Left: | ||
Right: |
LEFT | RIGHT |
---|---|
1 # -*- coding: utf-8 -*- | 1 # -*- coding: utf-8 -*- |
2 """Merge reader for SQLite storage files.""" | 2 """Merge reader for SQLite storage files.""" |
3 | 3 |
4 from __future__ import unicode_literals | 4 from __future__ import unicode_literals |
5 | 5 |
6 import os | 6 import os |
7 import sqlite3 | 7 import sqlite3 |
8 import zlib | 8 import zlib |
9 | 9 |
10 from plaso.containers import errors | 10 from plaso.containers import errors |
(...skipping 11 matching lines...) Expand all Loading... | |
22 | 22 |
23 _CONTAINER_TYPE_ANALYSIS_REPORT = reports.AnalysisReport.CONTAINER_TYPE | 23 _CONTAINER_TYPE_ANALYSIS_REPORT = reports.AnalysisReport.CONTAINER_TYPE |
24 _CONTAINER_TYPE_EVENT = events.EventObject.CONTAINER_TYPE | 24 _CONTAINER_TYPE_EVENT = events.EventObject.CONTAINER_TYPE |
25 _CONTAINER_TYPE_EVENT_DATA = events.EventData.CONTAINER_TYPE | 25 _CONTAINER_TYPE_EVENT_DATA = events.EventData.CONTAINER_TYPE |
26 _CONTAINER_TYPE_EVENT_SOURCE = event_sources.EventSource.CONTAINER_TYPE | 26 _CONTAINER_TYPE_EVENT_SOURCE = event_sources.EventSource.CONTAINER_TYPE |
27 _CONTAINER_TYPE_EVENT_TAG = events.EventTag.CONTAINER_TYPE | 27 _CONTAINER_TYPE_EVENT_TAG = events.EventTag.CONTAINER_TYPE |
28 _CONTAINER_TYPE_EXTRACTION_ERROR = errors.ExtractionError.CONTAINER_TYPE | 28 _CONTAINER_TYPE_EXTRACTION_ERROR = errors.ExtractionError.CONTAINER_TYPE |
29 _CONTAINER_TYPE_TASK_COMPLETION = tasks.TaskCompletion.CONTAINER_TYPE | 29 _CONTAINER_TYPE_TASK_COMPLETION = tasks.TaskCompletion.CONTAINER_TYPE |
30 _CONTAINER_TYPE_TASK_START = tasks.TaskStart.CONTAINER_TYPE | 30 _CONTAINER_TYPE_TASK_START = tasks.TaskStart.CONTAINER_TYPE |
31 | 31 |
32 # Specific container types reference other container types, such as event | |
33 # referencing event data, therefore the order here should be to list | |
34 # containter that are referenced by other types before container type that | |
35 # reference other types. | |
32 _CONTAINER_TYPES = ( | 36 _CONTAINER_TYPES = ( |
onager
2018/05/01 08:46:55
Please add a comment that the order here is signif
Joachim Metz
2018/05/01 09:26:19
Done. As discussed this does not address the initi
| |
33 _CONTAINER_TYPE_EVENT_SOURCE, | 37 _CONTAINER_TYPE_EVENT_SOURCE, |
34 _CONTAINER_TYPE_EVENT_DATA, | 38 _CONTAINER_TYPE_EVENT_DATA, |
35 _CONTAINER_TYPE_EVENT, | 39 _CONTAINER_TYPE_EVENT, |
36 _CONTAINER_TYPE_EVENT_TAG, | 40 _CONTAINER_TYPE_EVENT_TAG, |
37 _CONTAINER_TYPE_EXTRACTION_ERROR, | 41 _CONTAINER_TYPE_EXTRACTION_ERROR, |
38 _CONTAINER_TYPE_ANALYSIS_REPORT) | 42 _CONTAINER_TYPE_ANALYSIS_REPORT) |
39 | 43 |
40 _ADD_CONTAINER_TYPE_METHODS = { | 44 _ADD_CONTAINER_TYPE_METHODS = { |
41 _CONTAINER_TYPE_ANALYSIS_REPORT: '_AddAnalysisReport', | 45 _CONTAINER_TYPE_ANALYSIS_REPORT: '_AddAnalysisReport', |
42 _CONTAINER_TYPE_EVENT: '_AddEvent', | 46 _CONTAINER_TYPE_EVENT: '_AddEvent', |
(...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
156 self._connection = None | 160 self._connection = None |
157 self._cursor = None | 161 self._cursor = None |
158 | 162 |
159 def _GetContainerTypes(self): | 163 def _GetContainerTypes(self): |
160 """Retrieves the container types to merge. | 164 """Retrieves the container types to merge. |
161 | 165 |
162 Container types not defined in _CONTAINER_TYPES are ignored and not merged. | 166 Container types not defined in _CONTAINER_TYPES are ignored and not merged. |
163 | 167 |
164 Specific container types reference other container types, such | 168 Specific container types reference other container types, such |
165 as event referencing event data. The names are ordered to ensure the | 169 as event referencing event data. The names are ordered to ensure the |
166 attribute containers are merged in the correct order. | 170 attribute containers are merged in the correct order. |
onager
2018/05/01 08:34:04
This still doesn't make sense to me - why is alpha
Joachim Metz
2018/05/01 08:39:23
where do you read "alphabetical" or infer that fro
onager
2018/05/01 08:46:55
OK, I think I got a little confused here, and coul
Joachim Metz
2018/05/01 09:26:19
Done.
| |
167 | 171 |
168 Returns: | 172 Returns: |
169 list[str]: names of the container types to merge. | 173 list[str]: names of the container types to merge. |
170 """ | 174 """ |
171 self._cursor.execute(self._TABLE_NAMES_QUERY) | 175 self._cursor.execute(self._TABLE_NAMES_QUERY) |
172 table_names = [row[0] for row in self._cursor.fetchall()] | 176 table_names = [row[0] for row in self._cursor.fetchall()] |
173 | 177 |
174 return [ | 178 return [ |
175 table_name for table_name in self._CONTAINER_TYPES | 179 table_name for table_name in self._CONTAINER_TYPES |
176 if table_name in table_names] | 180 if table_name in table_names] |
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
276 | 280 |
277 if (maximum_number_of_containers > 0 and | 281 if (maximum_number_of_containers > 0 and |
278 number_of_containers >= maximum_number_of_containers): | 282 number_of_containers >= maximum_number_of_containers): |
279 return False | 283 return False |
280 | 284 |
281 self._Close() | 285 self._Close() |
282 | 286 |
283 os.remove(self._path) | 287 os.remove(self._path) |
284 | 288 |
285 return True | 289 return True |
LEFT | RIGHT |