plaso.cli.helpers package

Submodules

plaso.cli.helpers.analysis_plugins module

The analysis plugins CLI arguments helper.

class plaso.cli.helpers.analysis_plugins.AnalysisPluginsArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Analysis plugins CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Analysis plugins command line arguments.'

NAME = 'analysis_plugins'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

• BadConfigObject – when the configuration object is of the wrong type.

• BadConfigOption – when non-existing analysis plugins are specified.

plaso.cli.helpers.artifact_definitions module

The artifact definitions CLI arguments helper.

class plaso.cli.helpers.artifact_definitions.ArtifactDefinitionsArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Artifact definition CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Artifact definition command line arguments.'

NAME = 'artifact_definitions'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

• BadConfigObject – when the configuration object is of the wrong type.

• BadConfigOption – if the required artifact definitions are not defined.

plaso.cli.helpers.artifact_filters module

The artifacts filter file CLI arguments helper.

class plaso.cli.helpers.artifact_filters.ArtifactFiltersArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Artifacts filter file CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Artifact filters command line arguments.'

NAME = 'artifact_filters'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

• BadConfigObject – when the configuration object is of the wrong type.

• BadConfigOption – if the required artifact definitions are not defined.

plaso.cli.helpers.data_location module

The data location CLI arguments helper.

class plaso.cli.helpers.data_location.DataLocationArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Data location CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Data location command line arguments.'

NAME = 'data_location'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

• BadConfigObject – when the configuration object is of the wrong type.

• BadConfigOption – when the location of the data files cannot be determined.

plaso.cli.helpers.date_filters module

The date filters CLI arguments helper.

class plaso.cli.helpers.date_filters.DateFiltersArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Date filters CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Date filters command line arguments.'

NAME = 'date_filters'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

• BadConfigObject – when the configuration object is of the wrong type.

• BadConfigOption – when the date filter is badly formatted.

plaso.cli.helpers.dynamic_output module

The dynamic output module CLI arguments helper.

class plaso.cli.helpers.dynamic_output.DynamicOutputArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Dynamic output module CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'output'

DESCRIPTION = 'Argument helper for the dynamic output module.'

NAME = 'dynamic'

classmethod ParseOptions(options, output_module)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• output_module (OutputModule) – output module to configure.

Raises

• BadConfigObject – when the output module object is of the wrong type.

• BadConfigOption – when the output filename was not provided.

plaso.cli.helpers.elastic_output module

The Elastic Search output module CLI arguments helper.

class plaso.cli.helpers.elastic_output.ElasticSearchOutputArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Elastic Search output module CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'output'

DESCRIPTION = 'Argument helper for the Elastic Search output modules.'

NAME = 'elastic'

classmethod ParseOptions(options, output_module)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• output_module (OutputModule) – output module to configure.

Raises

• BadConfigObject – when the output module object is of the wrong type.

• BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.elastic_ts_output module

The Elastic Timesketch output module CLI arguments helper.

class plaso.cli.helpers.elastic_ts_output.ElasticTimesketchOutputArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Elastic Timesketch output module CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'output'

DESCRIPTION = 'Argument helper for the Elastic Timesketch output module.'

NAME = 'elastic_ts'

classmethod ParseOptions(options, output_module)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• output_module (OutputModule) – output module to configure.

Raises

• BadConfigObject – when the output module object is of the wrong type.

• BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.event_filters module

The event filters CLI arguments helper.

class plaso.cli.helpers.event_filters.EventFiltersArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Event filters CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Event filters command line arguments.'

NAME = 'event_filters'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

• BadConfigObject – when the configuration object is of the wrong type.

• BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.extraction module

The extraction CLI arguments helper.

class plaso.cli.helpers.extraction.ExtractionArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Extraction CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Extraction command line arguments.'

NAME = 'extraction'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.

plaso.cli.helpers.filter_file module

The filter file CLI arguments helper.

class plaso.cli.helpers.filter_file.FilterFileArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Filter file CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Filter file command line arguments.'

NAME = 'filter_file'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

• BadConfigObject – when the configuration object is of the wrong type.

• BadConfigOption – if the collection file does not exist.

plaso.cli.helpers.hashers module

The hashers CLI arguments helper.

class plaso.cli.helpers.hashers.HashersArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Hashers CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Hashers command line arguments.'

NAME = 'hashers'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

• BadConfigObject – when the configuration object is of the wrong type.

• BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.interface module

The arguments helper interface.

class plaso.cli.helpers.interface.ArgumentsHelper

Bases: object

CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = ''

DESCRIPTION = ''

NAME = 'baseline'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (object) – object to be configured by the argument helper.

Raises

• BadConfigObject – when the configuration object is of the wrong type.

• BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.language module

The language CLI arguments helper.

class plaso.cli.helpers.language.LanguageArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Language CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Language command line arguments.'

NAME = 'language'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.

plaso.cli.helpers.manager module

The CLI arguments helper manager objects.

class plaso.cli.helpers.manager.ArgumentHelperManager

Bases: object

Class that implements the CLI argument helper manager.

classmethod AddCommandLineArguments(argument_group, category=None, names=None)

Adds command line arguments to a configuration object.

Parameters

• argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

• category (Optional[str]) – category of helpers to apply to the group, such as storage, output, where None will apply the arguments to all helpers. The category can be used to add arguments to a specific group of registered helpers.

• names (Optional[list[str]]) – names of argument helpers to apply, where None will apply the arguments to all helpers.

classmethod DeregisterHelper(helper_class)

Deregisters a helper class.

The helper classes are identified based on their lower case name.

Parameters

helper_class (type) – class object of the argument helper.

Raises

KeyError – if helper class is not set for the corresponding name.

classmethod ParseOptions(options, config_object, category=None, names=None)

Parses and validates arguments using the appropriate helpers.

Parameters

• options (argparse.Namespace) – parser options.

• config_object (object) – object to be configured by an argument helper.

• category (Optional[str]) – category of helpers to apply to the group, such as storage, output, where None will apply the arguments to all helpers. The category can be used to add arguments to a specific group of registered helpers.

• names (Optional[list[str]]) – names of argument helpers to apply, where None will apply the arguments to all helpers.

classmethod RegisterHelper(helper_class)

Registers a helper class.

The helper classes are identified based on their lower case name.

Parameters

helper_class (type) – class object of the argument helper.

Raises

KeyError – if helper class is already set for the corresponding name.

classmethod RegisterHelpers(helper_classes)

Registers helper classes.

The helper classes are identified based on their lower case name.

Parameters

helper_classes (list[type]) – class objects of the argument helpers.

Raises

KeyError – if helper class is already set for the corresponding name.

plaso.cli.helpers.nsrlsvr_analysis module

The nsrlsvr analysis plugin CLI arguments helper.

class plaso.cli.helpers.nsrlsvr_analysis.NsrlsvrAnalysisArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Nsrlsvr analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – group to append arguments to.

CATEGORY = 'analysis'

DESCRIPTION = 'Argument helper for the nsrlsvr analysis plugin.'

NAME = 'nsrlsvr'

classmethod ParseOptions(options, analysis_plugin)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options object.

• analysis_plugin (NsrlsvrAnalysisPlugin) – analysis plugin to configure.

Raises

• BadConfigObject – when the analysis plugin is the wrong type.

• BadConfigOption – when unable to connect to nsrlsvr instance.

plaso.cli.helpers.output_modules module

The output modules CLI arguments helper.

class plaso.cli.helpers.output_modules.OutputModulesArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Output modules CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Output modules command line arguments.'

NAME = 'output_modules'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

• BadConfigObject – when the configuration object is of the wrong type.

• BadConfigOption – when the output format is not supported or the output is not provided or already exists.

plaso.cli.helpers.parsers module

The parsers CLI arguments helper.

class plaso.cli.helpers.parsers.ParsersArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Parsers CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Parsers command line arguments.'

NAME = 'parsers'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.

plaso.cli.helpers.process_resources module

The process resources CLI arguments helper.

class plaso.cli.helpers.process_resources.ProcessResourcesArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Process resources CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Process resources command line arguments.'

NAME = 'process_resources'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

• BadConfigObject – when the configuration object is of the wrong type.

• BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.profiling module

The profiling CLI arguments helper.

class plaso.cli.helpers.profiling.ProfilingArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Profiling CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DEFAULT_PROFILING_SAMPLE_RATE = 1000

DESCRIPTION = 'Profiling command line arguments.'

NAME = 'profiling'

PROFILERS_INFORMATION = {'analyzers': 'Profile CPU time of analyzers, like hashing', 'memory': 'Profile memory usage over time', 'parsers': 'Profile CPU time per parser', 'processing': 'Profile CPU time of processing phases', 'serializers': 'Profile CPU time of serialization', 'storage': 'Profile storage reads and writes', 'task_queue': 'Profile task queue status (multi-processing only)', 'tasks': 'Profile the status of tasks (multi-processing only)'}

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

• BadConfigObject – when the configuration object is of the wrong type.

• BadConfigOption – when the configuration options are missing or not supported.

plaso.cli.helpers.sessionize_analysis module

The sessionize analysis plugin CLI arguments helper.

class plaso.cli.helpers.sessionize_analysis.SessionizeAnalysisArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Sessionize analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'analysis'

DESCRIPTION = 'Argument helper for the Sessionize analysis plugin.'

NAME = 'sessionize'

classmethod ParseOptions(options, analysis_plugin)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• analysis_plugin (OutputModule) – analysis_plugin to configure.

Raises

• BadConfigObject – when the output module object is of the wrong type.

• BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.status_view module

The status view CLI arguments helper.

class plaso.cli.helpers.status_view.StatusViewArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Status view CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Status view command line arguments.'

NAME = 'status_view'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.

plaso.cli.helpers.storage_format module

The storage format CLI arguments helper.

class plaso.cli.helpers.storage_format.StorageFormatArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Storage format CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Storage format command line arguments.'

NAME = 'storage_format'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

• BadConfigObject – when the configuration object is of the wrong type.

• BadConfigOption – if the storage format or task storage is not defined or supported.

plaso.cli.helpers.tagging_analysis module

The tagging analysis plugin CLI arguments helper.

class plaso.cli.helpers.tagging_analysis.TaggingAnalysisArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Tagging analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'analysis'

DESCRIPTION = 'Argument helper for the Tagging analysis plugin.'

NAME = 'tagging'

classmethod ParseOptions(options, analysis_plugin)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• analysis_plugin (AnalysisPlugin) – analysis plugin to configure.

Raises

• BadConfigObject – when the output module object is of the wrong type.

• BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.temporary_directory module

The temporary directory CLI arguments helper.

class plaso.cli.helpers.temporary_directory.TemporaryDirectoryArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Temporary directory CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Temporary directory command line arguments.'

NAME = 'temporary_directory'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

• BadConfigObject – when the configuration object is of the wrong type.

• BadConfigOption – when the temporary directory does not exists.

plaso.cli.helpers.text_prepend module

The text prepend CLI arguments helper.

class plaso.cli.helpers.text_prepend.TextPrependArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Text prepend CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Text prepend command line arguments.'

NAME = 'text_prepend'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.

plaso.cli.helpers.vfs_backend module

The VFS back-end CLI arguments helper.

class plaso.cli.helpers.vfs_backend.VFSBackEndArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

VFS back-end CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'dfVFS back-end command line arguments.'

NAME = 'vfs_backend'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.

plaso.cli.helpers.viper_analysis module

The Viper analysis plugin CLI arguments helper.

class plaso.cli.helpers.viper_analysis.ViperAnalysisArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Viper analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'analysis'

DESCRIPTION = 'Argument helper for the Viper analysis plugin.'

NAME = 'viper'

classmethod ParseOptions(options, analysis_plugin)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• analysis_plugin (ViperAnalysisPlugin) – analysis plugin to configure.

Raises

• BadConfigObject – when the output module object is of the wrong type.

• BadConfigOption – when unable to connect to Viper instance.

plaso.cli.helpers.virustotal_analysis module

The VirusTotal analysis plugin CLI arguments helper.

class plaso.cli.helpers.virustotal_analysis.VirusTotalAnalysisArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

VirusTotal analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'analysis'

DESCRIPTION = 'Argument helper for the VirusTotal analysis plugin.'

NAME = 'virustotal'

classmethod ParseOptions(options, analysis_plugin)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• analysis_plugin (VirusTotalAnalysisPlugin) – analysis plugin to configure.

Raises

• BadConfigObject – when the output module object is of the wrong type.

• BadConfigOption – when a configuration parameter fails validation or when unable to connect to VirusTotal.

plaso.cli.helpers.windows_services_analysis module

The Windows Services analysis plugin CLI arguments helper.

class plaso.cli.helpers.windows_services_analysis.WindowsServicesAnalysisArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Windows Services analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'analysis'

DESCRIPTION = 'Argument helper for the Windows Services analysis plugin.'

NAME = 'windows_services'

classmethod ParseOptions(options, analysis_plugin)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• analysis_plugin (WindowsServicePlugin) – analysis plugin to configure.

Raises

BadConfigObject – when the output module object is of the wrong type.

plaso.cli.helpers.workers module

The worker processes CLI arguments helper.

class plaso.cli.helpers.workers.WorkersArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Worker processes CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Worker processes command line arguments.'

NAME = 'workers'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

• BadConfigObject – when the configuration object is of the wrong type.

• BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.xlsx_output module

The XLSX output module CLI arguments helper.

class plaso.cli.helpers.xlsx_output.XLSXOutputArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

XLSX output module CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'output'

DESCRIPTION = 'Argument helper for the XLSX output module.'

NAME = 'xlsx'

classmethod ParseOptions(options, output_module)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• output_module (XLSXOutputModule) – output module to configure.

Raises

• BadConfigObject – when the output module object is of the wrong type.

• BadConfigOption – when the output filename was not provided.

plaso.cli.helpers.yara_rules module

The YARA rules CLI arguments helper.

class plaso.cli.helpers.yara_rules.YaraRulesArgumentsHelper

Bases: plaso.cli.helpers.interface.ArgumentsHelper

YARA rules CLI arguments helper.

classmethod AddArguments(argument_group)

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'YARA rules command line arguments.'

NAME = 'yara_rules'

classmethod ParseOptions(options, configuration_object)

Parses and validates options.

Parameters

• options (argparse.Namespace) – parser options.

• configuration_object (CLITool) – object to be configured by the argument helper.

Raises

• BadConfigObject – when the configuration object is of the wrong type.

• BadConfigOption – when the Yara rules file cannot be read or parsed.

Module contents

This file imports Python modules that register CLI helpers.