def _VerifyHunt(self, hunt):
results_metadata = aff4.FACTORY.Open(
hunt.urn.Add("ResultsMetadata"), aff4_type=HuntResultsMetadata.__name__,
token=hunt.token)
results = []
for plugin_id, (plugin_descriptor, _) in results_metadata.Get(
results_metadata.Schema.OUTPUT_PLUGINS, {}).items():
plugin_verifiers = plugin_descriptor.GetPluginVerifiers()
if not plugin_verifiers:
new_results = [output_plugin.OutputPluginVerificationResult(
status=output_plugin.OutputPluginVerificationResult.Status.N_A,
status_message=("Plugin %s is not verifiable." %
plugin_descriptor.plugin_name))]
else:
new_results = []
for plugin_verifier in plugin_verifiers:
new_results.append(
plugin_verifier.VerifyHuntOutput(
plugin_descriptor.plugin_args, hunt))
for result in new_results:
result.timestamp = rdfvalue.RDFDatetime().Now()
result.plugin_id = plugin_id
result.plugin_descriptor = plugin_descriptor
self.Log("Verification result for %s: (%s) %s." % (
utils.SmartStr(hunt.urn),
utils.SmartStr(result.status),
utils.SmartStr(result.status_message)))
results.extend(new_results)
return results
def _VerifyHunts(self, hunts_plugins_by_verifier):
results_by_hunt = {}
errors = []
for verifier_cls, hunts_plugins in hunts_plugins_by_verifier.items():
if verifier_cls == self.NON_VERIFIABLE:
for plugin_id, plugin_descriptor, plugin_obj, hunt in hunts_plugins:
result = output_plugin.OutputPluginVerificationResult(
status=output_plugin.OutputPluginVerificationResult.
Status.N_A,
status_message=("Plugin %s is not verifiable." %
plugin_obj.__class__.__name__))
self._FillResult(result, plugin_id, plugin_descriptor)
results_by_hunt.setdefault(hunt.urn, []).append(result)
stats.STATS.IncrementCounter(
"hunt_output_plugin_verifications",
fields=[utils.SmartStr(result.status)])
continue
verifier = verifier_cls()
plugins_hunts_pairs = []
for plugin_id, plugin_descriptor, plugin_obj, hunt in hunts_plugins:
plugins_hunts_pairs.append((plugin_obj, hunt))
try:
for hunt_urn, result in verifier.MultiVerifyHuntOutput(
plugins_hunts_pairs):
self._FillResult(result, plugin_id, plugin_descriptor)
results_by_hunt.setdefault(hunt.urn, []).append(result)
stats.STATS.IncrementCounter(
"hunt_output_plugin_verifications",
fields=[utils.SmartStr(result.status)])
except output_plugin.MultiVerifyHuntOutputError as e:
logging.exception(e)
errors.extend(e.errors)
stats.STATS.IncrementCounter(
"hunt_output_plugin_verification_errors",
delta=len(e.errors))
for hunt_urn, results in results_by_hunt.items():
yield hunt_urn, results
if errors:
raise MultiHuntVerificationSummaryError(errors)
def VerifyHuntOutput(self, plugin, hunt):
if hunt.runner_args.description == "raise":
raise RuntimeError("oh no")
return output_plugin.OutputPluginVerificationResult(
status_message=hunt.runner_args.description)
def VerifyHuntOutput(self, plugin, hunt):
VerifiableDummyHuntOutputPluginVerfier.num_calls += 1
return output_plugin.OutputPluginVerificationResult(status="SUCCESS",
status_message="yo")