Skip to content

Commit

Permalink
Fix logger
Browse files Browse the repository at this point in the history
  • Loading branch information
@rubnogueira
rubnogueira committed Apr 16, 2020
1 parent e768d15 commit 02bc8c7
Show file tree
Hide file tree
Showing 13 changed files with 104 additions and 137 deletions.
2 changes: 0 additions & 2 deletions autopsy.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,6 @@

sys.path.append(os.path.dirname(__file__)) #include this path to module autopsy

from java.util.logging import Level

from org.sleuthkit.autopsy.ingest import GenericIngestModuleJobSettings
from org.sleuthkit.autopsy.report import GeneralReportModuleAdapter
from org.sleuthkit.autopsy.ingest import IngestModuleFactoryAdapter
Expand Down
34 changes: 18 additions & 16 deletions modules/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ import sys
import json
import os
import tarfile
import logging

from package.database import Database
from package.utils import Utils
Expand All @@ -29,17 +30,16 @@ from modules.report import ModuleParent
class ModuleReport(ModuleParent):
def __init__(self, internal_path, external_path, report_path, app_name, app_id):
ModuleParent.__init__(self, internal_path, external_path, report_path, app_name, app_id)
self.log = Utils.get_logger()

#THIS IS THE LOG FUNCTION
# TO USE THE LOG FUNCTION, WE ARE USING PYTHON LOGGING PACKAGE:
# https://github.com/python/cpython/blob/3.8/Lib/logging/__init__.py
# EXAMPLES:
#self.log.info("this is a info log message")
#self.log.warning("this is a warning log message")
#self.log.critical("this is a critical log message")
#logging.info("this is a info log message")
#logging.warning("this is a warning log message")
#logging.critical("this is a critical log message")

self.log.info("Module started")
logging.info("Module started")

#TODO
#HERE IS SOME CODE THAT YOU CONSIDER NECESSARY TO INITIALIZE THE ANALYSIS MODULE.
Expand All @@ -57,14 +57,14 @@ class ModuleReport(ModuleParent):
# self.report["messages"] = self.get_user_messages()
# self.report["freespace"] = self.get_undark_db()

self.log.info("Report Generated")
logging.info("Report Generated")

Utils.save_report(os.path.join(self.report_path, "Report.json"), self.report)
return self.report


def get_user_profile(self):
self.log.info("Get User Profile...")
logging.info("Get User Profile...")
#TODO
# EXAMPLE OF HOW TO ACCESS A XML FILE
# ---------
Expand All @@ -79,7 +79,7 @@ class ModuleReport(ModuleParent):


def get_user_messages(self):
self.log.info("Getting User Messages...")
logging.info("Getting User Messages...")
#TODO

# EXAMPLE OF HOW TO ACCESS A DATABASE
Expand All @@ -95,12 +95,12 @@ class ModuleReport(ModuleParent):
# message["time"] = entry[3]
# messages_list.append(message)

# self.log.info("{} messages found".format(len(messages_list)))
# logging.info("{} messages found".format(len(messages_list)))
#return messages_list
return

def get_undark_db(self):
self.log.info("Getting undark output...")
logging.info("Getting undark output...")
# UNDARK ALLOWS YOU TO RECOVER FRAGMENTS OF LOST ROWS FROM DATABASES

# return Database.get_undark_output(self.databases, self.report_path)
Expand All @@ -121,6 +121,8 @@ There are many utilities in this framework which can help you with this process,
Inside the `/modules/autopsy` folder, create one `.py` file with the same name of the report file.

```Python
import logging

from org.sleuthkit.datamodel import BlackboardAttribute
from org.sleuthkit.datamodel import BlackboardArtifact
from org.sleuthkit.autopsy.casemodule.services import Blackboard
Expand Down Expand Up @@ -176,7 +178,7 @@ class ModulePsy(ModulePsyParent):
# self.att_undark_output = self.utils.create_attribute_type('UNDARK_OUTPUT', BlackboardAttribute.TSK_BLACKBOARD_ATTRIBUTE_VALUE_TYPE.STRING, "Output")

def process_user_profile(self, profile, file):
self.log.info("Indexing user profile.")
logging.info("Indexing user profile.")
if not profile:
return

Expand All @@ -193,10 +195,10 @@ class ModulePsy(ModulePsyParent):
# self.utils.index_artifact(art, self.art_user_profile)
#
# except Exception as e:
# self.log.warning("Error getting user profile: " + str(e))
# logging.warning("Error getting user profile: " + str(e))

def process_messages(self, messages, file):
self.log.info("Indexing user messages")
logging.info("Indexing user messages")
if not messages:
return

Expand All @@ -223,10 +225,10 @@ class ModulePsy(ModulePsyParent):
# self.utils.index_artifact(art, BlackboardArtifact.ARTIFACT_TYPE.TSK_MESSAGE)
#
# except Exception as e:
# self.log.warning("Error getting a message: " + str(e))
# logging.warning("Error getting a message: " + str(e))

def process_undark(self, undarks, file):
self.log.info("Indexing undark output.")
logging.info("Indexing undark output.")
if not undarks:
return

Expand All @@ -241,7 +243,7 @@ class ModulePsy(ModulePsyParent):
# art.addAttributes(attributes)
# self.utils.index_artifact(art, self.art_undark)
# except Exception as e:
# self.log.warning("Error indexing undark output: " + str(e))
# logging.warning("Error indexing undark output: " + str(e))

```

Expand Down
1 change: 0 additions & 1 deletion modules/autopsy/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@

class ModulePsyParent:
def __init__(self, module_name):
self.log = Utils.get_logger()
self.context = None
self.case = Case.getCurrentCase().getSleuthkitCase()
self.utils = PsyUtils()
Expand Down
35 changes: 18 additions & 17 deletions modules/autopsy/tiktok.py
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
import sys
import os
import logging

from org.sleuthkit.datamodel import BlackboardAttribute
from org.sleuthkit.autopsy.ingest import IngestModule
Expand Down Expand Up @@ -117,7 +118,7 @@ def initialize(self, context):

def process_user_profile(self, profile, file):

self.log.info("Indexing user profile.")
logging.info("Indexing user profile.")

if not profile:
return
Expand All @@ -144,10 +145,10 @@ def process_user_profile(self, profile, file):
art.addAttributes(attributes)
self.utils.index_artifact(art, self.art_user_profile)
except Exception as e:
self.log.warning("Error getting user profile: " + str(e))
logging.warning("Error getting user profile: " + str(e))

def process_messages(self, conversations, file):
self.log.info("Indexing user messages")
logging.info("Indexing user messages")
if not conversations:
return

Expand Down Expand Up @@ -194,11 +195,11 @@ def process_messages(self, conversations, file):
self.utils.index_artifact(art, BlackboardArtifact.ARTIFACT_TYPE.TSK_MESSAGE)

except Exception as e:
self.log.warning("Error getting a message: " + str(e))
logging.warning("Error getting a message: " + str(e))


def process_searches(self, searches, file):
self.log.info("Indexing user searches.")
logging.info("Indexing user searches.")
if not searches:
return

Expand All @@ -212,10 +213,10 @@ def process_searches(self, searches, file):
art.addAttributes(attributes)
self.utils.index_artifact(art, self.art_searches)
except Exception as e:
self.log.warning("Error getting a search entry: " + str(e))
logging.warning("Error getting a search entry: " + str(e))

def process_undark(self, undarks, file):
self.log.info("Indexing undark output.")
logging.info("Indexing undark output.")
if not undarks:
return
for database, deleted_rows in undarks.items():
Expand All @@ -228,10 +229,10 @@ def process_undark(self, undarks, file):
art.addAttributes(attributes)
self.utils.index_artifact(art, self.art_undark)
except Exception as e:
self.log.warning("Error indexing undark output: " + str(e))
logging.warning("Error indexing undark output: " + str(e))

def process_users(self, users, file):
self.log.info("Indexing user profiles.")
logging.info("Indexing user profiles.")

if not users:
return
Expand All @@ -253,10 +254,10 @@ def process_users(self, users, file):

self.utils.index_artifact(art, self.art_profiles)
except Exception as e:
self.log.warning("Error getting user: " + str(e))
logging.warning("Error getting user: " + str(e))

def process_videos(self, videos, report_number, file, base_path, datasource_name):
self.log.info("Indexing videos.")
logging.info("Indexing videos.")

for v in videos:
try:
Expand All @@ -267,13 +268,13 @@ def process_videos(self, videos, report_number, file, base_path, datasource_name
art.addAttributes(attributes)
self.utils.index_artifact(art, self.art_videos)
except Exception as e:
self.log.warning("Error getting a video: " + str(e))
logging.warning("Error getting a video: " + str(e))

path = os.path.join(base_path, "Contents", "internal", "cache", "cache")
try:
files = os.listdir(path)
except:
self.log.warning("Report doesn't have video files.")
logging.warning("Report doesn't have video files.")
return

for v in files:
Expand All @@ -282,7 +283,7 @@ def process_videos(self, videos, report_number, file, base_path, datasource_name
self.utils.add_to_fileset("{}_Videos".format(datasource_name), [path])

def process_published_videos(self, videos,file):
self.log.info("Indexing published videos.")
logging.info("Indexing published videos.")
for v in videos:
try:
art = file.newArtifact(self.art_publish_videos.getTypeID())
Expand All @@ -292,10 +293,10 @@ def process_published_videos(self, videos,file):
art.addAttributes(attributes)
self.utils.index_artifact(art, self.art_publish_videos)
except Exception as e:
self.log.warning("Error getting a video: " + str(e))
logging.warning("Error getting a video: " + str(e))

def process_logs(self, logs, file):
self.log.info("Indexing user logs")
logging.info("Indexing user logs")
if not logs:
return

Expand All @@ -311,4 +312,4 @@ def process_logs(self, logs, file):
art.addAttributes(attributes)
self.utils.index_artifact(art, self.art_logs)
except Exception as e:
self.log.warning("Error getting log: " + str(e))
logging.warning("Error getting log: " + str(e))
Loading

0 comments on commit 02bc8c7

Please sign in to comment.