Side by Side Diff: test_data/artifacts/artifacts.yaml
Issue 321000043 :
[plaso] Refactored log2timeline front-end to tool #160 (Closed)
Patch Set: Changes after review
Use n/p to move between diff chunks;
N/P to move between comments.
Please Sign in to add in-line comments.
Jump to:
plaso/cli/extraction_tool.py
plaso/cli/image_export_tool.py
plaso/cli/log2timeline_tool.py
plaso/cli/logging_filter.py
plaso/cli/pinfo_tool.py
plaso/cli/psort_tool.py
plaso/cli/psteal_tool.py
plaso/cli/status_view_tool.py
plaso/cli/tools.py
plaso/engine/engine.py
plaso/engine/worker.py
plaso/frontend/extraction_frontend.py
plaso/frontend/log2timeline.py
plaso/output/manager.py
plaso/parsers/manager.py
run_tests.py
test_data/artifacts.yaml
test_data/artifacts/artifacts.yaml
tests/analyzers/hashers/manager.py
tests/cli/extract_analyze_tool.py
tests/cli/extraction_tool.py
tests/cli/image_export_tool.py
tests/cli/log2timeline_tool.py
tests/cli/pinfo_tool.py
tests/cli/psort_tool.py
tests/cli/psteal_tool.py
tests/cli/tools.py
tests/engine/engine.py
tests/frontend/extraction_frontend.py
tests/frontend/log2timeline.py
tests/parsers/manager.py
tools/image_export.py
tools/image_export_test.py
tools/log2timeline.py
tools/log2timeline_test.py
tools/pinfo.py
tools/pinfo_test.py
tools/psort.py
tools/psort_test.py
tools/psteal.py
tools/psteal_test.py
utils/review.py
OLD NEW
1 # Windows path artifact definitions. 1 # Windows path artifact definitions.
2 2
3 name: SystemRootPath 3 name: SystemRootPath
4 doc: The %SystemRoot% path. 4 doc: The %SystemRoot% path.
5 sources: 5 sources:
6 - type: PATH 6 - type: PATH
7 attributes: 7 attributes:
8 paths: 8 paths:
9 - '\Windows' 9 - '\Windows'
10 - '\WinNT' 10 - '\WinNT'
11 - '\WINNT35' 11 - '\WINNT35'
12 - '\WTSRV' 12 - '\WTSRV'
13 separator: '\' 13 separator: '\'
14 - type: REGISTRY_VALUE 14 - type: REGISTRY_VALUE
15 attributes: 15 attributes:
16 key_value_pairs: [{key: 'HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\Cu
rrentVersion', value: 'SystemRoot'}] 16 key_value_pairs: [{key: 'HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\Cu
rrentVersion', value: 'SystemRoot'}]
17 provides: 17 provides:
18 - type: ENVIRONMENT 18 - type: ENVIRONMENT
19 attributes: 19 attributes:
20 name: '%SystemRoot%' 20 name: '%SystemRoot%'
21 supported_os: [Windows] 21 supported_os: [Windows]
OLD NEW