def ingestLogFile(self): if self.validated and not self.ingested: logEntries = list() date = datetime.strptime( time.ctime(os.path.getctime(self.filename)), "%a %b %d %H:%M:%S %Y") date = date.strftime("%m/%d/%Y %I:%M %p") if date[0] == "0": date = date[1:] firstHalf = date[:date.index(" ") + 1] secondHalf = date[date.index(" ") + 1:] if secondHalf[0] == "0": secondHalf = secondHalf[1:] date = firstHalf + secondHalf lineNumber = 0 for line in self.lines: logEntry = LogEntry() logEntry.date = date logEntry.description = line logEntry.creator = self.creator logEntry.eventType = self.eventType logEntry.artifact = self.filename logEntry.lineNumber = lineNumber logEntry.id = logEntry.artifact + "_" + str( logEntry.lineNumber) logEntries.append(logEntry) lineNumber += 1 self.ingested = True return logEntries return None
def retrieveLogEntriesDb(self): self.logEntries.clear() for entry in self.col.find(): logEntry = LogEntry() logEntry.id = entry["_id"] logEntry.associatedVectors = eval(entry["vectors"]) logEntry.location = entry["location"] logEntry.eventType = entry["eventType"] logEntry.description = entry["description"] logEntry.creator = entry["creator"] logEntry.date = entry["date"] logEntry.artifact = entry["artifact"] logEntry.lineNumber = entry["lineNumber"] self.logEntries[logEntry.id] = logEntry
def retrieveLogEntryDb(self, logEntryId): query = {"id": str(logEntryId)} logEntry = None for entry in self.col.find(query): logEntry = LogEntry() logEntry.id = entry["_id"] logEntry.associatedVectors = eval(entry["vectors"]) logEntry.location = entry["location"] logEntry.eventType = entry["eventType"] logEntry.description = entry["description"] logEntry.creator = entry["creator"] logEntry.date = entry["date"] logEntry.artifact = entry["artifact"] logEntry.lineNumber = entry["lineNumber"] return logEntry
def handleAddNode(self): if self.vectorComboBoxTable.count() > 0: vectorName = self.vectorComboBoxTable.currentText() vector = self.clientHandler.vectorManager.vectors[vectorName] logEntry = LogEntry() logEntry.creator = logEntry.WHITE_TEAM logEntry.eventType = logEntry.WHITE_TEAM logEntry.id = "-1" logEntry.date = (datetime.datetime.today() ).strftime("%m/%d/%Y %I:%M %p").lstrip("0") logEntry.associatedVectors.append( self.vectorComboBoxTable.currentText()) vector.addSignificantEventFromLogEntry(logEntry) self.updateVectorTable(vector) self.updateVectorGraph(vector) self.updateVectorGraph(vector)
def ingestLogFile(self): if self.validated and not self.ingested: logEntries = list() lineNumber = 0 for line in self.lines: logEntry = LogEntry() timestamp = self.timestamps[lineNumber] timestampAsDate = datetime.strptime(timestamp, "%Y-%m-%d %H:%M:%S") formattedDate = timestampAsDate.strftime("%m/%d/%Y %I:%M %p") logEntry.date = formattedDate logEntry.description = line logEntry.creator = self.creator logEntry.eventType = self.eventType logEntry.artifact = self.filename logEntry.lineNumber = lineNumber logEntry.id = logEntry.artifact + "_" + str( logEntry.lineNumber) logEntries.append(logEntry) lineNumber += 1 self.ingested = True return logEntries return None