def open_image(filename): if not options.subsys: io=open(filename, 'r') else: import Registry, FlagFramework, IO Registry.Init() driver = Registry.IMAGES.dispatch(options.subsys)() q = FlagFramework.query_type(filename = filename) io = driver.open(None, None, q) return io
def open_image(filename): if not options.subsys: io = open(filename, 'r') else: import Registry, FlagFramework, IO Registry.Init() driver = Registry.IMAGES.dispatch(options.subsys)() q = FlagFramework.query_type(filename=filename) io = driver.open(None, None, q) return io
def open_image(filename, subsys): print "Opening image %s" % filename if not subsys: io = open(filename, 'r') else: import Registry, FlagFramework, IO Registry.Init() driver = Registry.IMAGES.dispatch(subsys)() q = FlagFramework.query_type(filename=filename) io = driver.open(None, None, q) return io
def open_image(filename, subsys): print "Opening image %s" % filename if not subsys: io=open(filename, 'r') else: import Registry, FlagFramework, IO Registry.Init() driver = Registry.IMAGES.dispatch(subsys)() q = FlagFramework.query_type(filename = filename) io = driver.open(None, None, q) return io
def form(self, query, result): def test(query, result): self.parse(query) result.text( "The following is the result of importing the first few lines from the log file into the database.\nPlease check that the importation was successfull before continuing.\n\n" ) result.text( "You can adjust the year of the syslog below. Please note it does currently assume that all entries are from the one year.\n" ) result.textfield("Year of syslog:", 'year_of_syslog') self.display_test_log(result) return True result.wizard( names=[ "Step 1: Select Log File", "Step 2: View Preview", "Step 3: Save Preset", "Step 4: End" ], callbacks=[ LogFile.get_file, test, FlagFramework.Curry(LogFile.save_preset, log=self), LogFile.end ], )
if config.mode == 'dll': import FileFormats.PElib as PElib import FlagFramework dbh = DB.DBO() dbh.execute("""CREATE TABLE if not exists `EventMessages` ( `filename` VARCHAR( 50 ) NOT NULL , `message_id` INT unsigned NOT NULL , `message` TEXT NOT NULL , `offset` INT NOT NULL, UNIQUE KEY `filename,message_id` (`filename`,`message_id`) ) """) Magic = FlagFramework.Magic() for directory in config.args: for F in recurse(directory): f = F.lower() fd = open(F) data = fd.read(1024) magic = Magic.buffer(data) if "PE" in magic: fd.seek(0) b = Buffer(fd=fd) logging.log(logging.DEBUG, "Opening %s to extract messages" % F) dbh.mass_insert_start('EventMessages') try: