def _attributes(self): attr = VMap() attr.thisown = False try: vlist = Variant(self.evt_record.getStrings(), typeId.String) vlist.thisown = False attr["Log strings"] = vlist except RuntimeError: pass s_name = Variant(self.evt_record.sourceName()) attr["Source name"] = s_name c_name = Variant(self.evt_record.computerName()) attr["Computer name"] = c_name event_type = Variant(self.evt_record.eventType()) attr["Event type"] = event_type time_gen = Variant(self.evt_record.getTimeGenerated()) attr["Time generated"] = time_gen time_written = Variant(self.evt_record.getTimeWritten()) attr["Time written"] = time_written return attr
def attributes(self, node): try: classAttributes = self.nodeAttributes[node.uid()] return classAttributes._attributes() except KeyError: attr = VMap() attr.thisown = False return attr
def attributes(self, node): try: classAttributes = self.nodeAttributes[long(node.this)] return classAttributes._attributes() except KeyError: attr = VMap() attr.thisown = False return attr
def attributes(self, node): attr = VMap() attr.thisown = False file = node.open() parser = guessParser(StringInputStream(file.read())) file.close() if not parser: attr["info"] = Variant("unable to read metadata") return attr try: metadata = extractMetadata(parser) for data in metadata: if not(any(data.values)): continue attr[data.key] = Variant("; ".join([str(val.value) for val in data.values])) except HachoirError, err: attr["info"] = Variant("error while reading metadata")