def ProcessMessage(self, message=None, event=None):
"""Processes this event."""
_ = event
client_id = message.source
message = rdfvalue.DataBlob(message.args).string
logging.info(self.logline, client_id, message)
# Write crash data to AFF4.
client = aff4.FACTORY.Open(client_id, token=self.token)
client_info = client.Get(client.Schema.CLIENT_INFO)
crash_details = rdfvalue.ClientCrash(
client_id=client_id,
client_info=client_info,
crash_message=message,
timestamp=long(time.time() * 1e6),
crash_type=self.well_known_session_id)
self.WriteAllCrashDetails(client_id, crash_details)
# Also send email.
if config_lib.CONFIG["Monitoring.alert_email"]:
client = aff4.FACTORY.Open(client_id, token=self.token)
hostname = client.Get(client.Schema.HOSTNAME)
url = urllib.urlencode(
(("c", client_id), ("main", "HostInformation")))
email_alerts.SendEmail(
config_lib.CONFIG["Monitoring.alert_email"],
"GRR server",
self.subject % client_id,
self.mail_template %
dict(client_id=client_id,
admin_ui=config_lib.CONFIG["AdminUI.url"],
hostname=hostname,
signature=config_lib.CONFIG["Email.signature"],
urn=url,
message=message),
is_html=True)
def ProcessMessage(self, message=None, event=None):
"""Processes this event."""
_ = event
client_id = message.source
nanny_msg = ""
flow_obj = aff4.FACTORY.Open(message.session_id, token=self.token)
# Log.
logging.info("Client crash reported, client %s.", client_id)
# Export.
stats.STATS.IncrementCounter("grr_client_crashes")
# Write crash data to AFF4.
client = aff4.FACTORY.Open(client_id, token=self.token)
client_info = client.Get(client.Schema.CLIENT_INFO)
status = rdfvalue.GrrStatus(message.args)
crash_details = rdfvalue.ClientCrash(
client_id=client_id,
session_id=message.session_id,
client_info=client_info,
crash_message=status.error_message,
timestamp=rdfvalue.RDFDatetime().Now(),
crash_type=self.well_known_session_id)
self.WriteAllCrashDetails(client_id,
crash_details,
flow_session_id=message.session_id)
# Also send email.
if config_lib.CONFIG["Monitoring.alert_email"]:
if status.nanny_status:
nanny_msg = "Nanny status: %s" % status.nanny_status
client = aff4.FACTORY.Open(client_id, token=self.token)
hostname = client.Get(client.Schema.HOSTNAME)
url = urllib.urlencode(
(("c", client_id), ("main", "HostInformation")))
renderer = rendering.FindRendererForObject(flow_obj.state)
email_alerts.SendEmail(
config_lib.CONFIG["Monitoring.alert_email"],
"GRR server",
"Client %s reported a crash." % client_id,
self.mail_template %
dict(client_id=client_id,
admin_ui=config_lib.CONFIG["AdminUI.url"],
hostname=hostname,
state=renderer.RawHTML(),
urn=url,
nanny_msg=nanny_msg,
signature=config_lib.CONFIG["Email.signature"]),
is_html=True)
if nanny_msg:
msg = "Client crashed, " + nanny_msg
else:
msg = "Client crashed."
# Now terminate the flow.
flow.GRRFlow.TerminateFlow(message.session_id,
reason=msg,
token=self.token,
force=True)
