plaso.storage.fake package¶
Submodules¶
plaso.storage.fake.writer module¶
Fake storage writer for testing.
-
class
plaso.storage.fake.writer.FakeStorageWriter(session, storage_type='session', task=None)[source]¶ Bases:
plaso.storage.interface.StorageWriterFake storage writer object.
-
analysis_reports¶ analysis reports.
- Type
list[AnalysisReport]
-
session_completion¶ session completion attribute container.
- Type
-
session_start¶ session start attribute container.
- Type
-
task_completion¶ task completion attribute container.
- Type
-
AddAnalysisReport(analysis_report)[source]¶ Adds an analysis report.
- Parameters
analysis_report (AnalysisReport) – analysis report.
- Raises
IOError – when the storage writer is closed.
OSError – when the storage writer is closed.
-
AddEvent(event)[source]¶ Adds an event.
- Parameters
event (EventObject) – event.
- Raises
IOError – when the storage writer is closed or if the event data identifier type is not supported.
OSError – when the storage writer is closed or if the event data identifier type is not supported.
-
AddEventData(event_data)[source]¶ Adds event data.
- Parameters
event_data (EventData) – event data.
- Raises
IOError – when the storage writer is closed.
OSError – when the storage writer is closed.
-
AddEventSource(event_source)[source]¶ Adds an event source.
- Parameters
event_source (EventSource) – event source.
- Raises
IOError – when the storage writer is closed.
OSError – when the storage writer is closed.
-
AddEventTag(event_tag)[source]¶ Adds an event tag.
- Parameters
event_tag (EventTag) – event tag.
- Raises
IOError – when the storage writer is closed.
OSError – when the storage writer is closed.
-
AddWarning(warning)[source]¶ Adds a warnings.
- Parameters
warning (ExtractionWarning) – warning.
- Raises
IOError – when the storage writer is closed.
OSError – when the storage writer is closed.
-
CheckTaskReadyForMerge(task)[source]¶ Checks if a task is ready for merging into the session store.
- Parameters
task (Task) – task.
- Returns
True if the task is ready to be merged.
- Return type
bool
- Raises
IOError – if the task storage type is not supported or the storage writer for the task does not exist.
OSError – if the task storage type is not supported or the storage writer for the task does not exist.
-
Close()[source]¶ Closes the storage writer.
- Raises
IOError – when the storage writer is closed.
OSError – when the storage writer is closed.
-
CreateTaskStorage(task, task_storage_format)[source]¶ Creates a task storage.
- Parameters
task (Task) – task.
task_storage_format (str) – storage format to store task results.
- Returns
storage writer.
- Return type
- Raises
IOError – if the task storage already exists.
OSError – if the task storage already exists.
-
FinalizeTaskStorage(task)[source]¶ Finalizes a processed task storage.
- Parameters
task (Task) – task.
- Raises
IOError – if the task storage does not exist.
OSError – if the task storage does not exist.
-
GetEventData()[source]¶ Retrieves the event data.
- Returns
event data generator.
- Return type
generator(EventData)
-
GetEventDataByIdentifier(identifier)[source]¶ Retrieves specific event data.
- Parameters
identifier (AttributeContainerIdentifier) – event data identifier.
- Returns
event data or None if not available.
- Return type
-
GetEventSources()[source]¶ Retrieves the event sources.
- Returns
event source generator.
- Return type
generator(EventSource)
-
GetEventTags()[source]¶ Retrieves the event tags.
- Returns
event tag generator.
- Return type
generator(EventTags)
-
GetEvents()[source]¶ Retrieves the events.
- Returns
event generator.
- Return type
generator(EventObject)
-
GetFirstWrittenEventSource()[source]¶ Retrieves the first event source that was written after open.
Using GetFirstWrittenEventSource and GetNextWrittenEventSource newly added event sources can be retrieved in order of addition.
- Returns
event source or None if there are no newly written ones.
- Return type
- Raises
IOError – when the storage writer is closed.
OSError – when the storage writer is closed.
-
GetNextWrittenEventSource()[source]¶ Retrieves the next event source that was written after open.
- Returns
event source or None if there are no newly written ones.
- Return type
- Raises
IOError – when the storage writer is closed.
OSError – when the storage writer is closed.
-
GetSortedEvents(time_range=None)[source]¶ Retrieves the events in increasing chronological order.
- Parameters
time_range (Optional[TimeRange]) – time range used to filter events that fall in a specific period.
- Returns
event generator.
- Return type
generator(EventObject)
- Raises
IOError – when the storage writer is closed.
OSError – when the storage writer is closed.
-
GetWarnings()[source]¶ Retrieves the warnings.
- Returns
warning generator.
- Return type
generator(ExtractionWarning)
-
Open()[source]¶ Opens the storage writer.
- Raises
IOError – if the storage writer is already opened.
OSError – if the storage writer is already opened.
-
PrepareMergeTaskStorage(task)[source]¶ Prepares a task storage for merging.
- Parameters
task (Task) – task.
- Raises
IOError – if the task storage does not exist.
OSError – if the task storage does not exist.
-
ReadPreprocessingInformation(knowledge_base)[source]¶ Reads preprocessing information.
The preprocessing information contains the system configuration which contains information about various system specific configuration data, for example the user accounts.
- Parameters
knowledge_base (KnowledgeBase) – is used to store the preprocessing information.
- Raises
IOError – if the storage type does not support writing preprocessing information or when the storage writer is closed.
OSError – if the storage type does not support writing preprocessing information or when the storage writer is closed.
-
RemoveProcessedTaskStorage(task)[source]¶ Removes a processed task storage.
- Parameters
task (Task) – task.
- Raises
IOError – if the task storage does not exist.
OSError – if the task storage does not exist.
-
SetSerializersProfiler(serializers_profiler)[source]¶ Sets the serializers profiler.
- Parameters
serializers_profiler (SerializersProfiler) – serializers profiler.
-
SetStorageProfiler(storage_profiler)[source]¶ Sets the storage profiler.
- Parameters
storage_profiler (StorageProfiler) – storage profiler.
-
WritePreprocessingInformation(knowledge_base)[source]¶ Writes preprocessing information.
- Parameters
knowledge_base (KnowledgeBase) – used to store the preprocessing information.
- Raises
IOError – if the storage type does not support writing preprocessing information or when the storage writer is closed.
OSError – if the storage type does not support writing preprocessing information or when the storage writer is closed.
-
WriteSessionCompletion(aborted=False)[source]¶ Writes session completion information.
- Parameters
aborted (Optional[bool]) – True if the session was aborted.
- Raises
IOError – if the storage type does not support writing a session completion or when the storage writer is closed.
OSError – if the storage type does not support writing a session completion or when the storage writer is closed.
-
WriteSessionStart()[source]¶ Writes session start information.
- Raises
IOError – if the storage type does not support writing a session start or when the storage writer is closed.
OSError – if the storage type does not support writing a session start or when the storage writer is closed.
-
WriteTaskCompletion(aborted=False)[source]¶ Writes task completion information.
- Parameters
aborted (Optional[bool]) – True if the session was aborted.
- Raises
IOError – if the storage type does not support writing a task completion or when the storage writer is closed.
OSError – if the storage type does not support writing a task completion or when the storage writer is closed.
-