예제 #1
0
 def _get_suitable_palettes(self, tile_pal: OrderedSet) -> List[int]:
     """
     Check which palettes contain all colors of tile_pal.
     If tile_pal is instead a superset of any of the palettes, those palettes are updated with the colors
     from tile_pal.
     """
     possible = []
     for p_idx, p in enumerate(self.palettes):
         if tile_pal.issubset(p):
             possible.append(p_idx)
         elif tile_pal.issuperset(p):
             self.palettes[p_idx] = p.union(tile_pal)
             possible.append(p_idx)
     return possible
예제 #2
0
def main():
    errCode = os.EX_DATAERR

    dataError = False
    zeekLogFields = defaultdict(list)

    # load from json canonical list of known zeek log fields we're concerned with mapping
    zeekLogFieldsTmp = json.load(open(FIELDS_JSON_FILE, 'r'))
    if isinstance(zeekLogFieldsTmp, dict):
        for logType, listOfFieldLists in zeekLogFieldsTmp.items():
            if isinstance(logType, str) and isinstance(listOfFieldLists, list):
                zeekLogFields[str(logType)] = [
                    OrderedSet(fieldList) for fieldList in listOfFieldLists
                ]
            else:
                dataError = True
                break
    else:
        dataError = True

    if dataError:
        # something is wrong with the json file
        eprint("Error loading {} (not found or incorrectly formatted)".format(
            FIELDS_JSON_FILE))

    else:
        if (len(sys.argv) == 2) and os.path.isfile(sys.argv[1]):

            fieldsBitmap = 0

            # loop over header lines in zeek log file (beginning with '#') and extract the header values
            # into a dictionary containing, among other things:
            #   - the "path" which is the zeek log type (eg., conn, weird, etc.)
            #   - the "fields" list of field names
            headers = {}
            with open(sys.argv[1], "r") as zeekLogFile:
                for line in zeekLogFile:
                    if line.startswith('#'):
                        values = line.strip().split(ZEEK_LOG_DELIMITER)
                        key = values.pop(0)[1:]
                        if (len(values) == 1):
                            headers[key] = values[0]
                        else:
                            headers[key] = values
                    else:
                        break

            if ((ZEEK_LOG_HEADER_LOGTYPE in headers)
                    and  # the "path" header exists
                (ZEEK_LOG_HEADER_FIELDS
                 in headers) and  # the "fields" header exists
                (headers[ZEEK_LOG_HEADER_LOGTYPE] in zeekLogFields)
                ):  # this zeek log type is one we're concerned with mapping

                # the set of field names in *this* log file
                logFieldNames = OrderedSet(headers[ZEEK_LOG_HEADER_FIELDS])

                for versionIdx, allFieldNames in reversed(
                        list(
                            enumerate(zeekLogFields[
                                headers[ZEEK_LOG_HEADER_LOGTYPE]]))):

                    # are this logfile's fields a subset of the complete list?
                    if logFieldNames.issubset(allFieldNames):

                        # determine which fields in the complete list are included in this log file
                        for i, fName in enumerate(allFieldNames):
                            fieldsBitmap = set_bit(fieldsBitmap, i, fName
                                                   in logFieldNames)

                        # eprint(fieldsBitmap)
                        print('{0}x{1:02X}x{2:08X}'.format(
                            ZEEK_LOG_BITMAP_PREFIX, versionIdx, fieldsBitmap))
                        errCode = os.EX_OK

        else:
            # invalid command-line arguments
            eprint("{} <Zeek log file>".format(sys.argv[0]))
            errCode = os.EX_USAGE

    return errCode
예제 #3
0
 def check_cols(cols):
     subset = OrderedSet(args)
     if subset.issubset(cols):
         return subset
     else:
         raise ValueError