def testProcessStorage(self):
"""Test the ProcessStorage function."""
test_front_end = psort.PsortFrontend()
test_front_end.SetOutputFilename(u'output.txt')
test_front_end.SetOutputFormat(u'dynamic')
test_front_end.SetPreferredLanguageIdentifier(u'en-US')
test_front_end.SetQuietMode(True)
storage_file_path = self._GetTestFilePath([u'psort_test.out'])
storage_file = test_front_end.OpenStorage(storage_file_path, read_only=True)
output_writer = test_lib.StringIOOutputWriter()
output_module = test_front_end.GetOutputModule(storage_file)
output_module.SetOutputWriter(output_writer)
counter = test_front_end.ProcessStorage(output_module, storage_file, [], [])
self.assertEqual(counter[u'Stored Events'], 15)
output_writer.SeekToBeginning()
lines = []
line = output_writer.GetLine()
while line:
lines.append(line)
line = output_writer.GetLine()
self.assertEqual(len(lines), 16)
expected_line = (
u'2015-12-31T17:54:32+00:00,Entry Written,LOG,Log File,[anacron '
u'pid: 1234] : Another one just like this (124 job run),syslog,'
u'OS:syslog,-,6,1\n')
self.assertEquals(lines[13], expected_line)
def testProcessSourcesExtractWithDateTimeFilter(self):
"""Tests the ProcessSources function with a date time filter."""
test_front_end = image_export.ImageExportFrontend()
test_front_end.ParseDateFilters([
u'ctime, 2012-05-25 15:59:00, 2012-05-25 15:59:20'])
# TODO: move to corresponding CLI test.
output_writer = test_lib.StringIOOutputWriter()
test_front_end.PrintFilterCollection(output_writer)
expected_value = (
u'Filters:\n'
u'\tctime between 2012-05-25T15:59:00+00:00 and '
u'2012-05-25T15:59:20+00:00\n')
value = output_writer.GetValue()
self.assertEqual(value, expected_value)
test_path = self._GetTestFilePath([u'image.qcow2'])
os_path_spec = path_spec_factory.Factory.NewPathSpec(
dfvfs_definitions.TYPE_INDICATOR_OS, location=test_path)
qcow_path_spec = path_spec_factory.Factory.NewPathSpec(
dfvfs_definitions.TYPE_INDICATOR_QCOW, parent=os_path_spec)
path_spec = path_spec_factory.Factory.NewPathSpec(
dfvfs_definitions.TYPE_INDICATOR_TSK, location=u'/',
parent=qcow_path_spec)
test_front_end.ProcessSources([path_spec], self._temp_directory)
expected_extracted_files = sorted([
os.path.join(self._temp_directory, u'a_directory'),
os.path.join(self._temp_directory, u'a_directory', u'a_file')])
extracted_files = self._RecursiveList(self._temp_directory)
self.assertEqual(sorted(extracted_files), expected_extracted_files)
def testProcessStorage(self):
"""Test the ProcessStorage function."""
test_front_end = psort.PsortFrontend()
test_front_end.SetOutputFormat(u'dynamic')
test_front_end.SetPreferredLanguageIdentifier(u'en-US')
test_front_end.SetQuietMode(True)
storage_file_path = self._GetTestFilePath([u'psort_test.json.plaso'])
storage_file = test_front_end.OpenStorage(storage_file_path,
read_only=True)
try:
output_writer = test_lib.StringIOOutputWriter()
output_module = test_front_end.GetOutputModule(storage_file)
output_module.SetOutputWriter(output_writer)
counter = test_front_end.ProcessStorage(output_module,
storage_file,
storage_file_path, [], [])
finally:
storage_file.Close()
self.assertEqual(counter[u'Stored Events'], 32)
output_writer.SeekToBeginning()
lines = []
line = output_writer.GetLine()
while line:
lines.append(line)
line = output_writer.GetLine()
self.assertEqual(len(lines), 20)
expected_line = (u'2016-05-01T12:19:30+00:00,'
u'atime,'
u'FILE,'
u'OS atime,'
u'OS:/tmp/test/test_data/syslog Type: file,'
u'filestat,'
u'OS:/tmp/test/test_data/syslog,-\n')
self.assertEquals(lines[13], expected_line)
