def Start(self):
super(OsqueryFlow,
self).Start(file_size=FILE_COLLECTION_MAX_SINGLE_FILE_BYTES)
self.state.progress = rdf_osquery.OsqueryProgress()
if len(self.args.file_collection_columns) > FILE_COLLECTION_MAX_COLUMNS:
message = ("Requested file collection for "
f"{len(self.args.file_collection_columns)} columns, "
f"but the limit is {FILE_COLLECTION_MAX_COLUMNS} columns.")
self._UpdateProgressWithError(message)
raise FileCollectionLimitsExceeded(message)
self.state.path_to_count = {}
self.state.total_collected_bytes = 0
action_args = rdf_osquery.OsqueryArgs(
query=self.args.query, timeout_millis=self.args.timeout_millis)
self.CallClient(
server_stubs.Osquery,
request=action_args,
next_state=compatibility.GetName(self.Process))
def _Query(query, **kwargs):
args = rdf_osquery.OsqueryArgs(query=query, **kwargs)
return list(osquery.Osquery().Process(args))
def _Query(query: Text, **kwargs) -> List[rdf_osquery.OsqueryResult]:
args = rdf_osquery.OsqueryArgs(query=query, **kwargs)
return list(osquery.Osquery().Process(args))
