def GetPlatformInfo(self, _):
self.response_count += 1
return [
rdf_client.Uname(system=self.system,
fqdn=self.fqdn,
release=self.release,
version=self.version,
kernel=self.kernel,
machine="i386")
]
def InitFromClientObject(
self, client_obj: rdf_objects.ClientSnapshot) -> "ApiClient":
# TODO(amoser): Deprecate all urns.
self.urn = client_obj.client_id
self.client_id = client_obj.client_id
if client_obj.metadata and client_obj.metadata.source_flow_id:
self.source_flow_id = client_obj.metadata.source_flow_id
self.agent_info = client_obj.startup_info.client_info
self.hardware_info = client_obj.hardware_info
os_info = rdf_client.Uname()
if client_obj.os_version:
os_info.version = client_obj.os_version
if client_obj.os_release:
os_info.release = client_obj.os_release
if client_obj.kernel:
os_info.kernel = client_obj.kernel
if client_obj.arch:
os_info.machine = client_obj.arch
if client_obj.install_time:
os_info.install_date = client_obj.install_time
kb = client_obj.knowledge_base
if kb:
self.knowledge_base = kb
if kb.os:
os_info.system = kb.os
if kb.fqdn:
os_info.fqdn = kb.fqdn
# TODO(amoser): Deprecate this field in favor of the kb.
if kb.users:
self.users = sorted(kb.users, key=lambda user: user.username)
self.os_info = os_info
if client_obj.interfaces:
self.interfaces = client_obj.interfaces
if client_obj.volumes:
self.volumes = client_obj.volumes
if client_obj.cloud_instance:
self.cloud_instance = client_obj.cloud_instance
self.age = client_obj.timestamp
if client_obj.memory_size:
self.memory_size = client_obj.memory_size
if client_obj.startup_info.boot_time:
self.last_booted_at = client_obj.startup_info.boot_time
return self
def InitFromClientObject(self, client_obj):
# TODO(amoser): Deprecate all urns.
self.urn = client_obj.client_id
self.client_id = client_obj.client_id
self.agent_info = client_obj.startup_info.client_info
self.hardware_info = client_obj.hardware_info
os_info = rdf_client.Uname()
if client_obj.os_version:
os_info.version = client_obj.os_version
if client_obj.os_release:
os_info.release = client_obj.os_release
if client_obj.kernel:
os_info.kernel = client_obj.kernel
if client_obj.arch:
os_info.machine = client_obj.arch
if client_obj.install_time:
os_info.install_date = client_obj.install_time
kb = client_obj.knowledge_base
if kb:
self.knowledge_base = kb
if kb.os:
os_info.system = kb.os
if kb.fqdn:
os_info.fqdn = kb.fqdn
# TODO(amoser): Deprecate this field in favor of the kb.
if kb.users:
self.users = sorted(kb.users, key=lambda user: user.username)
self.os_info = os_info
if client_obj.interfaces:
self.interfaces = client_obj.interfaces
if client_obj.volumes:
self.volumes = client_obj.volumes
if client_obj.cloud_instance:
self.cloud_instance = client_obj.cloud_instance
# TODO(amoser): This should be removed in favor of a timestamp field.
# Without self.Set self.age would reference "age" attribute instead of a
# protobuf field.
self.Set("age", client_obj.timestamp)
if client_obj.memory_size:
self.memory_size = client_obj.memory_size
if client_obj.startup_info.boot_time:
self.last_booted_at = client_obj.startup_info.boot_time
return self
def InitFromAff4Object(self, client_obj, include_metadata=True):
# TODO(amoser): Deprecate all urns.
self.urn = client_obj.urn
self.client_id = client_obj.urn.Basename()
self.agent_info = client_obj.Get(client_obj.Schema.CLIENT_INFO)
self.hardware_info = client_obj.Get(client_obj.Schema.HARDWARE_INFO)
self.os_info = rdf_client.Uname(
system=client_obj.Get(client_obj.Schema.SYSTEM),
release=client_obj.Get(client_obj.Schema.OS_RELEASE),
# TODO(user): Check if ProtoString.Validate should be fixed
# to do an isinstance() check on a value. Is simple type
# equality check used there for performance reasons?
version=utils.SmartStr(
client_obj.Get(client_obj.Schema.OS_VERSION, "")),
kernel=client_obj.Get(client_obj.Schema.KERNEL),
machine=client_obj.Get(client_obj.Schema.ARCH),
fqdn=(client_obj.Get(client_obj.Schema.FQDN)
or client_obj.Get(client_obj.Schema.HOSTNAME)),
install_date=client_obj.Get(client_obj.Schema.INSTALL_DATE))
self.knowledge_base = client_obj.Get(client_obj.Schema.KNOWLEDGE_BASE)
self.memory_size = client_obj.Get(client_obj.Schema.MEMORY_SIZE)
self.first_seen_at = client_obj.Get(client_obj.Schema.FIRST_SEEN)
if include_metadata:
ping = client_obj.Get(client_obj.Schema.PING)
if ping:
self.last_seen_at = ping
booted = client_obj.Get(client_obj.Schema.LAST_BOOT_TIME)
if booted:
self.last_booted_at = booted
clock = client_obj.Get(client_obj.Schema.CLOCK)
if clock:
self.last_clock = clock
last_crash = client_obj.Get(client_obj.Schema.LAST_CRASH)
if last_crash is not None:
self.last_crash_at = last_crash.timestamp
self.fleetspeak_enabled = bool(
client_obj.Get(client_obj.Schema.FLEETSPEAK_ENABLED))
self.labels = [
rdf_objects.ClientLabel(name=l.name, owner=l.owner)
for l in client_obj.GetLabels()
]
self.interfaces = client_obj.Get(client_obj.Schema.INTERFACES)
kb = client_obj.Get(client_obj.Schema.KNOWLEDGE_BASE)
if kb and kb.users:
self.users = sorted(kb.users, key=lambda user: user.username)
self.volumes = client_obj.Get(client_obj.Schema.VOLUMES)
type_obj = client_obj.Get(client_obj.Schema.TYPE)
if type_obj:
# Without self.Set self.age would reference "age" attribute instead of a
# protobuf field.
self.Set("age", type_obj.age)
self.cloud_instance = client_obj.Get(client_obj.Schema.CLOUD_INSTANCE)
return self
