def run(self):
"""Run all processing modules and all signatures.
@return: processing results.
"""
results = {}
Processing()
# Order modules using the user-defined sequence number.
# If none is specified for the modules, they are selected in
# alphabetical order.
modules_list = Processing.__subclasses__()
modules_list.sort(key=lambda module: module.order)
for module in modules_list:
result = self._run_processing(module)
if result:
results.update(result)
Signature()
sigs = []
for signature in Signature.__subclasses__():
match = self._run_signature(signature, results)
if match:
sigs.append(match)
sigs.sort(key=lambda key: key["severity"])
results["signatures"] = sigs
return results
def run(self):
"""Run all processing modules and all signatures.
@return: processing results.
"""
results = {}
Processing()
for module in Processing.__subclasses__():
result = self._run_processing(module)
if result:
results.update(result)
Signature()
sigs = []
for signature in Signature.__subclasses__():
match = self._run_signature(signature, results)
if match:
sigs.append(match)
sigs.sort(key=lambda key: key["severity"])
results["signatures"] = sigs
return results
def run(self):
"""Run all processors.
@return: processing results.
"""
results = {}
Processing()
for module in Processing.__subclasses__():
current = module()
current.set_path(self.analysis_path)
current.cfg = Config(current.conf_path)
try:
results[current.key] = current.run()
log.debug("Executed processing module \"%s\"" % current.__class__.__name__)
except NotImplementedError:
continue
except CuckooProcessingError as e:
log.warning("Failed to execute processing module \"%s\": %s" % (current.__class__.__name__, e.message))
Signature()
sigs = []
for signature in Signature.__subclasses__():
current = signature()
if not current.enabled:
continue
try:
if current.run(copy.deepcopy(results)):
matched = {"name" : current.name,
"description" : current.description,
"severity" : current.severity,
"references" : current.references,
"data" : current.data,
"alert" : current.alert}
sigs.append(matched)
log.debug("Analysis at \"%s\" matched signature \"%s\"" % (self.analysis_path, current.name))
except NotImplementedError:
continue
sigs.sort(key=lambda key: key["severity"])
results["signatures"] = sigs
return results
def run(self):
"""Run all processing modules and all signatures.
@return: processing results.
"""
results = {}
Processing()
for module in Processing.__subclasses__():
result = self._run_processing(module)
if result:
results.update(result)
Signature()
sigs = []
for signature in Signature.__subclasses__():
match = self._run_signature(signature, results)
if match:
sigs.append(match)
sigs.sort(key=lambda key: key["severity"])
results["signatures"] = sigs
return results
