plaso.cli.helpers package

Submodules

plaso.cli.helpers.analysis_plugins module

The analysis plugins CLI arguments helper.

class plaso.cli.helpers.analysis_plugins.AnalysisPluginsArgumentsHelper[source]

Bases: ArgumentsHelper

Analysis plugins CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Analysis plugins command line arguments.'

NAME = 'analysis_plugins'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when non-existing analysis plugins are specified.

plaso.cli.helpers.archives module

The archives CLI arguments helper.

class plaso.cli.helpers.archives.ArchivesArgumentsHelper[source]

Bases: ArgumentsHelper

Archives CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Archive command line arguments.'

NAME = 'archives'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.artifact_definitions module

The artifact definitions CLI arguments helper.

class plaso.cli.helpers.artifact_definitions.ArtifactDefinitionsArgumentsHelper[source]

Bases: ArgumentsHelper

Artifact definition CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Artifact definition command line arguments.'

NAME = 'artifact_definitions'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – if the required artifact definitions are not defined.

plaso.cli.helpers.artifact_filters module

The artifacts filter file CLI arguments helper.

class plaso.cli.helpers.artifact_filters.ArtifactFiltersArgumentsHelper[source]

Bases: ArgumentsHelper

Artifacts filter file CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Artifact filters command line arguments.'

NAME = 'artifact_filters'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – if the required artifact definitions are not defined.

plaso.cli.helpers.bloom_analysis module

The bloom database analysis plugin CLI arguments helper.

class plaso.cli.helpers.bloom_analysis.BloomAnalysisArgumentsHelper[source]

Bases: ArgumentsHelper

Bloom database analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – group to append arguments to.

CATEGORY = 'analysis'

DESCRIPTION = 'Argument helper for the bloom database analysis plugin.'

NAME = 'bloom'

classmethod ParseOptions(options, analysis_plugin)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options object.
analysis_plugin (BloomAnalysisPlugin) – analysis plugin to configure.

Raises:

BadConfigObject – when the analysis plugin is the wrong type.
BadConfigOption – when unable to load the bloom database file.

plaso.cli.helpers.codepage module

The codepage CLI arguments helper.

class plaso.cli.helpers.codepage.CodepageArgumentsHelper[source]

Bases: ArgumentsHelper

Codepage CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Codepage command line arguments.'

NAME = 'codepage'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when the codepage tag is not supported.

plaso.cli.helpers.data_location module

The data location CLI arguments helper.

class plaso.cli.helpers.data_location.DataLocationArgumentsHelper[source]

Bases: ArgumentsHelper

Data location CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Data location command line arguments.'

NAME = 'data_location'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when the location of the data files cannot be determined.

plaso.cli.helpers.date_filters module

The date filters CLI arguments helper.

class plaso.cli.helpers.date_filters.DateFiltersArgumentsHelper[source]

Bases: ArgumentsHelper

Date filters CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Date filters command line arguments.'

NAME = 'date_filters'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when the date filter is badly formatted.

plaso.cli.helpers.dynamic_output module

The dynamic output module CLI arguments helper.

class plaso.cli.helpers.dynamic_output.DynamicOutputArgumentsHelper[source]

Bases: ArgumentsHelper

Dynamic output module CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'output'

DESCRIPTION = 'Argument helper for the dynamic output module.'

NAME = 'dynamic'

classmethod ParseOptions(options, output_module)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
output_module (OutputModule) – output module to configure.

Raises:

BadConfigObject – when the output module object is of the wrong type.
BadConfigOption – when the output filename was not provided.

plaso.cli.helpers.event_filters module

The event filters CLI arguments helper.

class plaso.cli.helpers.event_filters.EventFiltersArgumentsHelper[source]

Bases: ArgumentsHelper

Event filters CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Event filters command line arguments.'

NAME = 'event_filters'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.extraction module

The extraction CLI arguments helper.

class plaso.cli.helpers.extraction.ExtractionArgumentsHelper[source]

Bases: ArgumentsHelper

Extraction CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Extraction command line arguments.'

NAME = 'extraction'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.

plaso.cli.helpers.filter_file module

The filter file CLI arguments helper.

class plaso.cli.helpers.filter_file.FilterFileArgumentsHelper[source]

Bases: ArgumentsHelper

Filter file CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Filter file command line arguments.'

NAME = 'filter_file'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – if the collection file does not exist.

plaso.cli.helpers.hashers module

The hashers CLI arguments helper.

class plaso.cli.helpers.hashers.HashersArgumentsHelper[source]

Bases: ArgumentsHelper

Hashers CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Hashers command line arguments.'

NAME = 'hashers'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.interface module

The arguments helper interface.

class plaso.cli.helpers.interface.ArgumentsHelper[source]

Bases: object

CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = ''

DESCRIPTION = ''

NAME = 'baseline'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (object) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.language module

The language CLI arguments helper.

class plaso.cli.helpers.language.LanguageArgumentsHelper[source]

Bases: ArgumentsHelper

Language CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Language command line arguments.'

NAME = 'language'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when the language tag is not supported.

plaso.cli.helpers.manager module

The CLI arguments helper manager objects.

class plaso.cli.helpers.manager.ArgumentHelperManager[source]

Bases: object

Class that implements the CLI argument helper manager.

classmethod AddCommandLineArguments(argument_group, category=None, names=None)[source]

Adds command line arguments to a configuration object.

Parameters:

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.
category (Optional[str]) – category of helpers to apply to the group, such as storage, output, where None will apply the arguments to all helpers. The category can be used to add arguments to a specific group of registered helpers.
names (Optional[list[str]]) – names of argument helpers to apply, where None will apply the arguments to all helpers.

classmethod DeregisterHelper(helper_class)[source]

Deregisters a helper class.

The helper classes are identified based on their lower case name.

Parameters:: helper_class (type) – class object of the argument helper.
Raises:: KeyError – if helper class is not set for the corresponding name.

classmethod ParseOptions(options, config_object, category=None, names=None)[source]

Parses and validates arguments using the appropriate helpers.

Parameters:

options (argparse.Namespace) – parser options.
config_object (object) – object to be configured by an argument helper.
category (Optional[str]) – category of helpers to apply to the group, such as storage, output, where None will apply the arguments to all helpers. The category can be used to add arguments to a specific group of registered helpers.
names (Optional[list[str]]) – names of argument helpers to apply, where None will apply the arguments to all helpers.

classmethod RegisterHelper(helper_class)[source]

Registers a helper class.

The helper classes are identified based on their lower case name.

Parameters:: helper_class (type) – class object of the argument helper.
Raises:: KeyError – if helper class is already set for the corresponding name.

classmethod RegisterHelpers(helper_classes)[source]

Registers helper classes.

The helper classes are identified based on their lower case name.

Parameters:: helper_classes (list[type]) – class objects of the argument helpers.
Raises:: KeyError – if helper class is already set for the corresponding name.

plaso.cli.helpers.nsrlsvr_analysis module

The nsrlsvr analysis plugin CLI arguments helper.

class plaso.cli.helpers.nsrlsvr_analysis.NsrlsvrAnalysisArgumentsHelper[source]

Bases: ArgumentsHelper

Nsrlsvr analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – group to append arguments to.

CATEGORY = 'analysis'

DESCRIPTION = 'Argument helper for the nsrlsvr analysis plugin.'

NAME = 'nsrlsvr'

classmethod ParseOptions(options, analysis_plugin)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options object.
analysis_plugin (NsrlsvrAnalysisPlugin) – analysis plugin to configure.

Raises:

BadConfigObject – when the analysis plugin is the wrong type.
BadConfigOption – when unable to connect to nsrlsvr instance.

plaso.cli.helpers.opensearch_output module

The OpenSearch output module CLI arguments helper.

class plaso.cli.helpers.opensearch_output.OpenSearchOutputArgumentsHelper[source]

Bases: ArgumentsHelper

OpenSearch output module CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'output'

DESCRIPTION = 'Argument helper for the OpenSearch output modules.'

NAME = 'opensearch'

classmethod ParseOptions(options, output_module)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
output_module (OutputModule) – output module to configure.

Raises:

BadConfigObject – when the output module object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.opensearch_ts_output module

The OpenSearch Timesketch output module CLI arguments helper.

class plaso.cli.helpers.opensearch_ts_output.OpenSearchTimesketchOutputArgumentsHelper[source]

Bases: ArgumentsHelper

OpenSearch Timesketch output module CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'output'

DESCRIPTION = 'Argument helper for the OpenSearch Timesketch output module.'

NAME = 'opensearch_ts'

classmethod ParseOptions(options, output_module)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
output_module (OutputModule) – output module to configure.

Raises:

BadConfigObject – when the output module object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.output_modules module

The output modules CLI arguments helper.

class plaso.cli.helpers.output_modules.OutputModulesArgumentsHelper[source]

Bases: ArgumentsHelper

Output modules CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Output modules command line arguments.'

NAME = 'output_modules'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when the output format is not supported or the output is not provided or already exists.

plaso.cli.helpers.parsers module

The parsers CLI arguments helper.

class plaso.cli.helpers.parsers.ParsersArgumentsHelper[source]

Bases: ArgumentsHelper

Parsers CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Parsers command line arguments.'

NAME = 'parsers'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.

plaso.cli.helpers.process_resources module

The process resources CLI arguments helper.

class plaso.cli.helpers.process_resources.ProcessResourcesArgumentsHelper[source]

Bases: ArgumentsHelper

Process resources CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Process resources command line arguments.'

NAME = 'process_resources'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.profiling module

The profiling CLI arguments helper.

class plaso.cli.helpers.profiling.ProfilingArgumentsHelper[source]

Bases: ArgumentsHelper

Profiling CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DEFAULT_PROFILING_SAMPLE_RATE = 1000

DESCRIPTION = 'Profiling command line arguments.'

NAME = 'profiling'

PROFILERS_INFORMATION = {'analyzers': 'Profile CPU time of analyzers, like hashing', 'format_checks': 'Profile CPU time per format check', 'memory': 'Profile memory usage over time', 'parsers': 'Profile CPU time per parser', 'processing': 'Profile CPU time of processing phases', 'serializers': 'Profile CPU time of serialization', 'storage': 'Profile storage reads and writes', 'task_queue': 'Profile task queue status (multi-processing only)', 'tasks': 'Profile the status of tasks (multi-processing only)'}

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when the configuration options are missing or not supported.

plaso.cli.helpers.sessionize_analysis module

The sessionize analysis plugin CLI arguments helper.

class plaso.cli.helpers.sessionize_analysis.SessionizeAnalysisArgumentsHelper[source]

Bases: ArgumentsHelper

Sessionize analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'analysis'

DESCRIPTION = 'Argument helper for the Sessionize analysis plugin.'

NAME = 'sessionize'

classmethod ParseOptions(options, analysis_plugin)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
analysis_plugin (OutputModule) – analysis_plugin to configure.

Raises:

BadConfigObject – when the output module object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.status_view module

The status view CLI arguments helper.

class plaso.cli.helpers.status_view.StatusViewArgumentsHelper[source]

Bases: ArgumentsHelper

Status view CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Status view command line arguments.'

NAME = 'status_view'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.storage_format module

The storage format CLI arguments helper.

class plaso.cli.helpers.storage_format.StorageFormatArgumentsHelper[source]

Bases: ArgumentsHelper

Storage format CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Storage format command line arguments.'

NAME = 'storage_format'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – if the storage format or task storage is not defined or supported.

plaso.cli.helpers.tagging_analysis module

The tagging analysis plugin CLI arguments helper.

class plaso.cli.helpers.tagging_analysis.TaggingAnalysisArgumentsHelper[source]

Bases: ArgumentsHelper

Tagging analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'analysis'

DESCRIPTION = 'Argument helper for the Tagging analysis plugin.'

NAME = 'tagging'

classmethod ParseOptions(options, analysis_plugin)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
analysis_plugin (AnalysisPlugin) – analysis plugin to configure.

Raises:

BadConfigObject – when the output module object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.temporary_directory module

The temporary directory CLI arguments helper.

class plaso.cli.helpers.temporary_directory.TemporaryDirectoryArgumentsHelper[source]

Bases: ArgumentsHelper

Temporary directory CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Temporary directory command line arguments.'

NAME = 'temporary_directory'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when the temporary directory does not exists.

plaso.cli.helpers.vfs_backend module

The VFS back-end CLI arguments helper.

class plaso.cli.helpers.vfs_backend.VFSBackEndArgumentsHelper[source]

Bases: ArgumentsHelper

VFS back-end CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'dfVFS back-end command line arguments.'

NAME = 'vfs_backend'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.

plaso.cli.helpers.viper_analysis module

The Viper analysis plugin CLI arguments helper.

class plaso.cli.helpers.viper_analysis.ViperAnalysisArgumentsHelper[source]

Bases: ArgumentsHelper

Viper analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'analysis'

DESCRIPTION = 'Argument helper for the Viper analysis plugin.'

NAME = 'viper'

classmethod ParseOptions(options, analysis_plugin)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
analysis_plugin (ViperAnalysisPlugin) – analysis plugin to configure.

Raises:

BadConfigObject – when the output module object is of the wrong type.
BadConfigOption – when unable to connect to Viper instance.

plaso.cli.helpers.virustotal_analysis module

The VirusTotal analysis plugin CLI arguments helper.

class plaso.cli.helpers.virustotal_analysis.VirusTotalAnalysisArgumentsHelper[source]

Bases: ArgumentsHelper

VirusTotal analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'analysis'

DESCRIPTION = 'Argument helper for the VirusTotal analysis plugin.'

NAME = 'virustotal'

classmethod ParseOptions(options, analysis_plugin)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
analysis_plugin (VirusTotalAnalysisPlugin) – analysis plugin to configure.

Raises:

BadConfigObject – when the output module object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation or when unable to connect to VirusTotal.

plaso.cli.helpers.workers module

The worker processes CLI arguments helper.

class plaso.cli.helpers.workers.WorkersArgumentsHelper[source]

Bases: ArgumentsHelper

Worker processes CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Worker processes command line arguments.'

NAME = 'workers'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.xlsx_output module

The XLSX output module CLI arguments helper.

class plaso.cli.helpers.xlsx_output.XLSXOutputArgumentsHelper[source]

Bases: ArgumentsHelper

XLSX output module CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'output'

DESCRIPTION = 'Argument helper for the XLSX output module.'

NAME = 'xlsx'

classmethod ParseOptions(options, output_module)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
output_module (XLSXOutputModule) – output module to configure.

Raises:

BadConfigObject – when the output module object is of the wrong type.
BadConfigOption – when the output filename was not provided.

plaso.cli.helpers.yara_rules module

The YARA rules CLI arguments helper.

class plaso.cli.helpers.yara_rules.YaraRulesArgumentsHelper[source]

Bases: ArgumentsHelper

YARA rules CLI arguments helper.

classmethod AddArguments(argument_group)[source]

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters:: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'YARA rules command line arguments.'

NAME = 'yara_rules'

classmethod ParseOptions(options, configuration_object)[source]

Parses and validates options.

Parameters:

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises:

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when the Yara rules file cannot be read or parsed.

Module contents

This file imports Python modules that register CLI helpers.