def _attributes(self):
attr = VMap()
attr.thisown = False
try:
vlist = Variant(self.evt_record.getStrings(), typeId.String)
vlist.thisown = False
attr["Log strings"] = vlist
except RuntimeError:
pass
s_name = Variant(self.evt_record.sourceName())
attr["Source name"] = s_name
c_name = Variant(self.evt_record.computerName())
attr["Computer name"] = c_name
event_type = Variant(self.evt_record.eventType())
attr["Event type"] = event_type
time_gen = Variant(self.evt_record.getTimeGenerated())
attr["Time generated"] = time_gen
time_written = Variant(self.evt_record.getTimeWritten())
attr["Time written"] = time_written
return attr
def attributes(self, node):
try:
classAttributes = self.nodeAttributes[node.uid()]
return classAttributes._attributes()
except KeyError:
attr = VMap()
attr.thisown = False
return attr
def attributes(self, node):
try:
classAttributes = self.nodeAttributes[long(node.this)]
return classAttributes._attributes()
except KeyError:
attr = VMap()
attr.thisown = False
return attr
def attributes(self, node):
attr = VMap()
attr.thisown = False
file = node.open()
parser = guessParser(StringInputStream(file.read()))
file.close()
if not parser:
attr["info"] = Variant("unable to read metadata")
return attr
try:
metadata = extractMetadata(parser)
for data in metadata:
if not(any(data.values)):
continue
attr[data.key] = Variant("; ".join([str(val.value) for val in data.values]))
except HachoirError, err:
attr["info"] = Variant("error while reading metadata")
