plaso.cli.helpers package¶

Submodules¶

plaso.cli.helpers.analysis_plugins module¶

The analysis plugins CLI arguments helper.

class plaso.cli.helpers.analysis_plugins.AnalysisPluginsArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Analysis plugins CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Analysis plugins command line arguments.'¶

NAME = 'analysis_plugins'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when non-existing analysis plugins are specified.

plaso.cli.helpers.artifact_definitions module¶

The artifact definitions CLI arguments helper.

class plaso.cli.helpers.artifact_definitions.ArtifactDefinitionsArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Artifact definition CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Artifact definition command line arguments.'¶

NAME = 'artifact_definitions'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – if the required artifact definitions are not defined.

plaso.cli.helpers.artifact_filters module¶

The artifacts filter file CLI arguments helper.

class plaso.cli.helpers.artifact_filters.ArtifactFiltersArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Artifacts filter file CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Artifact filters command line arguments.'¶

NAME = 'artifact_filters'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – if the required artifact definitions are not defined.

plaso.cli.helpers.data_location module¶

The data location CLI arguments helper.

class plaso.cli.helpers.data_location.DataLocationArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Data location CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Data location command line arguments.'¶

NAME = 'data_location'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when the location of the data files cannot be determined.

plaso.cli.helpers.database_config module¶

The database configuration CLI arguments helper.

class plaso.cli.helpers.database_config.DatabaseArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Database configuration CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Argument helper for a database configuration.'¶

NAME = 'database_config'¶

classmethod ParseOptions(options, output_module)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
output_module (OutputModule) – output module to configure.

Raises

BadConfigObject – when the output module object does not have the SetCredentials or SetDatabaseName methods.

plaso.cli.helpers.date_filters module¶

The date filters CLI arguments helper.

class plaso.cli.helpers.date_filters.DateFiltersArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Date filters CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Date filters command line arguments.'¶

NAME = 'date_filters'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when the date filter is badly formatted.

plaso.cli.helpers.dynamic_output module¶

The dynamic output module CLI arguments helper.

class plaso.cli.helpers.dynamic_output.DynamicOutputArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Dynamic output module CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'output'¶

DESCRIPTION = 'Argument helper for the dynamic output module.'¶

NAME = 'dynamic'¶

classmethod ParseOptions(options, output_module)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
output_module (OutputModule) – output module to configure.

Raises

BadConfigObject – when the output module object is of the wrong type.
BadConfigOption – when the output filename was not provided.

plaso.cli.helpers.elastic_output module¶

The Elastic Search output module CLI arguments helper.

class plaso.cli.helpers.elastic_output.ElasticSearchOutputArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Elastic Search output module CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'output'¶

DESCRIPTION = 'Argument helper for the Elastic Search output modules.'¶

NAME = 'elastic'¶

classmethod ParseOptions(options, output_module)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
output_module (OutputModule) – output module to configure.

Raises

BadConfigObject – when the output module object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

class plaso.cli.helpers.elastic_output.ElasticSearchServerArgumentsHelper[source]¶

Bases: plaso.cli.helpers.server_config.ServerArgumentsHelper

Elastic Search server CLI arguments helper.

plaso.cli.helpers.event_filters module¶

The event filters CLI arguments helper.

class plaso.cli.helpers.event_filters.EventFiltersArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Event filters CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Event filters command line arguments.'¶

NAME = 'event_filters'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.extraction module¶

The extraction CLI arguments helper.

class plaso.cli.helpers.extraction.ExtractionArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Extraction CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Extraction command line arguments.'¶

NAME = 'extraction'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.

plaso.cli.helpers.filter_file module¶

The filter file CLI arguments helper.

class plaso.cli.helpers.filter_file.FilterFileArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Filter file CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Filter file command line arguments.'¶

NAME = 'filter_file'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – if the collection file does not exist.

plaso.cli.helpers.hashers module¶

The hashers CLI arguments helper.

class plaso.cli.helpers.hashers.HashersArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Hashers CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Hashers command line arguments.'¶

NAME = 'hashers'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.interface module¶

The arguments helper interface.

class plaso.cli.helpers.interface.ArgumentsHelper[source]¶

Bases: object

CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = ''¶

DESCRIPTION = ''¶

NAME = 'baseline'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (object) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.language module¶

The language CLI arguments helper.

class plaso.cli.helpers.language.LanguageArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Language CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Language command line arguments.'¶

NAME = 'language'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.

plaso.cli.helpers.manager module¶

The CLI arguments helper manager objects.

class plaso.cli.helpers.manager.ArgumentHelperManager[source]¶

Bases: object

Class that implements the CLI argument helper manager.

classmethod AddCommandLineArguments(argument_group, category=None, names=None)[source]¶

Adds command line arguments to a configuration object.

Parameters

argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.
category (Optional[str]) – category of helpers to apply to the group, such as storage, output, where None will apply the arguments to all helpers. The category can be used to add arguments to a specific group of registered helpers.
names (Optional[list[str]]) – names of argument helpers to apply, where None will apply the arguments to all helpers.

classmethod DeregisterHelper(helper_class)[source]¶

Deregisters a helper class.

The helper classes are identified based on their lower case name.

Parameters: helper_class (type) – class object of the argument helper.
Raises: KeyError – if helper class is not set for the corresponding name.

classmethod ParseOptions(options, config_object, category=None, names=None)[source]¶

Parses and validates arguments using the appropriate helpers.

Parameters

options (argparse.Namespace) – parser options.
config_object (object) – object to be configured by an argument helper.
category (Optional[str]) – category of helpers to apply to the group, such as storage, output, where None will apply the arguments to all helpers. The category can be used to add arguments to a specific group of registered helpers.
names (Optional[list[str]]) – names of argument helpers to apply, where None will apply the arguments to all helpers.

classmethod RegisterHelper(helper_class)[source]¶

Registers a helper class.

The helper classes are identified based on their lower case name.

Parameters: helper_class (type) – class object of the argument helper.
Raises: KeyError – if helper class is already set for the corresponding name.

classmethod RegisterHelpers(helper_classes)[source]¶

Registers helper classes.

The helper classes are identified based on their lower case name.

Parameters: helper_classes (list[type]) – class objects of the argument helpers.
Raises: KeyError – if helper class is already set for the corresponding name.

plaso.cli.helpers.nsrlsvr_analysis module¶

The nsrlsvr analysis plugin CLI arguments helper.

class plaso.cli.helpers.nsrlsvr_analysis.NsrlsvrAnalysisArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Nsrlsvr analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – group to append arguments to.

CATEGORY = 'analysis'¶

DESCRIPTION = 'Argument helper for the nsrlsvr analysis plugin.'¶

NAME = 'nsrlsvr'¶

classmethod ParseOptions(options, analysis_plugin)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options object.
analysis_plugin (NsrlsvrAnalysisPlugin) – analysis plugin to configure.

Raises

BadConfigObject – when the analysis plugin is the wrong type.
BadConfigOption – when unable to connect to nsrlsvr instance.

plaso.cli.helpers.output_modules module¶

The output modules CLI arguments helper.

class plaso.cli.helpers.output_modules.OutputModulesArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Output modules CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Output modules command line arguments.'¶

NAME = 'output_modules'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when the output format is not supported or the output is not provided or already exists.

plaso.cli.helpers.parsers module¶

The parsers CLI arguments helper.

class plaso.cli.helpers.parsers.ParsersArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Parsers CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Parsers command line arguments.'¶

NAME = 'parsers'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.

plaso.cli.helpers.process_resources module¶

The process resources CLI arguments helper.

class plaso.cli.helpers.process_resources.ProcessResourcesArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Process resources CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Process resources command line arguments.'¶

NAME = 'process_resources'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.profiling module¶

The profiling CLI arguments helper.

class plaso.cli.helpers.profiling.ProfilingArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Profiling CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DEFAULT_PROFILING_SAMPLE_RATE = 1000¶

DESCRIPTION = 'Profiling command line arguments.'¶

NAME = 'profiling'¶

PROFILERS_INFORMATION = {'analyzers': 'Profile CPU time of analyzers, like hashing', 'memory': 'Profile memory usage over time', 'parsers': 'Profile CPU time per parser', 'processing': 'Profile CPU time of processing phases', 'serializers': 'Profile CPU time of serialization', 'storage': 'Profile storage reads and writes', 'task_queue': 'Profile task queue status (multi-processing only)', 'tasks': 'Profile the status of tasks (multi-processing only)'}¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when the configuration options are missing or not supported.

plaso.cli.helpers.server_config module¶

The server configuration CLI arguments helper.

class plaso.cli.helpers.server_config.ServerArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Server configuration CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Argument helper for a server configuration.'¶

NAME = 'server_config'¶

classmethod ParseOptions(options, output_module)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
output_module (OutputModule) – output module to configure.

Raises

BadConfigObject – when the output module object does not have the SetServerInformation method.

plaso.cli.helpers.sessionize_analysis module¶

The sessionize analysis plugin CLI arguments helper.

class plaso.cli.helpers.sessionize_analysis.SessionizeAnalysisArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Sessionize analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'analysis'¶

DESCRIPTION = 'Argument helper for the Sessionize analysis plugin.'¶

NAME = 'sessionize'¶

classmethod ParseOptions(options, analysis_plugin)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
analysis_plugin (OutputModule) – analysis_plugin to configure.

Raises

BadConfigObject – when the output module object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.status_view module¶

The status view CLI arguments helper.

class plaso.cli.helpers.status_view.StatusViewArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Status view CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Status view command line arguments.'¶

NAME = 'status_view'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.

plaso.cli.helpers.storage_file module¶

The storage file CLI arguments helper.

class plaso.cli.helpers.storage_file.StorageFileArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Storage file CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Storage file command line arguments.'¶

NAME = 'storage_file'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.

plaso.cli.helpers.storage_format module¶

The storage format CLI arguments helper.

class plaso.cli.helpers.storage_format.StorageFormatArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Storage format CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Storage format command line arguments.'¶

NAME = 'storage_format'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – if the storage format or task storage is not defined or supported.

plaso.cli.helpers.tagging_analysis module¶

The tagging analysis plugin CLI arguments helper.

class plaso.cli.helpers.tagging_analysis.TaggingAnalysisArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Tagging analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'analysis'¶

DESCRIPTION = 'Argument helper for the Tagging analysis plugin.'¶

NAME = 'tagging'¶

classmethod ParseOptions(options, analysis_plugin)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
analysis_plugin (AnalysisPlugin) – analysis plugin to configure.

Raises

BadConfigObject – when the output module object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.temporary_directory module¶

The temporary directory CLI arguments helper.

class plaso.cli.helpers.temporary_directory.TemporaryDirectoryArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Temporary directory CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Temporary directory command line arguments.'¶

NAME = 'temporary_directory'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when the temporary directory does not exists.

plaso.cli.helpers.text_prepend module¶

The text prepend CLI arguments helper.

class plaso.cli.helpers.text_prepend.TextPrependArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Text prepend CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Text prepend command line arguments.'¶

NAME = 'text_prepend'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.

plaso.cli.helpers.timesketch_output module¶

The Timesketch output module CLI arguments helper.

class plaso.cli.helpers.timesketch_output.TimesketchOutputArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Timesketch output module CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'output'¶

DESCRIPTION = 'Argument helper for the timesketch output module.'¶

NAME = 'timesketch'¶

classmethod ParseOptions(options, output_module)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
output_module (TimesketchOutputModule) – output module to configure.

Raises

BadConfigObject – when the output module object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.vfs_backend module¶

The VFS back-end CLI arguments helper.

class plaso.cli.helpers.vfs_backend.VFSBackEndArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

VFS back-end CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'dfVFS back-end command line arguments.'¶

NAME = 'vfs_backend'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.

plaso.cli.helpers.viper_analysis module¶

The Viper analysis plugin CLI arguments helper.

class plaso.cli.helpers.viper_analysis.ViperAnalysisArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Viper analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'analysis'¶

DESCRIPTION = 'Argument helper for the Viper analysis plugin.'¶

NAME = 'viper'¶

classmethod ParseOptions(options, analysis_plugin)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
analysis_plugin (ViperAnalysisPlugin) – analysis plugin to configure.

Raises

BadConfigObject – when the output module object is of the wrong type.
BadConfigOption – when unable to connect to Viper instance.

plaso.cli.helpers.virustotal_analysis module¶

The VirusTotal analysis plugin CLI arguments helper.

class plaso.cli.helpers.virustotal_analysis.VirusTotalAnalysisArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

VirusTotal analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'analysis'¶

DESCRIPTION = 'Argument helper for the VirusTotal analysis plugin.'¶

NAME = 'virustotal'¶

classmethod ParseOptions(options, analysis_plugin)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
analysis_plugin (VirusTotalAnalysisPlugin) – analysis plugin to configure.

Raises

BadConfigObject – when the output module object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation or when unable to connect to VirusTotal.

plaso.cli.helpers.windows_services_analysis module¶

The Windows Services analysis plugin CLI arguments helper.

class plaso.cli.helpers.windows_services_analysis.WindowsServicesAnalysisArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Windows Services analysis plugin CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'analysis'¶

DESCRIPTION = 'Argument helper for the Windows Services analysis plugin.'¶

NAME = 'windows_services'¶

classmethod ParseOptions(options, analysis_plugin)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
analysis_plugin (WindowsServicePlugin) – analysis plugin to configure.

Raises

BadConfigObject – when the output module object is of the wrong type.

plaso.cli.helpers.workers module¶

The worker processes CLI arguments helper.

class plaso.cli.helpers.workers.WorkersArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

Worker processes CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'Worker processes command line arguments.'¶

NAME = 'workers'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when a configuration parameter fails validation.

plaso.cli.helpers.xlsx_output module¶

The XLSX output module CLI arguments helper.

class plaso.cli.helpers.xlsx_output.XLSXOutputArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

XLSX output module CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments the helper supports to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

CATEGORY = 'output'¶

DESCRIPTION = 'Argument helper for the XLSX output module.'¶

NAME = 'xlsx'¶

classmethod ParseOptions(options, output_module)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
output_module (XLSXOutputModule) – output module to configure.

Raises

BadConfigObject – when the output module object is of the wrong type.
BadConfigOption – when the output filename was not provided.

plaso.cli.helpers.yara_rules module¶

The YARA rules CLI arguments helper.

class plaso.cli.helpers.yara_rules.YaraRulesArgumentsHelper[source]¶

Bases: plaso.cli.helpers.interface.ArgumentsHelper

YARA rules CLI arguments helper.

classmethod AddArguments(argument_group)[source]¶

Adds command line arguments to an argument group.

This function takes an argument parser or an argument group object and adds to it all the command line arguments this helper supports.

Parameters: argument_group (argparse._ArgumentGroup|argparse.ArgumentParser) – argparse group.

DESCRIPTION = 'YARA rules command line arguments.'¶

NAME = 'yara_rules'¶

classmethod ParseOptions(options, configuration_object)[source]¶

Parses and validates options.

Parameters

options (argparse.Namespace) – parser options.
configuration_object (CLITool) – object to be configured by the argument helper.

Raises

BadConfigObject – when the configuration object is of the wrong type.
BadConfigOption – when the Yara rules file cannot be read or parsed.

Module contents¶

This file imports Python modules that register CLI helpers.