plaso-rubanetra/plaso/parsers/utmp_test.py

#!/usr/bin/python
# -*- coding: utf-8 -*-
#
# Copyright 2014 The Plaso Project Authors.
# Please see the AUTHORS file for details on individual authors.
#
# Licensed under the Apache License, Version 2.0 (the 'License');
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Parser test for utmp files."""

import unittest

# pylint: disable=unused-import
from plaso.formatters import utmp as utmp_formatter
from plaso.lib import timelib_test
from plaso.parsers import test_lib
from plaso.parsers import utmp


class UtmpParserTest(test_lib.ParserTestCase):
  """The unit test for UTMP parser."""

  def setUp(self):
    """Sets up the needed objects used throughout the test."""
    self._parser = utmp.UtmpParser()

  def testParseUtmpFile(self):
    """Tests the Parse function for an UTMP file."""
    test_file = self._GetTestFilePath(['utmp'])
    events = self._ParseFile(self._parser, test_file)
    event_objects = self._GetEventObjectsFromQueue(events)
    self.assertEqual(len(event_objects), 14)
    event_object = event_objects[0]
    self.assertEqual(event_object.terminal, u'system boot')
    self.assertEqual(event_object.status, u'BOOT_TIME')
    event_object = event_objects[1]
    self.assertEqual(event_object.status, u'RUN_LVL')

    event_object = event_objects[2]

    expected_timestamp = timelib_test.CopyStringToTimestamp(
        '2013-12-13 14:45:09')
    self.assertEqual(event_object.timestamp, expected_timestamp)

    self.assertEqual(event_object.user, u'LOGIN')
    self.assertEqual(event_object.computer_name, u'localhost')
    self.assertEqual(event_object.terminal, u'tty4')
    self.assertEqual(event_object.status, u'LOGIN_PROCESS')
    self.assertEqual(event_object.exit, 0)
    self.assertEqual(event_object.pid, 1115)
    self.assertEqual(event_object.terminal_id, 52)
    expected_msg = (
        u'User: LOGIN '
        u'Computer Name: localhost '
        u'Terminal: tty4 '
        u'PID: 1115 '
        u'Terminal_ID: 52 '
        u'Status: LOGIN_PROCESS '
        u'IP Address: localhost '
        u'Exit: 0')
    expected_msg_short = (
        u'User: LOGIN')
    self._TestGetMessageStrings(event_object, expected_msg, expected_msg_short)

    event_object = event_objects[12]

    expected_timestamp = timelib_test.CopyStringToTimestamp(
        '2013-12-18 22:46:56.305504')
    self.assertEqual(event_object.timestamp, expected_timestamp)

    self.assertEqual(event_object.user, u'moxilo')
    self.assertEqual(event_object.computer_name, u'localhost')
    self.assertEqual(event_object.terminal, u'pts/4')
    self.assertEqual(event_object.status, u'USER_PROCESS')
    self.assertEqual(event_object.exit, 0)
    self.assertEqual(event_object.pid, 2684)
    self.assertEqual(event_object.terminal_id, 13359)
    expected_msg = (
        u'User: moxilo '
        u'Computer Name: localhost '
        u'Terminal: pts/4 '
        u'PID: 2684 '
        u'Terminal_ID: 13359 '
        u'Status: USER_PROCESS '
        u'IP Address: localhost '
        u'Exit: 0')
    expected_msg_short = (
        u'User: moxilo')
    self._TestGetMessageStrings(event_object, expected_msg, expected_msg_short)

  def testParseWtmpFile(self):
    """Tests the Parse function for an WTMP file."""
    test_file = self._GetTestFilePath(['wtmp.1'])
    events = self._ParseFile(self._parser, test_file)
    event_objects = self._GetEventObjectsFromQueue(events)
    self.assertEqual(len(event_objects), 4)

    event_object = event_objects[0]

    expected_timestamp = timelib_test.CopyStringToTimestamp(
        '2011-12-01 17:36:38.432935')
    self.assertEqual(event_object.timestamp, expected_timestamp)

    self.assertEqual(event_object.user, u'userA')
    self.assertEqual(event_object.computer_name, u'10.10.122.1')
    self.assertEqual(event_object.terminal, u'pts/32')
    self.assertEqual(event_object.status, u'USER_PROCESS')
    self.assertEqual(event_object.ip_address, u'10.10.122.1')
    self.assertEqual(event_object.exit, 0)
    self.assertEqual(event_object.pid, 20060)
    self.assertEqual(event_object.terminal_id, 842084211)
    expected_msg = (
        u'User: userA '
        u'Computer Name: 10.10.122.1 '
        u'Terminal: pts/32 '
        u'PID: 20060 '
        u'Terminal_ID: 842084211 '
        u'Status: USER_PROCESS '
        u'IP Address: 10.10.122.1 '
        u'Exit: 0')
    expected_msg_short = (
        u'User: userA')
    self._TestGetMessageStrings(event_object, expected_msg, expected_msg_short)


if __name__ == '__main__':
  unittest.main()
Import from old repository 2020-04-06 18:48:34 +02:00			`#!/usr/bin/python`
			`# -- coding: utf-8 --`
			`#`
			`# Copyright 2014 The Plaso Project Authors.`
			`# Please see the AUTHORS file for details on individual authors.`
			`#`
			`# Licensed under the Apache License, Version 2.0 (the 'License');`
			`# you may not use this file except in compliance with the License.`
			`# You may obtain a copy of the License at`
			`#`
			`# http://www.apache.org/licenses/LICENSE-2.0`
			`#`
			`# Unless required by applicable law or agreed to in writing, software`
			`# distributed under the License is distributed on an "AS IS" BASIS,`
			`# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`# See the License for the specific language governing permissions and`
			`# limitations under the License.`
			`"""Parser test for utmp files."""`

			`import unittest`

			`# pylint: disable=unused-import`
			`from plaso.formatters import utmp as utmp_formatter`
			`from plaso.lib import timelib_test`
			`from plaso.parsers import test_lib`
			`from plaso.parsers import utmp`


			`class UtmpParserTest(test_lib.ParserTestCase):`
			`"""The unit test for UTMP parser."""`

			`def setUp(self):`
			`"""Sets up the needed objects used throughout the test."""`
			`self._parser = utmp.UtmpParser()`

			`def testParseUtmpFile(self):`
			`"""Tests the Parse function for an UTMP file."""`
			`test_file = self._GetTestFilePath(['utmp'])`
			`events = self._ParseFile(self._parser, test_file)`
			`event_objects = self._GetEventObjectsFromQueue(events)`
			`self.assertEqual(len(event_objects), 14)`
			`event_object = event_objects[0]`
			`self.assertEqual(event_object.terminal, u'system boot')`
			`self.assertEqual(event_object.status, u'BOOT_TIME')`
			`event_object = event_objects[1]`
			`self.assertEqual(event_object.status, u'RUN_LVL')`

			`event_object = event_objects[2]`

			`expected_timestamp = timelib_test.CopyStringToTimestamp(`
			`'2013-12-13 14:45:09')`
			`self.assertEqual(event_object.timestamp, expected_timestamp)`

			`self.assertEqual(event_object.user, u'LOGIN')`
			`self.assertEqual(event_object.computer_name, u'localhost')`
			`self.assertEqual(event_object.terminal, u'tty4')`
			`self.assertEqual(event_object.status, u'LOGIN_PROCESS')`
			`self.assertEqual(event_object.exit, 0)`
			`self.assertEqual(event_object.pid, 1115)`
			`self.assertEqual(event_object.terminal_id, 52)`
			`expected_msg = (`
			`u'User: LOGIN '`
			`u'Computer Name: localhost '`
			`u'Terminal: tty4 '`
			`u'PID: 1115 '`
			`u'Terminal_ID: 52 '`
			`u'Status: LOGIN_PROCESS '`
			`u'IP Address: localhost '`
			`u'Exit: 0')`
			`expected_msg_short = (`
			`u'User: LOGIN')`
			`self._TestGetMessageStrings(event_object, expected_msg, expected_msg_short)`

			`event_object = event_objects[12]`

			`expected_timestamp = timelib_test.CopyStringToTimestamp(`
			`'2013-12-18 22:46:56.305504')`
			`self.assertEqual(event_object.timestamp, expected_timestamp)`

			`self.assertEqual(event_object.user, u'moxilo')`
			`self.assertEqual(event_object.computer_name, u'localhost')`
			`self.assertEqual(event_object.terminal, u'pts/4')`
			`self.assertEqual(event_object.status, u'USER_PROCESS')`
			`self.assertEqual(event_object.exit, 0)`
			`self.assertEqual(event_object.pid, 2684)`
			`self.assertEqual(event_object.terminal_id, 13359)`
			`expected_msg = (`
			`u'User: moxilo '`
			`u'Computer Name: localhost '`
			`u'Terminal: pts/4 '`
			`u'PID: 2684 '`
			`u'Terminal_ID: 13359 '`
			`u'Status: USER_PROCESS '`
			`u'IP Address: localhost '`
			`u'Exit: 0')`
			`expected_msg_short = (`
			`u'User: moxilo')`
			`self._TestGetMessageStrings(event_object, expected_msg, expected_msg_short)`

			`def testParseWtmpFile(self):`
			`"""Tests the Parse function for an WTMP file."""`
			`test_file = self._GetTestFilePath(['wtmp.1'])`
			`events = self._ParseFile(self._parser, test_file)`
			`event_objects = self._GetEventObjectsFromQueue(events)`
			`self.assertEqual(len(event_objects), 4)`

			`event_object = event_objects[0]`

			`expected_timestamp = timelib_test.CopyStringToTimestamp(`
			`'2011-12-01 17:36:38.432935')`
			`self.assertEqual(event_object.timestamp, expected_timestamp)`

			`self.assertEqual(event_object.user, u'userA')`
			`self.assertEqual(event_object.computer_name, u'10.10.122.1')`
			`self.assertEqual(event_object.terminal, u'pts/32')`
			`self.assertEqual(event_object.status, u'USER_PROCESS')`
			`self.assertEqual(event_object.ip_address, u'10.10.122.1')`
			`self.assertEqual(event_object.exit, 0)`
			`self.assertEqual(event_object.pid, 20060)`
			`self.assertEqual(event_object.terminal_id, 842084211)`
			`expected_msg = (`
			`u'User: userA '`
			`u'Computer Name: 10.10.122.1 '`
			`u'Terminal: pts/32 '`
			`u'PID: 20060 '`
			`u'Terminal_ID: 842084211 '`
			`u'Status: USER_PROCESS '`
			`u'IP Address: 10.10.122.1 '`
			`u'Exit: 0')`
			`expected_msg_short = (`
			`u'User: userA')`
			`self._TestGetMessageStrings(event_object, expected_msg, expected_msg_short)`


			`if __name__ == '__main__':`
			`unittest.main()`