def testParse(self):
"""Tests the Parse function."""
parser_object = popcontest.PopularityContestParser()
test_file = self._GetTestFilePath([u'popcontest1.log'])
event_queue_consumer = self._ParseFile(parser_object, test_file)
event_objects = self._GetEventObjectsFromQueue(event_queue_consumer)
self.assertEqual(len(event_objects), 22)
event_object = event_objects[0]
self.assertEqual(event_object.timestamp_desc,
eventdata.EventTimestamp.ADDED_TIME)
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2010-06-22 05:41:41')
self.assertEqual(event_object.timestamp, expected_timestamp)
expected_string = (
u'Session 0 start '
u'ID 12345678901234567890123456789012 [ARCH:i386 POPCONVER:1.38]')
expected_short_string = u'Session 0 start'
self._TestGetMessageStrings(event_object, expected_string,
expected_short_string)
event_object = event_objects[1]
self.assertEqual(event_object.timestamp_desc,
eventdata.EventTimestamp.ACCESS_TIME)
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2010-06-22 07:34:42')
self.assertEqual(event_object.timestamp, expected_timestamp)
expected_string = u'mru [/usr/sbin/atd] package [at]'
expected_short_string = u'/usr/sbin/atd'
self._TestGetMessageStrings(event_object, expected_string,
expected_short_string)
event_object = event_objects[3]
self.assertEqual(event_object.timestamp_desc,
eventdata.EventTimestamp.ACCESS_TIME)
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2010-06-22 07:34:43')
self.assertEqual(event_object.timestamp, expected_timestamp)
expected_string = (u'mru [/usr/lib/python2.5/lib-dynload/_struct.so] '
u'package [python2.5-minimal]')
expected_short_string = u'/usr/lib/python2.5/lib-dynload/_struct.so'
self._TestGetMessageStrings(event_object, expected_string,
expected_short_string)
event_object = event_objects[5]
self.assertEqual(event_object.timestamp_desc,
eventdata.EventTimestamp.ACCESS_TIME)
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2010-05-30 05:26:20')
self.assertEqual(event_object.timestamp, expected_timestamp)
expected_string = (
u'mru [/usr/bin/empathy] package [empathy] tag [RECENT-CTIME]')
expected_short_string = u'/usr/bin/empathy'
self._TestGetMessageStrings(event_object, expected_string,
expected_short_string)
event_object = event_objects[6]
self.assertEqual(event_object.timestamp_desc,
eventdata.EventTimestamp.ENTRY_MODIFICATION_TIME)
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2010-05-30 05:27:43')
self.assertEqual(event_object.timestamp, expected_timestamp)
expected_string = (
u'mru [/usr/bin/empathy] package [empathy] tag [RECENT-CTIME]')
expected_short_string = u'/usr/bin/empathy'
self._TestGetMessageStrings(event_object, expected_string,
expected_short_string)
event_object = event_objects[11]
self.assertEqual(event_object.timestamp_desc,
eventdata.EventTimestamp.ACCESS_TIME)
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2010-05-12 07:58:33')
self.assertEqual(event_object.timestamp, expected_timestamp)
expected_string = u'mru [/usr/bin/orca] package [gnome-orca] tag [OLD]'
expected_short_string = u'/usr/bin/orca'
self._TestGetMessageStrings(event_object, expected_string,
expected_short_string)
event_object = event_objects[13]
self.assertEqual(event_object.timestamp_desc,
eventdata.EventTimestamp.ADDED_TIME)
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2010-06-22 05:41:41')
self.assertEqual(event_object.timestamp, expected_timestamp)
expected_string = u'Session 0 end'
expected_short_string = expected_string
self._TestGetMessageStrings(event_object, expected_string,
expected_short_string)
event_object = event_objects[14]
self.assertEqual(event_object.timestamp_desc,
eventdata.EventTimestamp.ADDED_TIME)
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2010-06-22 05:41:41')
self.assertEqual(event_object.timestamp, expected_timestamp)
expected_string = (
u'Session 1 start '
u'ID 12345678901234567890123456789012 [ARCH:i386 POPCONVER:1.38]')
expected_short_string = u'Session 1 start'
self._TestGetMessageStrings(event_object, expected_string,
expected_short_string)
event_object = event_objects[15]
self.assertEqual(event_object.timestamp_desc,
eventdata.EventTimestamp.ACCESS_TIME)
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2010-06-22 07:34:42')
self.assertEqual(event_object.timestamp, expected_timestamp)
expected_string = u'mru [/super/cool/plasuz] package [plaso]'
expected_short_string = u'/super/cool/plasuz'
self._TestGetMessageStrings(event_object, expected_string,
expected_short_string)
event_object = event_objects[18]
self.assertEqual(event_object.timestamp_desc,
eventdata.EventTimestamp.ACCESS_TIME)
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2010-04-06 12:25:42')
self.assertEqual(event_object.timestamp, expected_timestamp)
expected_string = u'mru [/super/cool/plasuz] package [miss_ctime]'
expected_short_string = u'/super/cool/plasuz'
self._TestGetMessageStrings(event_object, expected_string,
expected_short_string)
event_object = event_objects[19]
self.assertEqual(event_object.timestamp_desc,
eventdata.EventTimestamp.ACCESS_TIME)
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2010-05-12 07:58:33')
self.assertEqual(event_object.timestamp, expected_timestamp)
expected_string = u'mru [/super/cóól] package [plaso] tag [WRONG_TAG]'
expected_short_string = u'/super/cóól'
self._TestGetMessageStrings(event_object, expected_string,
expected_short_string)
event_object = event_objects[21]
self.assertEqual(event_object.timestamp_desc,
eventdata.EventTimestamp.ADDED_TIME)
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2010-06-22 05:41:41')
self.assertEqual(event_object.timestamp, expected_timestamp)
expected_string = u'Session 1 end'
expected_short_string = expected_string
self._TestGetMessageStrings(event_object, expected_string,
expected_short_string)
def testParse(self):
"""Tests the Parse function."""
parser = popcontest.PopularityContestParser()
storage_writer = self._ParseFile(['popcontest1.log'], parser)
self.assertEqual(storage_writer.number_of_warnings, 0)
self.assertEqual(storage_writer.number_of_events, 22)
events = list(storage_writer.GetEvents())
event = events[0]
self.CheckTimestamp(event.timestamp, '2010-06-22 05:41:41.000000')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_ADDED)
expected_message = (
'Session 0 start '
'ID 12345678901234567890123456789012 [ARCH:i386 POPCONVER:1.38]')
expected_short_message = 'Session 0 start'
self._TestGetMessageStrings(event, expected_message,
expected_short_message)
event = events[1]
self.CheckTimestamp(event.timestamp, '2010-06-22 07:34:42.000000')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_LAST_ACCESS)
expected_message = 'mru [/usr/sbin/atd] package [at]'
expected_short_message = '/usr/sbin/atd'
self._TestGetMessageStrings(event, expected_message,
expected_short_message)
event = events[3]
self.CheckTimestamp(event.timestamp, '2010-06-22 07:34:43.000000')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_LAST_ACCESS)
expected_message = ('mru [/usr/lib/python2.5/lib-dynload/_struct.so] '
'package [python2.5-minimal]')
expected_short_message = '/usr/lib/python2.5/lib-dynload/_struct.so'
self._TestGetMessageStrings(event, expected_message,
expected_short_message)
event = events[5]
self.CheckTimestamp(event.timestamp, '2010-05-30 05:26:20.000000')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_LAST_ACCESS)
expected_message = (
'mru [/usr/bin/empathy] package [empathy] tag [RECENT-CTIME]')
expected_short_message = '/usr/bin/empathy'
self._TestGetMessageStrings(event, expected_message,
expected_short_message)
event = events[6]
self.CheckTimestamp(event.timestamp, '2010-05-30 05:27:43.000000')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_ENTRY_MODIFICATION)
expected_message = (
'mru [/usr/bin/empathy] package [empathy] tag [RECENT-CTIME]')
expected_short_message = '/usr/bin/empathy'
self._TestGetMessageStrings(event, expected_message,
expected_short_message)
event = events[11]
self.CheckTimestamp(event.timestamp, '2010-05-12 07:58:33.000000')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_LAST_ACCESS)
expected_message = 'mru [/usr/bin/orca] package [gnome-orca] tag [OLD]'
expected_short_message = '/usr/bin/orca'
self._TestGetMessageStrings(event, expected_message,
expected_short_message)
event = events[13]
self.CheckTimestamp(event.timestamp, '2010-06-22 05:41:41.000000')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_ADDED)
expected_message = 'Session 0 end'
expected_short_message = expected_message
self._TestGetMessageStrings(event, expected_message,
expected_short_message)
event = events[14]
self.CheckTimestamp(event.timestamp, '2010-06-22 05:41:41.000000')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_ADDED)
expected_message = (
'Session 1 start '
'ID 12345678901234567890123456789012 [ARCH:i386 POPCONVER:1.38]')
expected_short_message = 'Session 1 start'
self._TestGetMessageStrings(event, expected_message,
expected_short_message)
event = events[15]
self.CheckTimestamp(event.timestamp, '2010-06-22 07:34:42.000000')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_LAST_ACCESS)
expected_message = 'mru [/super/cool/plasuz] package [plaso]'
expected_short_message = '/super/cool/plasuz'
self._TestGetMessageStrings(event, expected_message,
expected_short_message)
event = events[18]
self.CheckTimestamp(event.timestamp, '2010-04-06 12:25:42.000000')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_LAST_ACCESS)
expected_message = 'mru [/super/cool/plasuz] package [miss_ctime]'
expected_short_message = '/super/cool/plasuz'
self._TestGetMessageStrings(event, expected_message,
expected_short_message)
event = events[19]
self.CheckTimestamp(event.timestamp, '2010-05-12 07:58:33.000000')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_LAST_ACCESS)
expected_message = 'mru [/super/cóól] package [plaso] tag [WRONG_TAG]'
expected_short_message = '/super/cóól'
self._TestGetMessageStrings(event, expected_message,
expected_short_message)
event = events[21]
self.CheckTimestamp(event.timestamp, '2010-06-22 05:41:41.000000')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_ADDED)
expected_message = 'Session 1 end'
expected_short_message = expected_message
self._TestGetMessageStrings(event, expected_message,
expected_short_message)
def testParse(self):
"""Tests the Parse function."""
parser = popcontest.PopularityContestParser()
storage_writer = self._ParseFile(['popcontest1.log'], parser)
number_of_events = storage_writer.GetNumberOfAttributeContainers(
'event')
self.assertEqual(number_of_events, 22)
number_of_warnings = storage_writer.GetNumberOfAttributeContainers(
'extraction_warning')
self.assertEqual(number_of_warnings, 0)
number_of_warnings = storage_writer.GetNumberOfAttributeContainers(
'recovery_warning')
self.assertEqual(number_of_warnings, 0)
events = list(storage_writer.GetEvents())
expected_event_values = {
'data_type': 'popularity_contest:session:event',
'date_time': '2010-06-22 05:41:41',
'details': 'ARCH:i386 POPCONVER:1.38',
'hostid': '12345678901234567890123456789012',
'session': '0',
'status': 'start',
'timestamp_desc': definitions.TIME_DESCRIPTION_ADDED
}
self.CheckEventValues(storage_writer, events[0], expected_event_values)
expected_event_values = {
'data_type': 'popularity_contest:log:event',
'date_time': '2010-06-22 07:34:42',
'mru': '/usr/sbin/atd',
'package': 'at',
'timestamp_desc': definitions.TIME_DESCRIPTION_LAST_ACCESS
}
self.CheckEventValues(storage_writer, events[1], expected_event_values)
expected_event_values = {
'data_type': 'popularity_contest:log:event',
'date_time': '2010-06-22 07:34:43',
'mru': '/usr/lib/python2.5/lib-dynload/_struct.so',
'package': 'python2.5-minimal',
'timestamp_desc': definitions.TIME_DESCRIPTION_LAST_ACCESS
}
self.CheckEventValues(storage_writer, events[3], expected_event_values)
expected_event_values = {
'data_type': 'popularity_contest:log:event',
'date_time': '2010-05-30 05:26:20',
'mru': '/usr/bin/empathy',
'package': 'empathy',
'record_tag': 'RECENT-CTIME',
'timestamp_desc': definitions.TIME_DESCRIPTION_LAST_ACCESS
}
self.CheckEventValues(storage_writer, events[5], expected_event_values)
expected_event_values = {
'data_type': 'popularity_contest:log:event',
'date_time': '2010-05-30 05:27:43',
'mru': '/usr/bin/empathy',
'package': 'empathy',
'record_tag': 'RECENT-CTIME',
'timestamp_desc': definitions.TIME_DESCRIPTION_ENTRY_MODIFICATION
}
self.CheckEventValues(storage_writer, events[6], expected_event_values)
expected_event_values = {
'data_type': 'popularity_contest:log:event',
'date_time': '2010-05-12 07:58:33',
'mru': '/usr/bin/orca',
'package': 'gnome-orca',
'record_tag': 'OLD',
'timestamp_desc': definitions.TIME_DESCRIPTION_LAST_ACCESS
}
self.CheckEventValues(storage_writer, events[11],
expected_event_values)
expected_event_values = {
'data_type': 'popularity_contest:session:event',
'date_time': '2010-06-22 05:41:41',
'session': '0',
'status': 'end',
'timestamp_desc': definitions.TIME_DESCRIPTION_ADDED
}
self.CheckEventValues(storage_writer, events[13],
expected_event_values)
expected_event_values = {
'data_type': 'popularity_contest:session:event',
'date_time': '2010-06-22 05:41:41',
'details': 'ARCH:i386 POPCONVER:1.38',
'hostid': '12345678901234567890123456789012',
'session': '1',
'status': 'start',
'timestamp_desc': definitions.TIME_DESCRIPTION_ADDED
}
self.CheckEventValues(storage_writer, events[14],
expected_event_values)
expected_event_values = {
'data_type': 'popularity_contest:log:event',
'date_time': '2010-06-22 07:34:42',
'mru': '/super/cool/plasuz',
'package': 'plaso',
'timestamp_desc': definitions.TIME_DESCRIPTION_LAST_ACCESS
}
self.CheckEventValues(storage_writer, events[15],
expected_event_values)
expected_event_values = {
'data_type': 'popularity_contest:log:event',
'date_time': '2010-04-06 12:25:42',
'mru': '/super/cool/plasuz',
'package': 'miss_ctime',
'timestamp_desc': definitions.TIME_DESCRIPTION_LAST_ACCESS
}
self.CheckEventValues(storage_writer, events[18],
expected_event_values)
expected_event_values = {
'data_type': 'popularity_contest:log:event',
'date_time': '2010-05-12 07:58:33',
'mru': '/super/cóól',
'package': 'plaso',
'record_tag': 'WRONG_TAG',
'timestamp_desc': definitions.TIME_DESCRIPTION_LAST_ACCESS
}
self.CheckEventValues(storage_writer, events[19],
expected_event_values)
expected_event_values = {
'data_type': 'popularity_contest:session:event',
'date_time': '2010-06-22 05:41:41',
'session': '1',
'status': 'end',
'timestamp_desc': definitions.TIME_DESCRIPTION_ADDED
}
self.CheckEventValues(storage_writer, events[21],
expected_event_values)
def setUp(self): """Sets up the needed objects used throughout the test.""" self._parser = popcontest.PopularityContestParser()
def setUp(self):
"""Sets up the needed objects used throughout the test."""
pre_obj = event.PreprocessObject()
self._parser = popcontest.PopularityContestParser(pre_obj, None)
def setUp(self):
"""Makes preparations before running an individual test."""
self._parser = popcontest.PopularityContestParser()
