def testHuntActionsReportPluginWithNoActivityToReport(self): report = report_plugins.GetReportByName( server_report_plugins.HuntActionsReportPlugin.__name__) now = rdfvalue.RDFDatetime().Now() month_duration = rdfvalue.Duration("30d") api_report_data = report.GetReportData( stats_api.ApiGetReportArgs( name=report.__class__.__name__, start_time=now - month_duration, duration=month_duration), token=self.token) self.assertEqual( api_report_data, rdf_report_plugins.ApiReportData( representation_type=rdf_report_plugins.ApiReportData. RepresentationType.AUDIT_CHART, audit_chart=rdf_report_plugins.ApiAuditChartReportData( used_fields=[ "action", "description", "flow_name", "timestamp", "urn", "user" ], rows=[])))
def testLastActiveReportPlugin(self): self.MockClients() # Scan for activity to be reported. flow_test_lib.TestFlowHelper( cron_system.LastAccessStats.__name__, token=self.token) report = report_plugins.GetReportByName( client_report_plugins.LastActiveReportPlugin.__name__) api_report_data = report.GetReportData( stats_api.ApiGetReportArgs( name=report.__class__.__name__, client_label="All"), token=self.token) self.assertEqual( api_report_data.representation_type, rdf_report_plugins.ApiReportData.RepresentationType.LINE_CHART) labels = [ "60 day active", "30 day active", "7 day active", "3 day active", "1 day active" ] ys = [20, 20, 0, 0, 0] for series, label, y in itertools.izip(api_report_data.line_chart.data, labels, ys): self.assertEqual(series.label, label) self.assertEqual(len(series.points), 1) self.assertEqual(series.points[0].y, y)
def testFileSizeDistributionReportPlugin(self): filename = "winexec_img.dd" client_id = self.SetupClient(0) # Add a file to be reported. filestore_test_lib.AddFileToFileStore( rdf_paths.PathSpec( pathtype=rdf_paths.PathSpec.PathType.OS, path=os.path.join(self.base_path, filename)), client_id=client_id, token=self.token) # Scan for files to be reported (the one we just added). flow_test_lib.TestFlowHelper( filestore_stats.FilestoreStatsCronFlow.__name__, token=self.token) report = report_plugins.GetReportByName( filestore_report_plugins.FileSizeDistributionReportPlugin.__name__) api_report_data = report.GetReportData( stats_api.ApiGetReportArgs(name=report.__class__.__name__), token=self.token) self.checkStaticData(api_report_data) for series in api_report_data.stack_chart.data: if series.label == "976.6 KiB - 4.8 MiB": self.assertEqual([p.y for p in series.points], [1]) else: self.assertEqual([p.y for p in series.points], [0])
def testGetReportByName(self): """Ensure GetReportByName instantiates correct subclasses based on name.""" with report_plugins_test_mocks.MockedReportPlugins(): report_object = report_plugins.GetReportByName("BarReportPlugin") self.assertTrue( isinstance(report_object, report_plugins_test_mocks.BarReportPlugin))
def testMostActiveUsersReportPlugin(self): with test_lib.FakeTime( rdfvalue.RDFDatetime.FromHumanReadable("2012/12/14")): AddFakeAuditLog( "Fake audit description 14 Dec.", "C.123", "User123", token=self.token) with test_lib.FakeTime( rdfvalue.RDFDatetime.FromHumanReadable("2012/12/22")): for _ in xrange(10): AddFakeAuditLog( "Fake audit description 22 Dec.", "C.123", "User123", token=self.token) AddFakeAuditLog( "Fake audit description 22 Dec.", "C.456", "User456", token=self.token) report = report_plugins.GetReportByName( server_report_plugins.MostActiveUsersReportPlugin.__name__) with test_lib.FakeTime( rdfvalue.RDFDatetime.FromHumanReadable("2012/12/31")): now = rdfvalue.RDFDatetime().Now() month_duration = rdfvalue.Duration("30d") api_report_data = report.GetReportData( stats_api.ApiGetReportArgs( name=report.__class__.__name__, start_time=now - month_duration, duration=month_duration), token=self.token) # pyformat: disable self.assertEqual( api_report_data, rdf_report_plugins.ApiReportData( representation_type=rdf_report_plugins.ApiReportData. RepresentationType.PIE_CHART, pie_chart=rdf_report_plugins.ApiPieChartReportData( data=[ rdf_report_plugins.ApiReportDataPoint1D( label="User123", x=11 ), rdf_report_plugins.ApiReportDataPoint1D( label="User456", x=1 ) ] )))
def Handle(self, args, token): report = report_plugins.GetReportByName(args.name) if not args.client_label: args.client_label = "All" return rdf_report_plugins.ApiReport(desc=report.GetReportDescriptor(), data=report.GetReportData( args, token))
def testSystemFlowsReportPlugin(self): with test_lib.FakeTime( rdfvalue.RDFDatetime.FromHumanReadable("2012/12/14")): AddFakeAuditLog( action=rdf_events.AuditEvent.Action.RUN_FLOW, user="******", flow_name="Flow123", token=self.token) with test_lib.FakeTime( rdfvalue.RDFDatetime.FromHumanReadable("2012/12/22")): for _ in xrange(10): AddFakeAuditLog( action=rdf_events.AuditEvent.Action.RUN_FLOW, user="******", flow_name="Flow123", token=self.token) AddFakeAuditLog( action=rdf_events.AuditEvent.Action.RUN_FLOW, user="******", flow_name="Flow456", token=self.token) report = report_plugins.GetReportByName( server_report_plugins.SystemFlowsReportPlugin.__name__) start = rdfvalue.RDFDatetime.FromHumanReadable("2012/12/15") month_duration = rdfvalue.Duration("30d") api_report_data = report.GetReportData( stats_api.ApiGetReportArgs( name=report.__class__.__name__, start_time=start, duration=month_duration), token=self.token) self.assertEqual( api_report_data, rdf_report_plugins.ApiReportData( representation_type=rdf_report_plugins.ApiReportData. RepresentationType.STACK_CHART, stack_chart=rdf_report_plugins.ApiStackChartReportData( x_ticks=[], data=[ rdf_report_plugins.ApiReportDataSeries2D( label=u"Flow123\u2003Run By: GRR (10)", points=[ rdf_report_plugins.ApiReportDataPoint2D(x=0, y=10) ]), rdf_report_plugins.ApiReportDataSeries2D( label=u"Flow456\u2003Run By: GRR (1)", points=[ rdf_report_plugins.ApiReportDataPoint2D(x=1, y=1) ]) ])))
def testUserActivityReportPluginWithNoActivityToReport(self): report = report_plugins.GetReportByName( server_report_plugins.UserActivityReportPlugin.__name__) api_report_data = report.GetReportData( stats_api.ApiGetReportArgs(name=report.__class__.__name__), token=self.token) self.assertEqual( api_report_data, rdf_report_plugins.ApiReportData( representation_type=rdf_report_plugins.ApiReportData. RepresentationType.STACK_CHART, stack_chart=rdf_report_plugins.ApiStackChartReportData(data=[])))
def testOSReleaseBreakdownReportPluginWithNoDataToReport(self): report = report_plugins.GetReportByName( client_report_plugins.OSReleaseBreakdown30ReportPlugin.__name__) api_report_data = report.GetReportData(stats_api.ApiGetReportArgs( name=report.__class__.__name__, client_label="All"), token=self.token) self.assertEqual( api_report_data, rdf_report_plugins.ApiReportData( pie_chart=rdf_report_plugins.ApiPieChartReportData(data=[]), representation_type=rdf_report_plugins.ApiReportData. RepresentationType.PIE_CHART))
def testFileSizeDistributionReportPluginWithNothingToReport(self): # Scan for files to be reported. flow_test_lib.TestFlowHelper( filestore_stats.FilestoreStatsCronFlow.__name__, token=self.token) report = report_plugins.GetReportByName( filestore_report_plugins.FileSizeDistributionReportPlugin.__name__) api_report_data = report.GetReportData( stats_api.ApiGetReportArgs(name=report.__class__.__name__), token=self.token) self.checkStaticData(api_report_data) for series in api_report_data.stack_chart.data: self.assertEqual([p.y for p in series.points], [0])
def testLastActiveReportPluginWithNoActivityToReport(self): # Scan for activity to be reported. flow_test_lib.TestFlowHelper(cron_system.LastAccessStats.__name__, token=self.token) report = report_plugins.GetReportByName( client_report_plugins.LastActiveReportPlugin.__name__) api_report_data = report.GetReportData(stats_api.ApiGetReportArgs( name=report.__class__.__name__, client_label="All"), token=self.token) self.assertEqual( api_report_data, rdf_report_plugins.ApiReportData( representation_type=rdf_report_plugins.ApiReportData. RepresentationType.LINE_CHART, line_chart=rdf_report_plugins.ApiLineChartReportData(data=[])))
def testMostActiveUsersReportPluginWithNoActivityToReport(self): report = report_plugins.GetReportByName( server_report_plugins.MostActiveUsersReportPlugin.__name__) now = rdfvalue.RDFDatetime().Now() month_duration = rdfvalue.Duration("30d") api_report_data = report.GetReportData(stats_api.ApiGetReportArgs( name=report.__class__.__name__, start_time=now - month_duration, duration=month_duration), token=self.token) self.assertEqual( api_report_data, rdf_report_plugins.ApiReportData( representation_type=rdf_report_plugins.ApiReportData. RepresentationType.PIE_CHART, pie_chart=rdf_report_plugins.ApiPieChartReportData(data=[])))
def testSystemFlowsReportPluginWithNoActivityToReport(self): report = report_plugins.GetReportByName( server_report_plugins.SystemFlowsReportPlugin.__name__) now = rdfvalue.RDFDatetime().Now() month_duration = rdfvalue.Duration("30d") api_report_data = report.GetReportData( stats_api.ApiGetReportArgs( name=report.__class__.__name__, start_time=now - month_duration, duration=month_duration), token=self.token) self.assertEqual( api_report_data, rdf_report_plugins.ApiReportData( representation_type=rdf_report_plugins.ApiReportData. RepresentationType.STACK_CHART, stack_chart=rdf_report_plugins.ApiStackChartReportData(x_ticks=[])))
def testOSBreakdownReportPlugin(self): # Add a client to be reported. self.SetupClients(1) # Scan for clients to be reported (the one we just added). flow_test_lib.TestFlowHelper(cron_system.OSBreakDown.__name__, token=self.token) report = report_plugins.GetReportByName( client_report_plugins.OSBreakdown30ReportPlugin.__name__) api_report_data = report.GetReportData(stats_api.ApiGetReportArgs( name=report.__class__.__name__, client_label="All"), token=self.token) self.assertEqual( api_report_data, rdf_report_plugins.ApiReportData( pie_chart=rdf_report_plugins.ApiPieChartReportData(data=[ rdf_report_plugins.ApiReportDataPoint1D(label="Linux", x=1) ]), representation_type=rdf_report_plugins.ApiReportData. RepresentationType.PIE_CHART))
def testGRRVersionReportPlugin(self): self.MockClients() # Scan for activity to be reported. flow_test_lib.TestFlowHelper( cron_system.GRRVersionBreakDown.__name__, token=self.token) report = report_plugins.GetReportByName( client_report_plugins.GRRVersion30ReportPlugin.__name__) api_report_data = report.GetReportData( stats_api.ApiGetReportArgs( name=report.__class__.__name__, client_label="All"), token=self.token) self.assertEqual( api_report_data.representation_type, rdf_report_plugins.ApiReportData.RepresentationType.LINE_CHART) self.assertEqual(len(api_report_data.line_chart.data), 1) self.assertEqual(api_report_data.line_chart.data[0].label, "GRR Monitor %s" % config.CONFIG["Source.version_numeric"]) self.assertEqual(len(api_report_data.line_chart.data[0].points), 1) self.assertEqual(api_report_data.line_chart.data[0].points[0].y, 20)
def testUserActivityReportPlugin(self): with test_lib.FakeTime( rdfvalue.RDFDatetime.FromHumanReadable("2012/12/14")): AddFakeAuditLog( "Fake audit description 14 Dec.", "C.123", "User123", token=self.token) with test_lib.FakeTime( rdfvalue.RDFDatetime.FromHumanReadable("2012/12/22")): for _ in xrange(10): AddFakeAuditLog( "Fake audit description 22 Dec.", "C.123", "User123", token=self.token) AddFakeAuditLog( "Fake audit description 22 Dec.", "C.456", "User456", token=self.token) report = report_plugins.GetReportByName( server_report_plugins.UserActivityReportPlugin.__name__) with test_lib.FakeTime( rdfvalue.RDFDatetime.FromHumanReadable("2012/12/31")): api_report_data = report.GetReportData( stats_api.ApiGetReportArgs(name=report.__class__.__name__), token=self.token) # pyformat: disable self.assertEqual( api_report_data, rdf_report_plugins.ApiReportData( representation_type=rdf_report_plugins.ApiReportData. RepresentationType.STACK_CHART, stack_chart=rdf_report_plugins.ApiStackChartReportData( data=[ rdf_report_plugins.ApiReportDataSeries2D( label=u"User123", points=[ rdf_report_plugins.ApiReportDataPoint2D( x=-10, y=0), rdf_report_plugins.ApiReportDataPoint2D( x=-9, y=0), rdf_report_plugins.ApiReportDataPoint2D( x=-8, y=0), rdf_report_plugins.ApiReportDataPoint2D( x=-7, y=0), rdf_report_plugins.ApiReportDataPoint2D( x=-6, y=0), rdf_report_plugins.ApiReportDataPoint2D( x=-5, y=0), rdf_report_plugins.ApiReportDataPoint2D( x=-4, y=0), rdf_report_plugins.ApiReportDataPoint2D( x=-3, y=1), rdf_report_plugins.ApiReportDataPoint2D( x=-2, y=10), rdf_report_plugins.ApiReportDataPoint2D( x=-1, y=0) ] ), rdf_report_plugins.ApiReportDataSeries2D( label=u"User456", points=[ rdf_report_plugins.ApiReportDataPoint2D( x=-10, y=0), rdf_report_plugins.ApiReportDataPoint2D( x=-9, y=0), rdf_report_plugins.ApiReportDataPoint2D( x=-8, y=0), rdf_report_plugins.ApiReportDataPoint2D( x=-7, y=0), rdf_report_plugins.ApiReportDataPoint2D( x=-6, y=0), rdf_report_plugins.ApiReportDataPoint2D( x=-5, y=0), rdf_report_plugins.ApiReportDataPoint2D( x=-4, y=0), rdf_report_plugins.ApiReportDataPoint2D( x=-3, y=0), rdf_report_plugins.ApiReportDataPoint2D( x=-2, y=1), rdf_report_plugins.ApiReportDataPoint2D( x=-1, y=0) ])])))
def testCronApprovalsReportPlugin(self): with test_lib.FakeTime( rdfvalue.RDFDatetime.FromHumanReadable("2012/12/14")): AddFakeAuditLog( action=rdf_events.AuditEvent.Action.CRON_APPROVAL_GRANT, user="******", description="Approval grant description.", token=self.token) with test_lib.FakeTime( rdfvalue.RDFDatetime.FromHumanReadable("2012/12/22"), increment=1): for i in xrange(10): AddFakeAuditLog( action=rdf_events.AuditEvent.Action.CRON_APPROVAL_REQUEST, user="******" % i, description="Approval request.", token=self.token) AddFakeAuditLog( action=rdf_events.AuditEvent.Action.CRON_APPROVAL_GRANT, user="******", description="Another grant.", token=self.token) report = report_plugins.GetReportByName( server_report_plugins.CronApprovalsReportPlugin.__name__) start = rdfvalue.RDFDatetime.FromHumanReadable("2012/12/15") month_duration = rdfvalue.Duration("30d") api_report_data = report.GetReportData( stats_api.ApiGetReportArgs( name=report.__class__.__name__, start_time=start, duration=month_duration), token=self.token) self.assertEqual( api_report_data.representation_type, rdf_report_plugins.ApiReportData.RepresentationType.AUDIT_CHART) self.assertEqual(api_report_data.audit_chart.used_fields, ["action", "description", "timestamp", "urn", "user"]) self.assertEqual([(row.action, row.description, row.timestamp.Format("%Y/%m/%d"), row.urn, row.user) for row in api_report_data.audit_chart.rows], [(rdf_events.AuditEvent.Action.CRON_APPROVAL_GRANT, "Another grant.", "2012/12/22", None, "User456"), (rdf_events.AuditEvent.Action.CRON_APPROVAL_REQUEST, "Approval request.", "2012/12/22", None, "User9"), (rdf_events.AuditEvent.Action.CRON_APPROVAL_REQUEST, "Approval request.", "2012/12/22", None, "User8"), (rdf_events.AuditEvent.Action.CRON_APPROVAL_REQUEST, "Approval request.", "2012/12/22", None, "User7"), (rdf_events.AuditEvent.Action.CRON_APPROVAL_REQUEST, "Approval request.", "2012/12/22", None, "User6"), (rdf_events.AuditEvent.Action.CRON_APPROVAL_REQUEST, "Approval request.", "2012/12/22", None, "User5"), (rdf_events.AuditEvent.Action.CRON_APPROVAL_REQUEST, "Approval request.", "2012/12/22", None, "User4"), (rdf_events.AuditEvent.Action.CRON_APPROVAL_REQUEST, "Approval request.", "2012/12/22", None, "User3"), (rdf_events.AuditEvent.Action.CRON_APPROVAL_REQUEST, "Approval request.", "2012/12/22", None, "User2"), (rdf_events.AuditEvent.Action.CRON_APPROVAL_REQUEST, "Approval request.", "2012/12/22", None, "User1"), (rdf_events.AuditEvent.Action.CRON_APPROVAL_REQUEST, "Approval request.", "2012/12/22", None, "User0") ]) # pyformat: disable
def testHuntActionsReportPlugin(self): with test_lib.FakeTime( rdfvalue.RDFDatetime.FromHumanReadable("2012/12/14")): AddFakeAuditLog( action=rdf_events.AuditEvent.Action.HUNT_CREATED, user="******", flow_name="Flow123", token=self.token) with test_lib.FakeTime( rdfvalue.RDFDatetime.FromHumanReadable("2012/12/22"), increment=1): for i in xrange(10): AddFakeAuditLog( action=rdf_events.AuditEvent.Action.HUNT_MODIFIED, user="******" % i, flow_name="Flow%d" % i, token=self.token) AddFakeAuditLog( action=rdf_events.AuditEvent.Action.HUNT_PAUSED, user="******", flow_name="Flow456", token=self.token) report = report_plugins.GetReportByName( server_report_plugins.HuntActionsReportPlugin.__name__) start = rdfvalue.RDFDatetime.FromHumanReadable("2012/12/15") month_duration = rdfvalue.Duration("30d") api_report_data = report.GetReportData( stats_api.ApiGetReportArgs( name=report.__class__.__name__, start_time=start, duration=month_duration), token=self.token) self.assertEqual( api_report_data.representation_type, rdf_report_plugins.ApiReportData.RepresentationType.AUDIT_CHART) self.assertEqual( api_report_data.audit_chart.used_fields, ["action", "description", "flow_name", "timestamp", "urn", "user"]) self.assertEqual([(row.action, row.description, row.flow_name, row.timestamp.Format("%Y/%m/%d"), row.urn, row.user) for row in api_report_data.audit_chart.rows], [(rdf_events.AuditEvent.Action.HUNT_PAUSED, "", "Flow456", "2012/12/22", None, "User456"), (rdf_events.AuditEvent.Action.HUNT_MODIFIED, "", "Flow9", "2012/12/22", None, "User9"), (rdf_events.AuditEvent.Action.HUNT_MODIFIED, "", "Flow8", "2012/12/22", None, "User8"), (rdf_events.AuditEvent.Action.HUNT_MODIFIED, "", "Flow7", "2012/12/22", None, "User7"), (rdf_events.AuditEvent.Action.HUNT_MODIFIED, "", "Flow6", "2012/12/22", None, "User6"), (rdf_events.AuditEvent.Action.HUNT_MODIFIED, "", "Flow5", "2012/12/22", None, "User5"), (rdf_events.AuditEvent.Action.HUNT_MODIFIED, "", "Flow4", "2012/12/22", None, "User4"), (rdf_events.AuditEvent.Action.HUNT_MODIFIED, "", "Flow3", "2012/12/22", None, "User3"), (rdf_events.AuditEvent.Action.HUNT_MODIFIED, "", "Flow2", "2012/12/22", None, "User2"), (rdf_events.AuditEvent.Action.HUNT_MODIFIED, "", "Flow1", "2012/12/22", None, "User1"), (rdf_events.AuditEvent.Action.HUNT_MODIFIED, "", "Flow0", "2012/12/22", None, "User0") ]) # pyformat: disable