def testWriteEventBody(self): """Tests the WriteEventBody function.""" formatters_manager.FormattersManager.RegisterFormatter( TestEventFormatter) event_object = TestEvent() filter_object = FakeFilter([ u'date', u'time', u'timezone', u'macb', u'source', u'sourcetype', u'type', u'user', u'host', u'message_short', u'message', u'filename', u'inode', u'notes', u'format', u'extra']) output_mediator = self._CreateOutputMediator() output_writer = cli_test_lib.TestOutputWriter() output_module = dynamic.DynamicOutputModule( output_mediator, fields_filter=filter_object, output_writer=output_writer) output_module.WriteHeader() expected_header = ( b'date,time,timezone,macb,source,sourcetype,type,user,host,' b'message_short,message,filename,inode,notes,format,extra\n') header = output_writer.ReadOutput() self.assertEqual(header, expected_header) output_module.WriteEventBody(event_object) expected_event_body = ( b'2012-06-27,18:17:01,UTC,..C.,LOG,Syslog,Metadata Modification Time,-,' b'ubuntu,Reporter <CRON> PID: 8442 (pam_unix(cron:session): session ' b'closed for user root),Reporter <CRON> PID: 8442 ' b'(pam_unix(cron:session): session closed for user root),log/syslog.1' b',-,-,-,-\n') event_body = output_writer.ReadOutput() self.assertEqual(event_body, expected_event_body) filter_object = FakeFilter([ u'datetime', u'nonsense', u'hostname', u'message']) output_mediator = self._CreateOutputMediator() output_writer = cli_test_lib.TestOutputWriter() output_module = dynamic.DynamicOutputModule( output_mediator, fields_filter=filter_object, output_writer=output_writer) expected_header = b'datetime,nonsense,hostname,message\n' output_module.WriteHeader() header = output_writer.ReadOutput() self.assertEqual(header, expected_header) expected_event_body = ( b'2012-06-27T18:17:01+00:00,-,ubuntu,Reporter <CRON> PID: 8442' b' (pam_unix(cron:session): session closed for user root)\n') output_module.WriteEventBody(event_object) event_body = output_writer.ReadOutput() self.assertEqual(event_body, expected_event_body) formatters_manager.FormattersManager.DeregisterFormatter( TestEventFormatter)
def setUp(self): """Sets up the objects needed for this test.""" output_mediator = self._CreateOutputMediator() self._output_writer = cli_test_lib.TestOutputWriter() self._output_module = json_out.JsonOutputModule( output_mediator, output_writer=self._output_writer) self._event_object = JsonTestEvent()
def testFlush(self): """Test to ensure we empty our buffers and sends to output properly.""" output_mediator = self._CreateOutputMediator() output_writer = cli_test_lib.TestOutputWriter() output_module = TestOutputModule(output_mediator, output_writer=output_writer) event_buffer = interface.EventBuffer(output_module, False) event_buffer.Append(TestEvent(123456, u'Now is now')) self._CheckBufferLength(event_buffer, 1) # Add three events. event_buffer.Append(TestEvent(123456, u'OMG I AM DIFFERENT')) event_buffer.Append(TestEvent(123456, u'Now is now')) event_buffer.Append(TestEvent(123456, u'Now is now')) self._CheckBufferLength(event_buffer, 2) event_buffer.Flush() self._CheckBufferLength(event_buffer, 0) event_buffer.Append(TestEvent(123456, u'Now is now')) event_buffer.Append(TestEvent(123456, u'Now is now')) event_buffer.Append(TestEvent(123456, u'Different again :)')) self._CheckBufferLength(event_buffer, 2) event_buffer.Append(TestEvent(123457, u'Now is different')) self._CheckBufferLength(event_buffer, 1)
def setUp(self): """Sets up the objects needed for this test.""" output_mediator = self._CreateOutputMediator() self._output_writer = cli_test_lib.TestOutputWriter() self.formatter = l2t_csv.L2TCSVOutputModule( output_mediator, output_writer=self._output_writer) self.event_object = L2tTestEvent()
def testPrintColumnValue(self): """Tests the PrintColumnValue function.""" output_writer = test_lib.TestOutputWriter() cli_tool = tools.CLITool(output_writer=output_writer) cli_tool.PrintColumnValue(u'Name', u'Description') string = output_writer.ReadOutput() expected_string = b' Name : Description\n' self.assertEqual(string, expected_string) cli_tool.PrintColumnValue(u'Name', u'Description', column_width=10) string = output_writer.ReadOutput() expected_string = b' Name : Description\n' self.assertEqual(string, expected_string) with self.assertRaises(ValueError): cli_tool.PrintColumnValue(u'Name', u'Description', column_width=-10) # TODO: determine if this is the desired behavior. cli_tool.PrintColumnValue(u'Name', u'Description', column_width=100) string = output_writer.ReadOutput() expected_string = ( b' ' b' Name : \n' b' ' b' Description\n') self.assertEqual(string, expected_string)
def testOutput(self): """Testing if psort can output data.""" formatters_manager.FormattersManager.RegisterFormatter( PsortTestEventFormatter) events = [] events.append(PsortTestEvent(5134324321)) events.append(PsortTestEvent(2134324321)) events.append(PsortTestEvent(9134324321)) events.append(PsortTestEvent(15134324321)) events.append(PsortTestEvent(5134324322)) events.append(PsortTestEvent(5134024321)) output_writer = cli_test_lib.TestOutputWriter() with test_lib.TempDirectory() as dirname: temp_file = os.path.join(dirname, u'plaso.db') storage_file = storage.StorageFile(temp_file, read_only=False) pfilter.TimeRangeCache.ResetTimeConstraints() storage_file.SetStoreLimit() storage_file.AddEventObjects(events) storage_file.Close() with storage.StorageFile(temp_file) as storage_file: storage_file.store_range = [1] output_mediator_object = output_mediator.OutputMediator( self._formatter_mediator, storage_file) output_module = TestOutputModule(output_mediator_object, output_writer=output_writer) event_buffer = TestEventBuffer(output_module, check_dedups=False, store=storage_file) self._front_end.ProcessOutput(storage_file, event_buffer) event_buffer.Flush() lines = [] output = output_writer.ReadOutput() for line in output.split(b'\n'): if line == b'.': continue if line: lines.append(line) # One more line than events (header row). self.assertEqual(len(lines), 7) self.assertTrue(b'My text goes along: My text dude. lines' in lines[2]) self.assertTrue(b'LOG/' in lines[2]) self.assertTrue(b'None in Particular' in lines[2]) self.assertEqual(lines[0], ( b'date,time,timezone,MACB,source,sourcetype,type,user,host,short,desc,' b'version,filename,inode,notes,format,extra')) formatters_manager.FormattersManager.DeregisterFormatter( PsortTestEventFormatter)
def testPrintSeparatorLine(self): """Tests the PrintSeparatorLine function.""" output_writer = test_lib.TestOutputWriter() cli_tool = tools.CLITool(output_writer=output_writer) cli_tool.PrintSeparatorLine() string = output_writer.ReadOutput() expected_string = (b'----------------------------------------' b'----------------------------------------\n') self.assertEqual(string, expected_string)
def testHeader(self): """Tests the WriteHeader function.""" output_mediator = self._CreateOutputMediator() output_writer = cli_test_lib.TestOutputWriter() output_module = dynamic.DynamicOutputModule( output_mediator, output_writer=output_writer) expected_header = ( b'datetime,timestamp_desc,source,source_long,message,parser,' b'display_name,tag,store_number,store_index\n') output_module.WriteHeader() header = output_writer.ReadOutput() self.assertEqual(header, expected_header) filter_object = FakeFilter([ u'date', u'time', u'message', u'hostname', u'filename', u'some_stuff']) output_mediator = self._CreateOutputMediator() output_writer = cli_test_lib.TestOutputWriter() output_module = dynamic.DynamicOutputModule( output_mediator, fields_filter=filter_object, output_writer=output_writer) expected_header = b'date,time,message,hostname,filename,some_stuff\n' output_module.WriteHeader() header = output_writer.ReadOutput() self.assertEqual(header, expected_header) filter_object = FakeFilter( [u'date', u'time', u'message', u'hostname', u'filename', u'some_stuff'], separator='@') output_mediator = self._CreateOutputMediator() output_writer = cli_test_lib.TestOutputWriter() output_module = dynamic.DynamicOutputModule( output_mediator, fields_filter=filter_object, output_writer=output_writer) expected_header = b'date@time@message@hostname@filename@some_stuff\n' output_module.WriteHeader() header = output_writer.ReadOutput() self.assertEqual(header, expected_header)
def testPrintHeader(self): """Tests the PrintHeader function.""" output_writer = test_lib.TestOutputWriter() cli_tool = tools.CLITool(output_writer=output_writer) cli_tool.PrintHeader(u'Text') string = output_writer.ReadOutput() expected_string = (b'\n' b'************************************* ' b'Text ' b'*************************************\n') self.assertEqual(string, expected_string) cli_tool.PrintHeader(u'Another Text', character=u'x') string = output_writer.ReadOutput() expected_string = (b'\n' b'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ' b'Another Text ' b'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n') self.assertEqual(string, expected_string) # TODO: determine if this is the desired behavior. cli_tool.PrintHeader(u'') string = output_writer.ReadOutput() expected_string = (b'\n' b'*************************************** ' b' ' b'***************************************\n') self.assertEqual(string, expected_string) # TODO: determine if this is the desired behavior. cli_tool.PrintHeader(None) string = output_writer.ReadOutput() expected_string = (b'\n' b'************************************* ' b'None ' b'*************************************\n') self.assertEqual(string, expected_string) # TODO: determine if this is the desired behavior. expected_string = ( u'\n ' u'In computer programming, a string is traditionally a sequence ' u'of characters, either as a literal constant or as some kind of ' u'variable. \n') cli_tool.PrintHeader(expected_string[2:-2]) string = output_writer.ReadOutput() self.assertEqual(string, expected_string)
def testOutput(self): """Tests an implementation of output module.""" events = [ TestEvent(123456, u'My Event Is Now!'), TestEvent(123458, u'There is no tomorrow.'), TestEvent(123462, u'Tomorrow is now.'), TestEvent(123489, u'This is just some stuff to fill the line.') ] output_mediator = self._CreateOutputMediator() output_writer = cli_test_lib.TestOutputWriter() output_module = TestOutputModule(output_mediator, output_writer=output_writer) output_module.WriteHeader() for event_object in events: output_module.WriteEvent(event_object) output_module.WriteFooter() expected_output = ( b'<EventFile>\n' b'<Event>\n' b'\t<Date>03/01/2012</Date>\n' b'\t<Time>123456</Time>\n' b'\t<Entry>My Event Is Now!</Entry>\n' b'</Event>\n' b'<Event>\n' b'\t<Date>03/01/2012</Date>\n' b'\t<Time>123458</Time>\n' b'\t<Entry>There is no tomorrow.</Entry>\n' b'</Event>\n' b'<Event>\n' b'\t<Date>03/01/2012</Date>\n' b'\t<Time>123462</Time>\n' b'\t<Entry>Tomorrow is now.</Entry>\n' b'</Event>\n' b'<Event>\n' b'\t<Date>03/01/2012</Date>\n' b'\t<Time>123489</Time>\n' b'\t<Entry>This is just some stuff to fill the line.</Entry>\n' b'</Event>\n' b'</EventFile>\n') output = output_writer.ReadOutput() self.assertEqual(output, expected_output)
def testWriteUtf8(self): """Tests the Write function with UTF-8 encoding.""" output_writer = test_lib.TestOutputWriter() output_writer.Write(u'A first string\n') string = output_writer.ReadOutput() self.assertEqual(string, b'A first string\n') # Byte string with ASCII characters. output_writer.Write(b'A 2nd string\n') string = output_writer.ReadOutput() self.assertEqual(string, b'A 2nd string\n') # Unicode string with non-ASCII characters. output_writer.Write(u'þriðja string\n') string = output_writer.ReadOutput() self.assertEqual(string, b'\xc3\xberi\xc3\xb0ja string\n') # Byte string with non-ASCII characters. with self.assertRaises(UnicodeDecodeError): # This fails because the byte string cannot be converted to # a Unicode string before the call to encode(). output_writer.Write(b'\xc3\xberi\xc3\xb0ja string\n')
def testPrintStorageInformation(self): """Tests the PrintStorageInformation function.""" # Make sure the test outputs UTF-8. output_writer = cli_test_lib.TestOutputWriter(encoding=u'utf-8') test_tool = pinfo.PinfoTool(output_writer=output_writer) options = frontend.Options() options.storage_file = self._GetTestFilePath([u'psort_test.out']) test_tool.ParseOptions(options) test_tool.PrintStorageInformation() # TODO: clean up output so that u'...' is not generated. expected_output = ( b'---------------------------------------------------------------------' b'-----------\n' b'\t\tPlaso Storage Information\n' b'---------------------------------------------------------------------' b'-----------\n' b'Storage file:\t\t{0:s}\n' b'Source processed:\tsyslog\nTime of processing:\t' b'2014-02-15T04:33:16+00:00\n' b'\n' b'Collection information:\n' b'\tparser_selection = \n' b'\tos_detected = N/A\n' b'\tconfigured_zone = UTC\n' b'\tdebug = False\n' b'\tparsers = [u\'sqlite\', u\'winfirewall\', u\'selinux\', ' b'u\'recycle_bin\', u\'filestat\', u\'syslog\', u\'lnk\', ' b'u\'xchatscrollback\', u\'symantec_scanlog\', u\'recycle_bin_info2\', ' b'u\'winevtx\', u\'plist\', u\'bsm_log\', u\'mac_keychain\', ' b'u\'mac_securityd\', u\'utmp\', u\'asl_log\', u\'opera_global\', ' b'u\'winjob\', u\'prefetch\', u\'winreg\', u\'msiecf\', u\'bencode\', ' b'u\'skydrive_log\', u\'openxml\', u\'utmpx\', u\'winevt\', ' b'u\'hachoir\', u\'opera_typed_history\', u\'mac_appfirewall_log\', ' b'u\'olecf\', u\'xchatlog\', u\'macwifi\', u\'mactime\', ' b'u\'java_idx\', u\'mcafee_protection\', u\'skydrive_log_error\']\n' b'\tprotobuf_size = 300\n' b'\tvss parsing = False\n' b'\trecursive = False\n' b'\tpreferred_encoding = UTF-8\n' b'\tworkers = 12\n' b'\toutput_file = psort_test.out\n' b'\tversion = 1.1.0-dev_20140213\n' b'\tcmd_line = /usr/local/bin/log2timeline.py psort_test.out syslog ' b'--buffer_size=300\n' b'\tpreprocess = False\n' b'\truntime = multi threaded\n' b'\tmethod = OS collection\n' b'\n' b'Parser counter information:\n' b'\tCounter: total = 15\n' b'\tCounter: syslog = 12\n' b'\tCounter: filestat = 3\n' b'\n' b'Store information:\n' b'\tNumber of available stores: 7\n' b'\tStore information details omitted (to see use: --verbose)\n' b'\n' b'Preprocessing information omitted (to see use: --verbose).\n' b'\n' b'No reports stored.\n' b'-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+' b'-+-+-+-+-+-+').format(options.storage_file.encode(u'utf-8')) output = output_writer.ReadOutput() self.assertEqual(output, expected_output)