Exemplo n.º 1
0
  def testParse(self):
    """Tests the Parse function."""
    parser = utmpx.UtmpxParser()
    storage_writer = self._ParseFile(['utmpx_mac'], parser)

    self.assertEqual(storage_writer.number_of_events, 6)

    events = list(storage_writer.GetEvents())

    event = events[0]
    expected_timestamp = timelib.Timestamp.CopyFromString(
        '2013-11-13 17:52:34')
    self.assertEqual(event.timestamp, expected_timestamp)

    expected_message = (
        'User: N/A Status: BOOT_TIME '
        'Computer Name: localhost Terminal: N/A')
    expected_short_message = 'User: N/A'

    self._TestGetMessageStrings(event, expected_message, expected_short_message)

    event = events[1]

    expected_timestamp = timelib.Timestamp.CopyFromString(
        '2013-11-13 17:52:41.736713')
    self.assertEqual(event.timestamp, expected_timestamp)

    self.assertEqual(event.user, 'moxilo')
    self.assertEqual(event.terminal, 'console', )
    self.assertEqual(event.status_type, 7)
    self.assertEqual(event.computer_name, 'localhost')

    expected_message = (
        'User: moxilo Status: '
        'USER_PROCESS '
        'Computer Name: localhost '
        'Terminal: console')
    expected_short_message = 'User: moxilo'

    self._TestGetMessageStrings(event, expected_message, expected_short_message)

    event = events[4]

    expected_timestamp = timelib.Timestamp.CopyFromString(
        '2013-11-14 04:32:56.641464')
    self.assertEqual(event.timestamp, expected_timestamp)

    self.assertEqual(event.user, 'moxilo')
    self.assertEqual(event.terminal, 'ttys002')
    self.assertEqual(event.status_type, 8)

    expected_message = (
        'User: moxilo Status: '
        'DEAD_PROCESS '
        'Computer Name: localhost '
        'Terminal: ttys002')
    expected_short_message = 'User: moxilo'

    self._TestGetMessageStrings(event, expected_message, expected_short_message)
Exemplo n.º 2
0
    def testParse(self):
        """Tests the Parse function."""
        parser = utmpx.UtmpxParser()
        storage_writer = self._ParseFile(['utmpx_mac'], parser)

        number_of_events = storage_writer.GetNumberOfAttributeContainers(
            'event')
        self.assertEqual(number_of_events, 6)

        number_of_warnings = storage_writer.GetNumberOfAttributeContainers(
            'extraction_warning')
        self.assertEqual(number_of_warnings, 0)

        number_of_warnings = storage_writer.GetNumberOfAttributeContainers(
            'recovery_warning')
        self.assertEqual(number_of_warnings, 0)

        events = list(storage_writer.GetEvents())

        expected_event_values = {
            'date_time': '2013-11-13 17:52:34.000000',
            'data_type': 'mac:utmpx:event',
            'hostname': 'localhost',
            'pid': 1,
            'terminal_identifier': 0,
            'type': 2
        }

        self.CheckEventValues(storage_writer, events[0], expected_event_values)

        expected_event_values = {
            'date_time': '2013-11-13 17:52:41.736713',
            'data_type': 'mac:utmpx:event',
            'hostname': 'localhost',
            'pid': 67,
            'terminal': 'console',
            'terminal_identifier': 65583,
            'type': 7,
            'username': '******'
        }

        self.CheckEventValues(storage_writer, events[1], expected_event_values)

        expected_event_values = {
            'date_time': '2013-11-14 04:32:56.641464',
            'data_type': 'mac:utmpx:event',
            'hostname': 'localhost',
            'pid': 6899,
            'terminal': 'ttys002',
            'terminal_identifier': 842018931,
            'type': 8,
            'username': '******'
        }

        self.CheckEventValues(storage_writer, events[4], expected_event_values)
Exemplo n.º 3
0
    def testParse(self):
        """Tests the Parse function."""
        parser = utmpx.UtmpxParser()
        storage_writer = self._ParseFile(['utmpx_mac'], parser)

        self.assertEqual(storage_writer.number_of_warnings, 0)
        self.assertEqual(storage_writer.number_of_events, 6)

        events = list(storage_writer.GetEvents())

        event = events[0]

        self.CheckTimestamp(event.timestamp, '2013-11-13 17:52:34.000000')

        expected_message = ('Status: BOOT_TIME '
                            'Hostname: localhost '
                            'PID: 1 '
                            'Terminal identifier: 0')
        expected_short_message = ('PID: 1 ' 'Status: BOOT_TIME')

        self._TestGetMessageStrings(event, expected_message,
                                    expected_short_message)

        event = events[1]

        self.CheckTimestamp(event.timestamp, '2013-11-13 17:52:41.736713')

        self.assertEqual(event.username, 'moxilo')
        self.assertEqual(event.terminal, 'console')
        self.assertEqual(event.type, 7)
        self.assertEqual(event.hostname, 'localhost')

        expected_message = ('User: moxilo '
                            'Status: USER_PROCESS '
                            'Hostname: localhost '
                            'Terminal: console '
                            'PID: 67 '
                            'Terminal identifier: 65583')
        expected_short_message = ('User: moxilo '
                                  'PID: 67 '
                                  'Status: USER_PROCESS')

        self._TestGetMessageStrings(event, expected_message,
                                    expected_short_message)

        event = events[4]

        self.CheckTimestamp(event.timestamp, '2013-11-14 04:32:56.641464')

        self.assertEqual(event.username, 'moxilo')
        self.assertEqual(event.terminal, 'ttys002')
        self.assertEqual(event.type, 8)

        expected_message = ('User: moxilo '
                            'Status: DEAD_PROCESS '
                            'Hostname: localhost '
                            'Terminal: ttys002 '
                            'PID: 6899 '
                            'Terminal identifier: 842018931')
        expected_short_message = ('User: moxilo '
                                  'PID: 6899 '
                                  'Status: DEAD_PROCESS')

        self._TestGetMessageStrings(event, expected_message,
                                    expected_short_message)
Exemplo n.º 4
0
 def setUp(self):
     """Sets up the needed objects used throughout the test."""
     self._parser = utmpx.UtmpxParser()
Exemplo n.º 5
0
    def testParse(self):
        """Tests the Parse function."""
        parser_object = utmpx.UtmpxParser()

        test_file = self._GetTestFilePath([u'utmpx_mac'])
        event_queue_consumer = self._ParseFile(parser_object, test_file)
        event_objects = self._GetEventObjectsFromQueue(event_queue_consumer)

        self.assertEqual(len(event_objects), 6)

        event_object = event_objects[0]
        expected_timestamp = timelib.Timestamp.CopyFromString(
            u'2013-11-13 17:52:34')
        self.assertEqual(event_object.timestamp, expected_timestamp)

        expected_message = (u'User: N/A Status: BOOT_TIME '
                            u'Computer Name: localhost Terminal: N/A')
        expected_short_message = u'User: N/A'

        self._TestGetMessageStrings(event_object, expected_message,
                                    expected_short_message)

        event_object = event_objects[1]

        expected_timestamp = timelib.Timestamp.CopyFromString(
            u'2013-11-13 17:52:41.736713')
        self.assertEqual(event_object.timestamp, expected_timestamp)

        self.assertEqual(event_object.user, u'moxilo')
        self.assertEqual(
            event_object.terminal,
            u'console',
        )
        self.assertEqual(event_object.status_type, 7)
        self.assertEqual(event_object.computer_name, u'localhost')

        expected_message = (u'User: moxilo Status: '
                            u'USER_PROCESS '
                            u'Computer Name: localhost '
                            u'Terminal: console')
        expected_short_message = u'User: moxilo'

        self._TestGetMessageStrings(event_object, expected_message,
                                    expected_short_message)

        event_object = event_objects[4]

        expected_timestamp = timelib.Timestamp.CopyFromString(
            u'2013-11-14 04:32:56.641464')
        self.assertEqual(event_object.timestamp, expected_timestamp)

        self.assertEqual(event_object.user, u'moxilo')
        self.assertEqual(event_object.terminal, u'ttys002')
        self.assertEqual(event_object.status_type, 8)

        expected_message = (u'User: moxilo Status: '
                            u'DEAD_PROCESS '
                            u'Computer Name: localhost '
                            u'Terminal: ttys002')
        expected_short_message = u'User: moxilo'

        self._TestGetMessageStrings(event_object, expected_message,
                                    expected_short_message)
Exemplo n.º 6
0
 def setUp(self):
     """Makes preparations before running an individual test."""
     self._parser = utmpx.UtmpxParser()
Exemplo n.º 7
0
 def setUp(self):
     """Sets up the needed objects used throughout the test."""
     pre_obj = event.PreprocessObject()
     self._parser = utmpx.UtmpxParser(pre_obj, None)