def testAnalyzeEvents(self): """Tests the AnalyzeEvents function.""" test_file_path = self._GetTestFilePath(['psort_test.plaso']) self._SkipIfPathNotExists(test_file_path) session = sessions.Session() knowledge_base_object = knowledge_base.KnowledgeBase() output_mediator_object = output_mediator.OutputMediator( knowledge_base_object, data_location=shared_test_lib.TEST_DATA_PATH) output_mediator_object.SetPreferredLanguageIdentifier('en-US') output_module = null.NullOutputModule(output_mediator_object) data_location = '' analysis_plugin = tagging.TaggingAnalysisPlugin() analysis_plugins = {'tagging': analysis_plugin} # TODO: set tag file. configuration = configurations.ProcessingConfiguration() test_engine = psort.PsortMultiProcessEngine() with shared_test_lib.TempDirectory() as temp_directory: temp_file = os.path.join(temp_directory, 'storage.plaso') shutil.copyfile(test_file_path, temp_file) storage_writer = storage_factory.StorageFactory.CreateStorageWriter( definitions.DEFAULT_STORAGE_FORMAT, session, temp_file) counter = test_engine.AnalyzeEvents(knowledge_base_object, storage_writer, output_module, data_location, analysis_plugins, configuration) # TODO: assert if tests were successful. _ = counter test_filter = filters_test_lib.TestEventFilter() with shared_test_lib.TempDirectory() as temp_directory: temp_file = os.path.join(temp_directory, 'storage.plaso') shutil.copyfile(test_file_path, temp_file) storage_writer = storage_factory.StorageFactory.CreateStorageWriter( definitions.DEFAULT_STORAGE_FORMAT, session, temp_file) counter = test_engine.AnalyzeEvents(knowledge_base_object, storage_writer, data_location, analysis_plugins, configuration, event_filter=test_filter) # TODO: assert if tests were successful. _ = counter
def testAnalyzeEvents(self): """Tests the AnalyzeEvents function.""" storage_file_path = self._GetTestFilePath(['psort_test.json.plaso']) session = sessions.Session() knowledge_base_object = knowledge_base.KnowledgeBase() formatter_mediator = formatters_mediator.FormatterMediator() formatter_mediator.SetPreferredLanguageIdentifier('en-US') output_mediator_object = output_mediator.OutputMediator( knowledge_base_object, formatter_mediator) output_module = null.NullOutputModule(output_mediator_object) data_location = '' analysis_plugin = tagging.TaggingAnalysisPlugin() analysis_plugins = {'tagging': analysis_plugin} # TODO: set tag file. test_engine = psort.PsortMultiProcessEngine() with shared_test_lib.TempDirectory() as temp_directory: temp_file = os.path.join(temp_directory, 'storage.plaso') shutil.copyfile(storage_file_path, temp_file) storage_writer = storage_zip_file.ZIPStorageFileWriter( session, temp_file) counter = test_engine.AnalyzeEvents(knowledge_base_object, storage_writer, output_module, data_location, analysis_plugins) # TODO: assert if tests were successful. _ = counter test_filter = filters_test_lib.TestEventFilter() with shared_test_lib.TempDirectory() as temp_directory: temp_file = os.path.join(temp_directory, 'storage.plaso') shutil.copyfile(storage_file_path, temp_file) storage_writer = storage_zip_file.ZIPStorageFileWriter( session, temp_file) counter = test_engine.AnalyzeEvents(knowledge_base_object, storage_writer, data_location, analysis_plugins, event_filter=test_filter) # TODO: assert if tests were successful. _ = counter
def testAnalyzeEventsWithEventFilter(self): """Tests the AnalyzeEvents function with an event filter.""" test_file_path = self._GetTestFilePath(['psort_test.plaso']) self._SkipIfPathNotExists(test_file_path) test_tagging_file_path = self._GetTestFilePath( ['tagging_file', 'valid.txt']) self._SkipIfPathNotExists(test_tagging_file_path) session = sessions.Session() knowledge_base_object = knowledge_base.KnowledgeBase() data_location = '' analysis_plugin = tagging.TaggingAnalysisPlugin() analysis_plugin.SetAndLoadTagFile(test_tagging_file_path) analysis_plugins = {'tagging': analysis_plugin} configuration = configurations.ProcessingConfiguration() test_engine = analysis_engine.AnalysisMultiProcessEngine() test_filter = filters_test_lib.TestEventFilter() with shared_test_lib.TempDirectory() as temp_directory: temp_file = os.path.join(temp_directory, 'storage.plaso') shutil.copyfile(test_file_path, temp_file) storage_writer = storage_factory.StorageFactory.CreateStorageWriter( definitions.DEFAULT_STORAGE_FORMAT) storage_writer.Open(path=temp_file) try: number_of_reports = storage_writer.GetNumberOfAttributeContainers( 'analysis_report') self.assertEqual(number_of_reports, 2) test_engine.AnalyzeEvents(session, knowledge_base_object, storage_writer, data_location, analysis_plugins, configuration, event_filter=test_filter, storage_file_path=temp_directory) number_of_reports = storage_writer.GetNumberOfAttributeContainers( 'analysis_report') self.assertEqual(number_of_reports, 3) finally: storage_writer.Close()
def testInternalAnalyzeEvents(self): """Tests the _AnalyzeEvents function.""" session = sessions.Session() knowledge_base_object = knowledge_base.KnowledgeBase() test_engine = psort.PsortMultiProcessEngine() test_plugin = TestAnalysisPlugin() with shared_test_lib.TempDirectory() as temp_directory: temp_file = os.path.join(temp_directory, u'storage.plaso') self._CreateTestStorageFile(temp_file) storage_writer = storage_zip_file.ZIPStorageFileWriter( session, temp_file) storage_writer.StartTaskStorage() storage_writer.Open() storage_writer.ReadPreprocessingInformation(knowledge_base_object) # TODO: implement, this currently loops infinite. # test_engine._AnalyzeEvents(storage_writer, [test_plugin]) storage_writer.Close() test_filter = filters_test_lib.TestEventFilter() with shared_test_lib.TempDirectory() as temp_directory: temp_file = os.path.join(temp_directory, u'storage.plaso') self._CreateTestStorageFile(temp_file) storage_writer = storage_zip_file.ZIPStorageFileWriter( session, temp_file) storage_writer.StartTaskStorage() storage_writer.Open() storage_writer.ReadPreprocessingInformation(knowledge_base_object) # TODO: implement, this currently loops infinite. _ = test_engine _ = test_plugin _ = test_filter # test_engine._AnalyzeEvents( # storage_writer, [test_plugin], event_filter=test_filter) storage_writer.Close()
def testInternalAnalyzeEvents(self): """Tests the _AnalyzeEvents function.""" session = sessions.Session() knowledge_base_object = knowledge_base.KnowledgeBase() test_engine = psort.PsortMultiProcessEngine() test_plugin = TestAnalysisPlugin() with shared_test_lib.TempDirectory() as temp_directory: temp_file = os.path.join(temp_directory, 'storage.plaso') self._CreateTestStorageFile(temp_file) self._ReadSessionConfiguration(temp_file, knowledge_base_object) storage_writer = storage_factory.StorageFactory.CreateStorageWriter( definitions.DEFAULT_STORAGE_FORMAT, session, temp_file) storage_writer.StartTaskStorage() storage_writer.Open() # TODO: implement, this currently loops infinite. # test_engine._AnalyzeEvents(storage_writer, [test_plugin]) storage_writer.Close() test_filter = filters_test_lib.TestEventFilter() with shared_test_lib.TempDirectory() as temp_directory: temp_file = os.path.join(temp_directory, 'storage.plaso') self._CreateTestStorageFile(temp_file) self._ReadSessionConfiguration(temp_file, knowledge_base_object) storage_writer = storage_factory.StorageFactory.CreateStorageWriter( definitions.DEFAULT_STORAGE_FORMAT, session, temp_file) storage_writer.StartTaskStorage() storage_writer.Open() # TODO: implement, this currently loops infinite. _ = test_engine _ = test_plugin _ = test_filter # test_engine._AnalyzeEvents( # storage_writer, [test_plugin], event_filter=test_filter) storage_writer.Close()