def ProcessRepliesWithOutputPlugins(self, replies):
if not self.runner_args.output_plugins or not replies:
return
for output_plugin_state in self.context.output_plugins_states:
plugin_descriptor = output_plugin_state.plugin_descriptor
plugin_state = output_plugin_state.plugin_state
output_plugin = plugin_descriptor.GetPluginForState(plugin_state)
# Extend our lease if needed.
self.flow_obj.HeartBeat()
try:
output_plugin.ProcessResponses(replies)
output_plugin.Flush()
log_item = output_plugin_lib.OutputPluginBatchProcessingStatus(
plugin_descriptor=plugin_descriptor,
status="SUCCESS",
batch_size=len(replies))
# Cannot append to lists in AttributedDicts.
plugin_state["logs"] += [log_item]
self.Log("Plugin %s sucessfully processed %d flow replies.",
plugin_descriptor, len(replies))
except Exception as e: # pylint: disable=broad-except
error = output_plugin_lib.OutputPluginBatchProcessingStatus(
plugin_descriptor=plugin_descriptor,
status="ERROR",
summary=utils.SmartStr(e),
batch_size=len(replies))
# Cannot append to lists in AttributedDicts.
plugin_state["errors"] += [error]
self.Log("Plugin %s failed to process %d replies due to: %s",
plugin_descriptor, len(replies), e)
def RunPlugins(self, hunt_urn, plugins, results, exceptions_by_plugin):
for plugin_def, plugin in plugins:
try:
plugin.ProcessResponses(results)
plugin.Flush()
plugin_status = output_plugin.OutputPluginBatchProcessingStatus(
plugin_descriptor=plugin_def,
status="SUCCESS",
batch_size=len(results))
stats.STATS.IncrementCounter(
"hunt_results_ran_through_plugin",
delta=len(results),
fields=[plugin_def.plugin_name])
except Exception as e: # pylint: disable=broad-except
logging.exception("Error processing hunt results: hunt %s, "
"plugin %s", hunt_urn, utils.SmartStr(plugin))
self.Log("Error processing hunt results (hunt %s, "
"plugin %s): %s" % (hunt_urn, utils.SmartStr(plugin), e))
stats.STATS.IncrementCounter(
"hunt_output_plugin_errors", fields=[plugin_def.plugin_name])
plugin_status = output_plugin.OutputPluginBatchProcessingStatus(
plugin_descriptor=plugin_def,
status="ERROR",
summary=utils.SmartStr(e),
batch_size=len(results))
exceptions_by_plugin.setdefault(plugin_def, []).append(e)
implementation.GRRHunt.PluginStatusCollectionForHID(
hunt_urn, token=self.token).Add(plugin_status)
if plugin_status.status == plugin_status.Status.ERROR:
implementation.GRRHunt.PluginErrorCollectionForHID(
hunt_urn, token=self.token).Add(plugin_status)
def RunPlugins(self, hunt_urn, plugins, results, exceptions_by_plugin):
for plugin_def, plugin in plugins:
try:
plugin.ProcessResponses(results)
plugin_status = output_plugin.OutputPluginBatchProcessingStatus(
plugin_descriptor=plugin_def,
status="SUCCESS",
batch_size=len(results))
stats.STATS.IncrementCounter("hunt_results_ran_through_plugin",
delta=len(results),
fields=[plugin_def.plugin_name])
except Exception as e: # pylint: disable=broad-except
plugin_status = output_plugin.OutputPluginBatchProcessingStatus(
plugin_descriptor=plugin_def,
status="ERROR",
summary=utils.SmartStr(e),
batch_size=len(results))
exceptions_by_plugin.setdefault(plugin_def, []).append(e)
aff4.FACTORY.Open(hunt_urn.Add("OutputPluginsStatus"),
"PluginStatusCollection",
mode="w",
token=self.token).Add(plugin_status)
if plugin_status.status == plugin_status.Status.ERROR:
aff4.FACTORY.Open(hunt_urn.Add("OutputPluginsErrors"),
"PluginStatusCollection",
mode="w",
token=self.token).Add(plugin_status)
def ProcessRepliesWithOutputPlugins(self, replies):
if not self.args.output_plugins or not replies:
return
for plugin_descriptor, plugin_state in self.context.output_plugins_states:
output_plugin = plugin_descriptor.GetPluginForState(plugin_state)
# Extend our lease if needed.
self.flow_obj.HeartBeat()
try:
output_plugin.ProcessResponses(replies)
output_plugin.Flush()
log_item = output_plugin_lib.OutputPluginBatchProcessingStatus(
plugin_descriptor=plugin_descriptor,
status="SUCCESS",
batch_size=len(replies))
# Proving default here to make graceful deployment possible.
# TODO(user): remove default in Q1 2016.
plugin_state.get("logs", []).append(log_item)
self.Log("Plugin %s sucessfully processed %d flow replies.",
plugin_descriptor, len(replies))
except Exception as e: # pylint: disable=broad-except
error = output_plugin_lib.OutputPluginBatchProcessingStatus(
plugin_descriptor=plugin_descriptor,
status="ERROR",
summary=utils.SmartStr(e),
batch_size=len(replies))
# Proving default here to make graceful deployment possible.
# TODO(user): remove default in Q1 2016.
plugin_state.get("errors", []).append(error)
self.Log("Plugin %s failed to process %d replies due to: %s",
plugin_descriptor, len(replies), e)
def ApplyPluginsToBatch(self, hunt_urn, plugins, batch, batch_index):
exceptions_by_plugin = {}
for plugin_def, plugin in plugins:
logging.debug("Processing hunt %s with %s, batch %d", hunt_urn,
plugin_def.plugin_name, batch_index)
try:
plugin.ProcessResponses(batch)
stats.STATS.IncrementCounter("hunt_results_ran_through_plugin",
delta=len(batch),
fields=[plugin_def.plugin_name])
plugin_status = output_plugin.OutputPluginBatchProcessingStatus(
plugin_descriptor=plugin_def,
status="SUCCESS",
batch_index=batch_index,
batch_size=len(batch))
except Exception as e: # pylint: disable=broad-except
stats.STATS.IncrementCounter("hunt_output_plugin_errors",
fields=[plugin_def.plugin_name])
plugin_status = output_plugin.OutputPluginBatchProcessingStatus(
plugin_descriptor=plugin_def,
status="ERROR",
summary=utils.SmartStr(e),
batch_index=batch_index,
batch_size=len(batch))
logging.exception(
"Error processing hunt results: hunt %s, "
"plugin %s, batch %d", hunt_urn, plugin_def.plugin_name,
batch_index)
self.Log("Error processing hunt results (hunt %s, "
"plugin %s, batch %d): %s" %
(hunt_urn, plugin_def.plugin_name, batch_index, e))
exceptions_by_plugin[plugin_def] = e
collections.PackedVersionedCollection.AddToCollection(
self.StatusCollectionUrn(hunt_urn), [plugin_status],
sync=False,
token=self.token)
if plugin_status.status == plugin_status.Status.ERROR:
collections.PackedVersionedCollection.AddToCollection(
self.ErrorsCollectionUrn(hunt_urn), [plugin_status],
sync=False,
token=self.token)
return exceptions_by_plugin
