def ProcessRepliesWithOutputPlugins(self, replies): if not self.runner_args.output_plugins or not replies: return for output_plugin_state in self.context.output_plugins_states: plugin_descriptor = output_plugin_state.plugin_descriptor plugin_state = output_plugin_state.plugin_state output_plugin = plugin_descriptor.GetPluginForState(plugin_state) # Extend our lease if needed. self.flow_obj.HeartBeat() try: output_plugin.ProcessResponses(replies) output_plugin.Flush() log_item = output_plugin_lib.OutputPluginBatchProcessingStatus( plugin_descriptor=plugin_descriptor, status="SUCCESS", batch_size=len(replies)) # Cannot append to lists in AttributedDicts. plugin_state["logs"] += [log_item] self.Log("Plugin %s sucessfully processed %d flow replies.", plugin_descriptor, len(replies)) except Exception as e: # pylint: disable=broad-except error = output_plugin_lib.OutputPluginBatchProcessingStatus( plugin_descriptor=plugin_descriptor, status="ERROR", summary=utils.SmartStr(e), batch_size=len(replies)) # Cannot append to lists in AttributedDicts. plugin_state["errors"] += [error] self.Log("Plugin %s failed to process %d replies due to: %s", plugin_descriptor, len(replies), e)
def RunPlugins(self, hunt_urn, plugins, results, exceptions_by_plugin): for plugin_def, plugin in plugins: try: plugin.ProcessResponses(results) plugin.Flush() plugin_status = output_plugin.OutputPluginBatchProcessingStatus( plugin_descriptor=plugin_def, status="SUCCESS", batch_size=len(results)) stats.STATS.IncrementCounter( "hunt_results_ran_through_plugin", delta=len(results), fields=[plugin_def.plugin_name]) except Exception as e: # pylint: disable=broad-except logging.exception("Error processing hunt results: hunt %s, " "plugin %s", hunt_urn, utils.SmartStr(plugin)) self.Log("Error processing hunt results (hunt %s, " "plugin %s): %s" % (hunt_urn, utils.SmartStr(plugin), e)) stats.STATS.IncrementCounter( "hunt_output_plugin_errors", fields=[plugin_def.plugin_name]) plugin_status = output_plugin.OutputPluginBatchProcessingStatus( plugin_descriptor=plugin_def, status="ERROR", summary=utils.SmartStr(e), batch_size=len(results)) exceptions_by_plugin.setdefault(plugin_def, []).append(e) implementation.GRRHunt.PluginStatusCollectionForHID( hunt_urn, token=self.token).Add(plugin_status) if plugin_status.status == plugin_status.Status.ERROR: implementation.GRRHunt.PluginErrorCollectionForHID( hunt_urn, token=self.token).Add(plugin_status)
def RunPlugins(self, hunt_urn, plugins, results, exceptions_by_plugin): for plugin_def, plugin in plugins: try: plugin.ProcessResponses(results) plugin_status = output_plugin.OutputPluginBatchProcessingStatus( plugin_descriptor=plugin_def, status="SUCCESS", batch_size=len(results)) stats.STATS.IncrementCounter("hunt_results_ran_through_plugin", delta=len(results), fields=[plugin_def.plugin_name]) except Exception as e: # pylint: disable=broad-except plugin_status = output_plugin.OutputPluginBatchProcessingStatus( plugin_descriptor=plugin_def, status="ERROR", summary=utils.SmartStr(e), batch_size=len(results)) exceptions_by_plugin.setdefault(plugin_def, []).append(e) aff4.FACTORY.Open(hunt_urn.Add("OutputPluginsStatus"), "PluginStatusCollection", mode="w", token=self.token).Add(plugin_status) if plugin_status.status == plugin_status.Status.ERROR: aff4.FACTORY.Open(hunt_urn.Add("OutputPluginsErrors"), "PluginStatusCollection", mode="w", token=self.token).Add(plugin_status)
def ProcessRepliesWithOutputPlugins(self, replies): if not self.args.output_plugins or not replies: return for plugin_descriptor, plugin_state in self.context.output_plugins_states: output_plugin = plugin_descriptor.GetPluginForState(plugin_state) # Extend our lease if needed. self.flow_obj.HeartBeat() try: output_plugin.ProcessResponses(replies) output_plugin.Flush() log_item = output_plugin_lib.OutputPluginBatchProcessingStatus( plugin_descriptor=plugin_descriptor, status="SUCCESS", batch_size=len(replies)) # Proving default here to make graceful deployment possible. # TODO(user): remove default in Q1 2016. plugin_state.get("logs", []).append(log_item) self.Log("Plugin %s sucessfully processed %d flow replies.", plugin_descriptor, len(replies)) except Exception as e: # pylint: disable=broad-except error = output_plugin_lib.OutputPluginBatchProcessingStatus( plugin_descriptor=plugin_descriptor, status="ERROR", summary=utils.SmartStr(e), batch_size=len(replies)) # Proving default here to make graceful deployment possible. # TODO(user): remove default in Q1 2016. plugin_state.get("errors", []).append(error) self.Log("Plugin %s failed to process %d replies due to: %s", plugin_descriptor, len(replies), e)
def ApplyPluginsToBatch(self, hunt_urn, plugins, batch, batch_index): exceptions_by_plugin = {} for plugin_def, plugin in plugins: logging.debug("Processing hunt %s with %s, batch %d", hunt_urn, plugin_def.plugin_name, batch_index) try: plugin.ProcessResponses(batch) stats.STATS.IncrementCounter("hunt_results_ran_through_plugin", delta=len(batch), fields=[plugin_def.plugin_name]) plugin_status = output_plugin.OutputPluginBatchProcessingStatus( plugin_descriptor=plugin_def, status="SUCCESS", batch_index=batch_index, batch_size=len(batch)) except Exception as e: # pylint: disable=broad-except stats.STATS.IncrementCounter("hunt_output_plugin_errors", fields=[plugin_def.plugin_name]) plugin_status = output_plugin.OutputPluginBatchProcessingStatus( plugin_descriptor=plugin_def, status="ERROR", summary=utils.SmartStr(e), batch_index=batch_index, batch_size=len(batch)) logging.exception( "Error processing hunt results: hunt %s, " "plugin %s, batch %d", hunt_urn, plugin_def.plugin_name, batch_index) self.Log("Error processing hunt results (hunt %s, " "plugin %s, batch %d): %s" % (hunt_urn, plugin_def.plugin_name, batch_index, e)) exceptions_by_plugin[plugin_def] = e collections.PackedVersionedCollection.AddToCollection( self.StatusCollectionUrn(hunt_urn), [plugin_status], sync=False, token=self.token) if plugin_status.status == plugin_status.Status.ERROR: collections.PackedVersionedCollection.AddToCollection( self.ErrorsCollectionUrn(hunt_urn), [plugin_status], sync=False, token=self.token) return exceptions_by_plugin