def stop_processing_handler(self, event): log_path = os.path.join(self.configuration['results_folder'], "network.log") self.logger.debug("Event %s: waiting Pcap analysis.", event) collect_process_output(self.analysis_process, log_path)
def process_memory_snapshot(snapshot_path, profile, plugin): process = launch_process('volatility', '--profile=%s' % profile, '--filename=%s' % snapshot_path, plugin) file_name = '%s_%s.log' % (snapshot_path.split('.')[0], plugin) collect_process_output(process, file_name)
def snapshot_to_checkpoint(volume, snapshot, folder_path): """Turns a QEMU internal snapshot into a QCOW file.""" create_folder(folder_path) name = snapshot.getName() path = os.path.join(folder_path, '%s.qcow2' % name) process = launch_process(QEMU_IMG, "convert", "-f", "qcow2", "-o", "backing_file=%s" % volume_backing_path(volume), "-O", "qcow2", "-s", name, volume_path(volume), path) collect_process_output(process) return path