_FORMAT, session, temp_file)
counter = test_engine.AnalyzeEvents(knowledge_base_object,
storage_writer,
data_location,
analysis_plugins,
configuration,
event_filter=test_filter)
# TODO: assert if tests were successful.
_ = counter
def testAnalyzeEvents(self):
"""Tests the AnalyzeEvents function."""
storage_file_path = self._GetTestFilePath(['psort_test.json.plaso'])
session = sessions.Session()
knowledge_base_object = knowledge_base.KnowledgeBase()
formatter_mediator = formatters_mediator.FormatterMediator()
formatter_mediator.SetPreferredLanguageIdentifier('en-US')
output_mediator_object = output_mediator.OutputMediator(
knowledge_base_object, formatter_mediator)
output_module = null.NullOutputModule(output_mediator_object)
data_location = ''
analysis_plugin = tagging.TaggingAnalysisPlugin()
analysis_plugins = {'tagging': analysis_plugin}
# TODO: set tag file.
test_engine = psort.PsortMultiProcessEngine()
with shared_test_lib.TempDirectory() as temp_directory:
temp_file = os.path.join(temp_directory, 'storage.plaso')
shutil.copyfile(storage_file_path, temp_file)
storage_writer = storage_zip_file.ZIPStorageFileWriter(
session, temp_file)
counter = test_engine.AnalyzeEvents(knowledge_base_object,
storage_writer, output_module,
data_location,
analysis_plugins)
# TODO: assert if tests were successful.
_ = counter
test_filter = filters_test_lib.TestEventFilter()
with shared_test_lib.TempDirectory() as temp_directory:
temp_file = os.path.join(temp_directory, 'storage.plaso')
shutil.copyfile(storage_file_path, temp_file)
storage_writer = storage_zip_file.ZIPStorageFileWriter(
session, temp_file)
counter = test_engine.AnalyzeEvents(knowledge_base_object,
storage_writer,
data_location,
analysis_plugins,
event_filter=test_filter)
# TODO: assert if tests were successful.
_ = counter
def testAnalyzeEventsWithEventFilter(self):
"""Tests the AnalyzeEvents function with an event filter."""
test_file_path = self._GetTestFilePath(['psort_test.plaso'])
self._SkipIfPathNotExists(test_file_path)
test_tagging_file_path = self._GetTestFilePath(
['tagging_file', 'valid.txt'])
self._SkipIfPathNotExists(test_tagging_file_path)
session = sessions.Session()
knowledge_base_object = knowledge_base.KnowledgeBase()
data_location = ''
analysis_plugin = tagging.TaggingAnalysisPlugin()
analysis_plugin.SetAndLoadTagFile(test_tagging_file_path)
analysis_plugins = {'tagging': analysis_plugin}
configuration = configurations.ProcessingConfiguration()
test_engine = analysis_engine.AnalysisMultiProcessEngine()
test_filter = filters_test_lib.TestEventFilter()
with shared_test_lib.TempDirectory() as temp_directory:
temp_file = os.path.join(temp_directory, 'storage.plaso')
shutil.copyfile(test_file_path, temp_file)
storage_writer = storage_factory.StorageFactory.CreateStorageWriter(
definitions.DEFAULT_STORAGE_FORMAT)
storage_writer.Open(path=temp_file)
try:
number_of_reports = storage_writer.GetNumberOfAttributeContainers(
'analysis_report')
self.assertEqual(number_of_reports, 2)
test_engine.AnalyzeEvents(session,
knowledge_base_object,
storage_writer,
data_location,
analysis_plugins,
configuration,
event_filter=test_filter,
storage_file_path=temp_directory)
number_of_reports = storage_writer.GetNumberOfAttributeContainers(
'analysis_report')
self.assertEqual(number_of_reports, 3)
finally:
storage_writer.Close()
def testInternalAnalyzeEvents(self):
"""Tests the _AnalyzeEvents function."""
session = sessions.Session()
knowledge_base_object = knowledge_base.KnowledgeBase()
test_engine = psort.PsortMultiProcessEngine()
test_plugin = TestAnalysisPlugin()
with shared_test_lib.TempDirectory() as temp_directory:
temp_file = os.path.join(temp_directory, u'storage.plaso')
self._CreateTestStorageFile(temp_file)
storage_writer = storage_zip_file.ZIPStorageFileWriter(
session, temp_file)
storage_writer.StartTaskStorage()
storage_writer.Open()
storage_writer.ReadPreprocessingInformation(knowledge_base_object)
# TODO: implement, this currently loops infinite.
# test_engine._AnalyzeEvents(storage_writer, [test_plugin])
storage_writer.Close()
test_filter = filters_test_lib.TestEventFilter()
with shared_test_lib.TempDirectory() as temp_directory:
temp_file = os.path.join(temp_directory, u'storage.plaso')
self._CreateTestStorageFile(temp_file)
storage_writer = storage_zip_file.ZIPStorageFileWriter(
session, temp_file)
storage_writer.StartTaskStorage()
storage_writer.Open()
storage_writer.ReadPreprocessingInformation(knowledge_base_object)
# TODO: implement, this currently loops infinite.
_ = test_engine
_ = test_plugin
_ = test_filter
# test_engine._AnalyzeEvents(
# storage_writer, [test_plugin], event_filter=test_filter)
storage_writer.Close()
def testInternalAnalyzeEvents(self):
"""Tests the _AnalyzeEvents function."""
session = sessions.Session()
knowledge_base_object = knowledge_base.KnowledgeBase()
test_engine = psort.PsortMultiProcessEngine()
test_plugin = TestAnalysisPlugin()
with shared_test_lib.TempDirectory() as temp_directory:
temp_file = os.path.join(temp_directory, 'storage.plaso')
self._CreateTestStorageFile(temp_file)
self._ReadSessionConfiguration(temp_file, knowledge_base_object)
storage_writer = storage_factory.StorageFactory.CreateStorageWriter(
definitions.DEFAULT_STORAGE_FORMAT, session, temp_file)
storage_writer.StartTaskStorage()
storage_writer.Open()
# TODO: implement, this currently loops infinite.
# test_engine._AnalyzeEvents(storage_writer, [test_plugin])
storage_writer.Close()
test_filter = filters_test_lib.TestEventFilter()
with shared_test_lib.TempDirectory() as temp_directory:
temp_file = os.path.join(temp_directory, 'storage.plaso')
self._CreateTestStorageFile(temp_file)
self._ReadSessionConfiguration(temp_file, knowledge_base_object)
storage_writer = storage_factory.StorageFactory.CreateStorageWriter(
definitions.DEFAULT_STORAGE_FORMAT, session, temp_file)
storage_writer.StartTaskStorage()
storage_writer.Open()
# TODO: implement, this currently loops infinite.
_ = test_engine
_ = test_plugin
_ = test_filter
# test_engine._AnalyzeEvents(
# storage_writer, [test_plugin], event_filter=test_filter)
storage_writer.Close()
