def ListFlows(self):
"""List flows that ran on this client."""
args = flow_pb2.ApiListFlowsArgs(client_id=self.client_id)
items = self._context.SendIteratorRequest("ListFlows", args)
return utils.MapItemsIterator(
lambda data: flow.Flow(data=data, context=self._context), items)
def CreateFlow(self, name=None, args=None, runner_args=None):
"""Create new flow on this client."""
if not name:
raise ValueError("name can't be empty")
request = flow_pb2.ApiCreateFlowArgs(client_id=self.client_id)
request.flow.name = name
if runner_args:
request.flow.runner_args.CopyFrom(runner_args)
if args:
request.flow.args.value = args.SerializeToString()
request.flow.args.type_url = utils.GetTypeUrl(args)
data = self._context.SendRequest("CreateFlow", request)
return flow.Flow(data=data, context=self._context)
""".format(
int((datetime.datetime.utcnow() - datetime.timedelta(25)).timestamp() *
1000000))
MOCK_CLIENT = client.Client(data=text_format.Parse(client_proto1,
client_pb2.ApiClient()),
context=True)
MOCK_CLIENT_RECENT = client.Client(data=text_format.Parse(
client_proto2, client_pb2.ApiClient()),
context=True)
MOCK_CLIENT_LIST = [MOCK_CLIENT, MOCK_CLIENT_RECENT]
MOCK_CLIENT_REF = client.ClientRef(MOCK_CLIENT.client_id, context=True)
flow_pb_terminated = flow_pb2.ApiFlow(urn="C.0000000000000001",
flow_id="F:12345",
state=flows_pb2.FlowContext.TERMINATED)
flow_pb_error = flow_pb2.ApiFlow(urn="C.0000000000000001",
flow_id="F:12345",
state=flows_pb2.FlowContext.ERROR)
flow_pb_running = flow_pb2.ApiFlow(urn="C.0000000000000001",
flow_id="F:12345",
state=flows_pb2.FlowContext.RUNNING)
MOCK_FLOW = flow.Flow(data=flow_pb_terminated, context=True)
MOCK_FLOW_ERROR = flow.Flow(data=flow_pb_error, context=True)
MOCK_FLOW_RUNNING = flow.Flow(data=flow_pb_running, context=True)
hunt_pb = hunt_pb2.ApiHunt(urn="hunts/12345", hunt_id="F:12345", state=1)
MOCK_HUNT = hunt.Hunt(data=hunt_pb)
first_seen_at: 1480416002507491
last_seen_at: 1511174989892418
last_booted_at: 1507912328000000
last_clock: 1511174989272124
age: 1510710503319681
client_id: "C.0000000000000001"
"""
MOCK_CLIENT = client.Client(data=text_format.Parse(client_proto1,
client_pb2.ApiClient()),
context=True)
MOCK_CLIENT_RECENT = client.Client(data=text_format.Parse(
client_proto2, client_pb2.ApiClient()),
context=True)
MOCK_CLIENT_LIST = [MOCK_CLIENT, MOCK_CLIENT_RECENT]
MOCK_CLIENT_REF = client.ClientRef(MOCK_CLIENT.client_id, context=True)
flow_pb_terminated = flow_pb2.ApiFlow(urn="C.0000000000000001",
flow_id="F:12345",
state=flows_pb2.FlowContext.TERMINATED)
flow_pb_error = flow_pb2.ApiFlow(urn="C.0000000000000001",
flow_id="F:12345",
state=flows_pb2.FlowContext.ERROR)
MOCK_FLOW = flow.Flow(data=flow_pb_terminated, context=True)
MOCK_FLOW_ERROR = flow.Flow(data=flow_pb_error, context=True)
hunt_pb = hunt_pb2.ApiHunt(urn="hunts/12345", hunt_id="F:12345", state=1)
MOCK_HUNT = hunt.Hunt(data=hunt_pb)
# This has a more recent install_date and last_seen date than client_proto1
client_proto2 = """
urn: "aff4:/C.0000000000000001"
os_info {
system: "Linux"
release: "debian"
version: "buster/sid"
machine: "x86_64"
kernel: "4.9.0-3-amd64"
fqdn: "tomchop"
install_date: 1480414461020000
}
first_seen_at: 1480416002507491
last_seen_at: 1511174989892418
last_booted_at: 1507912328000000
last_clock: 1511174989272124
age: 1510710503319681
client_id: "C.0000000000000001"
"""
MOCK_CLIENT = client.Client(data=text_format.Parse(client_proto1,
client_pb2.ApiClient()),
context=True)
MOCK_CLIENT_RECENT = client.Client(data=text_format.Parse(
client_proto2, client_pb2.ApiClient()),
context=True)
MOCK_CLIENT_LIST = [MOCK_CLIENT, MOCK_CLIENT_RECENT]
flow_pb = flow_pb2.ApiFlow(urn="C.0000000000000001", flow_id="F:12345")
MOCK_FLOW = flow.Flow(data=flow_pb, context=True)
