stefan/plaso-rubanetra
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
master
plaso-rubanetra/plaso/proto/plaso_storage_pb2.py
Stefan 0da6783a45 Import from old repository
2020-04-06 18:48:34 +02:00

1042 lines
45 KiB
Python
Raw Permalink Blame History

# Generated by the protocol buffer compiler. DO NOT EDIT!
from google.protobuf import descriptor
from google.protobuf import message
from google.protobuf import reflection
from google.protobuf import descriptor_pb2
# @@protoc_insertion_point(imports)
DESCRIPTOR = descriptor.FileDescriptor(
name='plaso/proto/plaso_storage.proto',
package='plaso_storage',
serialized_pb='\n\x1fplaso/proto/plaso_storage.proto\x12\rplaso_storage\"\xbd\x01\n\tAttribute\x12\x0b\n\x03key\x18\x01 \x02(\t\x12\x0e\n\x06string\x18\x02 \x01(\t\x12\x0f\n\x07integer\x18\x03 \x01(\x03\x12#\n\x05\x61rray\x18\x04 \x01(\x0b\x32\x14.plaso_storage.Array\x12!\n\x04\x64ict\x18\x05 \x01(\x0b\x32\x13.plaso_storage.Dict\x12\x0f\n\x07\x62oolean\x18\x06 \x01(\x08\x12\x0c\n\x04\x64\x61ta\x18\x07 \x01(\x0c\x12\r\n\x05\x66loat\x18\x08 \x01(\x02\x12\x0c\n\x04none\x18\t \x01(\x08\"4\n\x04\x44ict\x12,\n\nattributes\x18\x01 \x03(\x0b\x32\x18.plaso_storage.Attribute\"\xac\x01\n\x05Value\x12\x0f\n\x07integer\x18\x01 \x01(\x03\x12\x0e\n\x06string\x18\x02 \x01(\t\x12\x0c\n\x04\x64\x61ta\x18\x03 \x01(\x0c\x12#\n\x05\x61rray\x18\x04 \x01(\x0b\x32\x14.plaso_storage.Array\x12!\n\x04\x64ict\x18\x05 \x01(\x0b\x32\x13.plaso_storage.Dict\x12\x0f\n\x07\x62oolean\x18\x06 \x01(\x08\x12\r\n\x05\x66loat\x18\x07 \x01(\x02\x12\x0c\n\x04none\x18\x08 \x01(\x08\"-\n\x05\x41rray\x12$\n\x06values\x18\x01 \x03(\x0b\x32\x14.plaso_storage.Value\"\xf5\x08\n\x0b\x45ventObject\x12\x11\n\ttimestamp\x18\x01 \x01(\x03\x12\x16\n\x0etimestamp_desc\x18\x02 \x01(\t\x12\x11\n\tdata_type\x18\x03 \x02(\t\x12,\n\nattributes\x18\x04 \x03(\x0b\x32\x18.plaso_storage.Attribute\x12\x10\n\x08timezone\x18\x05 \x01(\t\x12\x10\n\x08\x66ilename\x18\x06 \x01(\t\x12\x14\n\x0c\x64isplay_name\x18\x07 \x01(\t\x12\x10\n\x08pathspec\x18\x08 \x01(\x0c\x12\x0e\n\x06offset\x18\t \x01(\x03\x12\x14\n\x0cstore_number\x18\n \x01(\x03\x12\x13\n\x0bstore_index\x18\x0b \x01(\x03\x12(\n\x03tag\x18\x0c \x01(\x0b\x32\x1b.plaso_storage.EventTagging\x12<\n\x0csource_short\x18\r \x01(\x0e\x32&.plaso_storage.EventObject.SourceShort\x12\x13\n\x0bsource_long\x18\x0e \x01(\t\x12\x0e\n\x06parser\x18\x0f \x01(\t\x12\r\n\x05inode\x18\x10 \x01(\x03\x12\x10\n\x08hostname\x18\x11 \x01(\t\x12\x0e\n\x06plugin\x18\x12 \x01(\t\x12\x15\n\rregistry_type\x18\x13 \x01(\t\x12\x11\n\tallocated\x18\x14 \x01(\x08\x12\x0f\n\x07\x66s_type\x18\x15 \x01(\t\x12\x11\n\trecovered\x18\x16 \x01(\x08\x12\x15\n\rrecord_number\x18\x17 \x01(\x03\x12\x13\n\x0bsource_name\x18\x18 \x01(\t\x12\x15\n\rcomputer_name\x18\x19 \x01(\t\x12\x18\n\x10\x65vent_identifier\x18\x1a \x01(\x03\x12\x13\n\x0b\x65vent_level\x18\x1b \x01(\x03\x12\x12\n\nxml_string\x18\x1c \x01(\t\x12%\n\x07strings\x18\x1d \x01(\x0b\x32\x14.plaso_storage.Array\x12\x10\n\x08username\x18\x1e \x01(\t\x12\x10\n\x08user_sid\x18\x1f \x01(\t\x12\x18\n\x10\x63\x61\x63hed_file_size\x18 \x01(\x03\x12\x16\n\x0enumber_of_hits\x18! \x01(\x03\x12\x1d\n\x15\x63\x61\x63he_directory_index\x18\" \x01(\x03\x12\r\n\x05title\x18# \x01(\t\x12%\n\x08metadata\x18$ \x01(\x0b\x32\x13.plaso_storage.Dict\x12\x0b\n\x03url\x18% \x01(\t\x12\x0f\n\x07keyname\x18& \x01(\t\x12%\n\x08regvalue\x18\' \x01(\x0b\x32\x13.plaso_storage.Dict\x12\x0c\n\x04text\x18( \x01(\t\x12\x0c\n\x04uuid\x18) \x01(\t\"\xad\x01\n\x0bSourceShort\x12\x06\n\x02\x41V\x10\x01\x12\x08\n\x04\x42\x41\x43K\x10\x02\x12\x07\n\x03\x45VT\x10\x03\x12\x08\n\x04\x45XIF\x10\x04\x12\x08\n\x04\x46ILE\x10\x05\x12\x07\n\x03LOG\x10\x06\x12\x07\n\x03LNK\x10\x07\x12\x07\n\x03LSO\x10\x08\x12\x08\n\x04META\x10\t\x12\t\n\x05PLIST\x10\n\x12\x07\n\x03RAM\x10\x0b\x12\n\n\x06RECBIN\x10\x0c\x12\x07\n\x03REG\x10\r\x12\x0b\n\x07WEBHIST\x10\x0e\x12\x0b\n\x07TORRENT\x10\x0f\x12\x07\n\x03JOB\x10\x10\"\xb2\x01\n\x0c\x45ventTagging\x12\x14\n\x0cstore_number\x18\x01 \x01(\x03\x12\x13\n\x0bstore_index\x18\x02 \x01(\x03\x12\x0f\n\x07\x63omment\x18\x03 \x01(\t\x12\r\n\x05\x63olor\x18\x04 \x01(\t\x12-\n\x04tags\x18\x05 \x03(\x0b\x32\x1f.plaso_storage.EventTagging.Tag\x12\x12\n\nevent_uuid\x18\x06 \x01(\t\x1a\x14\n\x03Tag\x12\r\n\x05value\x18\x01 \x02(\t\"\xfc\x01\n\nEventGroup\x12\x0c\n\x04name\x18\x01 \x02(\t\x12\x13\n\x0b\x64\x65scription\x18\x02 \x01(\t\x12\x17\n\x0f\x66irst_timestamp\x18\x03 \x01(\x03\x12\x16\n\x0elast_timestamp\x18\x04 \x01(\x03\x12\r\n\x05\x63olor\x18\x05 \x01(\t\x12\x10\n\x08\x63\x61tegory\x18\x06 \x01(\t\x12:\n\x06\x65vents\x18\x07 \x03(\x0b\x32*.plaso_storage.EventGroup.EventDescription\x1a=\n\x10\x45ventDescription\x12\x14\n\x0cstore_number\x18\x01 \x02(\x03\x12\x13\n\x0bstore_index\x18\x02 \x02(\x03\"\xed\x01\n\nPreProcess\x12\x33\n\x16\x63ollection_information\x18\x01 \x01(\x0b\x32\x13.plaso_storage.Dict\x12$\n\x07\x63ounter\x18\x02 \x01(\x0b\x32\x13.plaso_storage.Dict\x12)\n\x0bstore_range\x18\x03 \x01(\x0b\x32\x14.plaso_storage.Array\x12,\n\nattributes\x18\x04 \x03(\x0b\x32\x18.plaso_storage.Attribute\x12+\n\x0eplugin_counter\x18\x05 \x01(\x0b\x32\x13.plaso_storage.Dict\"\xc7\x01\n\x0e\x41nalysisReport\x12\x13\n\x0bplugin_name\x18\x01 \x01(\t\x12\x15\n\rtime_compiled\x18\x02 \x01(\x03\x12\x0c\n\x04text\x18\x03 \x01(\t\x12\x0e\n\x06images\x18\x04 \x03(\x0c\x12(\n\x0breport_dict\x18\x05 \x01(\x0b\x32\x13.plaso_storage.Dict\x12*\n\x0creport_array\x18\x06 \x01(\x0b\x32\x14.plaso_storage.Array\x12\x15\n\rfilter_string\x18\x07 \x01(\t')
_EVENTOBJECT_SOURCESHORT = descriptor.EnumDescriptor(
name='SourceShort',
full_name='plaso_storage.EventObject.SourceShort',
filename=None,
file=DESCRIPTOR,
values=[
descriptor.EnumValueDescriptor(
name='AV', index=0, number=1,
options=None,
type=None),
descriptor.EnumValueDescriptor(
name='BACK', index=1, number=2,
options=None,
type=None),
descriptor.EnumValueDescriptor(
name='EVT', index=2, number=3,
options=None,
type=None),
descriptor.EnumValueDescriptor(
name='EXIF', index=3, number=4,
options=None,
type=None),
descriptor.EnumValueDescriptor(
name='FILE', index=4, number=5,
options=None,
type=None),
descriptor.EnumValueDescriptor(
name='LOG', index=5, number=6,
options=None,
type=None),
descriptor.EnumValueDescriptor(
name='LNK', index=6, number=7,
options=None,
type=None),
descriptor.EnumValueDescriptor(
name='LSO', index=7, number=8,
options=None,
type=None),
descriptor.EnumValueDescriptor(
name='META', index=8, number=9,
options=None,
type=None),
descriptor.EnumValueDescriptor(
name='PLIST', index=9, number=10,
options=None,
type=None),
descriptor.EnumValueDescriptor(
name='RAM', index=10, number=11,
options=None,
type=None),
descriptor.EnumValueDescriptor(
name='RECBIN', index=11, number=12,
options=None,
type=None),
descriptor.EnumValueDescriptor(
name='REG', index=12, number=13,
options=None,
type=None),
descriptor.EnumValueDescriptor(
name='WEBHIST', index=13, number=14,
options=None,
type=None),
descriptor.EnumValueDescriptor(
name='TORRENT', index=14, number=15,
options=None,
type=None),
descriptor.EnumValueDescriptor(
name='JOB', index=15, number=16,
options=None,
type=None),
],
containing_type=None,
options=None,
serialized_start=1487,
serialized_end=1660,
)
_ATTRIBUTE = descriptor.Descriptor(
name='Attribute',
full_name='plaso_storage.Attribute',
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
descriptor.FieldDescriptor(
name='key', full_name='plaso_storage.Attribute.key', index=0,
number=1, type=9, cpp_type=9, label=2,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='string', full_name='plaso_storage.Attribute.string', index=1,
number=2, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='integer', full_name='plaso_storage.Attribute.integer', index=2,
number=3, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='array', full_name='plaso_storage.Attribute.array', index=3,
number=4, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='dict', full_name='plaso_storage.Attribute.dict', index=4,
number=5, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='boolean', full_name='plaso_storage.Attribute.boolean', index=5,
number=6, type=8, cpp_type=7, label=1,
has_default_value=False, default_value=False,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='data', full_name='plaso_storage.Attribute.data', index=6,
number=7, type=12, cpp_type=9, label=1,
has_default_value=False, default_value="",
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='float', full_name='plaso_storage.Attribute.float', index=7,
number=8, type=2, cpp_type=6, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='none', full_name='plaso_storage.Attribute.none', index=8,
number=9, type=8, cpp_type=7, label=1,
has_default_value=False, default_value=False,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
],
extensions=[
],
nested_types=[],
enum_types=[
],
options=None,
is_extendable=False,
extension_ranges=[],
serialized_start=51,
serialized_end=240,
)
_DICT = descriptor.Descriptor(
name='Dict',
full_name='plaso_storage.Dict',
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
descriptor.FieldDescriptor(
name='attributes', full_name='plaso_storage.Dict.attributes', index=0,
number=1, type=11, cpp_type=10, label=3,
has_default_value=False, default_value=[],
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
],
extensions=[
],
nested_types=[],
enum_types=[
],
options=None,
is_extendable=False,
extension_ranges=[],
serialized_start=242,
serialized_end=294,
)
_VALUE = descriptor.Descriptor(
name='Value',
full_name='plaso_storage.Value',
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
descriptor.FieldDescriptor(
name='integer', full_name='plaso_storage.Value.integer', index=0,
number=1, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='string', full_name='plaso_storage.Value.string', index=1,
number=2, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='data', full_name='plaso_storage.Value.data', index=2,
number=3, type=12, cpp_type=9, label=1,
has_default_value=False, default_value="",
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='array', full_name='plaso_storage.Value.array', index=3,
number=4, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='dict', full_name='plaso_storage.Value.dict', index=4,
number=5, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='boolean', full_name='plaso_storage.Value.boolean', index=5,
number=6, type=8, cpp_type=7, label=1,
has_default_value=False, default_value=False,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='float', full_name='plaso_storage.Value.float', index=6,
number=7, type=2, cpp_type=6, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='none', full_name='plaso_storage.Value.none', index=7,
number=8, type=8, cpp_type=7, label=1,
has_default_value=False, default_value=False,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
],
extensions=[
],
nested_types=[],
enum_types=[
],
options=None,
is_extendable=False,
extension_ranges=[],
serialized_start=297,
serialized_end=469,
)
_ARRAY = descriptor.Descriptor(
name='Array',
full_name='plaso_storage.Array',
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
descriptor.FieldDescriptor(
name='values', full_name='plaso_storage.Array.values', index=0,
number=1, type=11, cpp_type=10, label=3,
has_default_value=False, default_value=[],
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
],
extensions=[
],
nested_types=[],
enum_types=[
],
options=None,
is_extendable=False,
extension_ranges=[],
serialized_start=471,
serialized_end=516,
)
_EVENTOBJECT = descriptor.Descriptor(
name='EventObject',
full_name='plaso_storage.EventObject',
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
descriptor.FieldDescriptor(
name='timestamp', full_name='plaso_storage.EventObject.timestamp', index=0,
number=1, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='timestamp_desc', full_name='plaso_storage.EventObject.timestamp_desc', index=1,
number=2, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='data_type', full_name='plaso_storage.EventObject.data_type', index=2,
number=3, type=9, cpp_type=9, label=2,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='attributes', full_name='plaso_storage.EventObject.attributes', index=3,
number=4, type=11, cpp_type=10, label=3,
has_default_value=False, default_value=[],
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='timezone', full_name='plaso_storage.EventObject.timezone', index=4,
number=5, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='filename', full_name='plaso_storage.EventObject.filename', index=5,
number=6, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='display_name', full_name='plaso_storage.EventObject.display_name', index=6,
number=7, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='pathspec', full_name='plaso_storage.EventObject.pathspec', index=7,
number=8, type=12, cpp_type=9, label=1,
has_default_value=False, default_value="",
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='offset', full_name='plaso_storage.EventObject.offset', index=8,
number=9, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='store_number', full_name='plaso_storage.EventObject.store_number', index=9,
number=10, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='store_index', full_name='plaso_storage.EventObject.store_index', index=10,
number=11, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='tag', full_name='plaso_storage.EventObject.tag', index=11,
number=12, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='source_short', full_name='plaso_storage.EventObject.source_short', index=12,
number=13, type=14, cpp_type=8, label=1,
has_default_value=False, default_value=1,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='source_long', full_name='plaso_storage.EventObject.source_long', index=13,
number=14, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='parser', full_name='plaso_storage.EventObject.parser', index=14,
number=15, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='inode', full_name='plaso_storage.EventObject.inode', index=15,
number=16, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='hostname', full_name='plaso_storage.EventObject.hostname', index=16,
number=17, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='plugin', full_name='plaso_storage.EventObject.plugin', index=17,
number=18, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='registry_type', full_name='plaso_storage.EventObject.registry_type', index=18,
number=19, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='allocated', full_name='plaso_storage.EventObject.allocated', index=19,
number=20, type=8, cpp_type=7, label=1,
has_default_value=False, default_value=False,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='fs_type', full_name='plaso_storage.EventObject.fs_type', index=20,
number=21, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='recovered', full_name='plaso_storage.EventObject.recovered', index=21,
number=22, type=8, cpp_type=7, label=1,
has_default_value=False, default_value=False,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='record_number', full_name='plaso_storage.EventObject.record_number', index=22,
number=23, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='source_name', full_name='plaso_storage.EventObject.source_name', index=23,
number=24, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='computer_name', full_name='plaso_storage.EventObject.computer_name', index=24,
number=25, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='event_identifier', full_name='plaso_storage.EventObject.event_identifier', index=25,
number=26, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='event_level', full_name='plaso_storage.EventObject.event_level', index=26,
number=27, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='xml_string', full_name='plaso_storage.EventObject.xml_string', index=27,
number=28, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='strings', full_name='plaso_storage.EventObject.strings', index=28,
number=29, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='username', full_name='plaso_storage.EventObject.username', index=29,
number=30, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='user_sid', full_name='plaso_storage.EventObject.user_sid', index=30,
number=31, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='cached_file_size', full_name='plaso_storage.EventObject.cached_file_size', index=31,
number=32, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='number_of_hits', full_name='plaso_storage.EventObject.number_of_hits', index=32,
number=33, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='cache_directory_index', full_name='plaso_storage.EventObject.cache_directory_index', index=33,
number=34, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='title', full_name='plaso_storage.EventObject.title', index=34,
number=35, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='metadata', full_name='plaso_storage.EventObject.metadata', index=35,
number=36, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='url', full_name='plaso_storage.EventObject.url', index=36,
number=37, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='keyname', full_name='plaso_storage.EventObject.keyname', index=37,
number=38, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='regvalue', full_name='plaso_storage.EventObject.regvalue', index=38,
number=39, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='text', full_name='plaso_storage.EventObject.text', index=39,
number=40, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='uuid', full_name='plaso_storage.EventObject.uuid', index=40,
number=41, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
],
extensions=[
],
nested_types=[],
enum_types=[
_EVENTOBJECT_SOURCESHORT,
],
options=None,
is_extendable=False,
extension_ranges=[],
serialized_start=519,
serialized_end=1660,
)
_EVENTTAGGING_TAG = descriptor.Descriptor(
name='Tag',
full_name='plaso_storage.EventTagging.Tag',
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
descriptor.FieldDescriptor(
name='value', full_name='plaso_storage.EventTagging.Tag.value', index=0,
number=1, type=9, cpp_type=9, label=2,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
],
extensions=[
],
nested_types=[],
enum_types=[
],
options=None,
is_extendable=False,
extension_ranges=[],
serialized_start=1821,
serialized_end=1841,
)
_EVENTTAGGING = descriptor.Descriptor(
name='EventTagging',
full_name='plaso_storage.EventTagging',
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
descriptor.FieldDescriptor(
name='store_number', full_name='plaso_storage.EventTagging.store_number', index=0,
number=1, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='store_index', full_name='plaso_storage.EventTagging.store_index', index=1,
number=2, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='comment', full_name='plaso_storage.EventTagging.comment', index=2,
number=3, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='color', full_name='plaso_storage.EventTagging.color', index=3,
number=4, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='tags', full_name='plaso_storage.EventTagging.tags', index=4,
number=5, type=11, cpp_type=10, label=3,
has_default_value=False, default_value=[],
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='event_uuid', full_name='plaso_storage.EventTagging.event_uuid', index=5,
number=6, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
],
extensions=[
],
nested_types=[_EVENTTAGGING_TAG, ],
enum_types=[
],
options=None,
is_extendable=False,
extension_ranges=[],
serialized_start=1663,
serialized_end=1841,
)
_EVENTGROUP_EVENTDESCRIPTION = descriptor.Descriptor(
name='EventDescription',
full_name='plaso_storage.EventGroup.EventDescription',
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
descriptor.FieldDescriptor(
name='store_number', full_name='plaso_storage.EventGroup.EventDescription.store_number', index=0,
number=1, type=3, cpp_type=2, label=2,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='store_index', full_name='plaso_storage.EventGroup.EventDescription.store_index', index=1,
number=2, type=3, cpp_type=2, label=2,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
],
extensions=[
],
nested_types=[],
enum_types=[
],
options=None,
is_extendable=False,
extension_ranges=[],
serialized_start=2035,
serialized_end=2096,
)
_EVENTGROUP = descriptor.Descriptor(
name='EventGroup',
full_name='plaso_storage.EventGroup',
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
descriptor.FieldDescriptor(
name='name', full_name='plaso_storage.EventGroup.name', index=0,
number=1, type=9, cpp_type=9, label=2,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='description', full_name='plaso_storage.EventGroup.description', index=1,
number=2, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='first_timestamp', full_name='plaso_storage.EventGroup.first_timestamp', index=2,
number=3, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='last_timestamp', full_name='plaso_storage.EventGroup.last_timestamp', index=3,
number=4, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='color', full_name='plaso_storage.EventGroup.color', index=4,
number=5, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='category', full_name='plaso_storage.EventGroup.category', index=5,
number=6, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='events', full_name='plaso_storage.EventGroup.events', index=6,
number=7, type=11, cpp_type=10, label=3,
has_default_value=False, default_value=[],
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
],
extensions=[
],
nested_types=[_EVENTGROUP_EVENTDESCRIPTION, ],
enum_types=[
],
options=None,
is_extendable=False,
extension_ranges=[],
serialized_start=1844,
serialized_end=2096,
)
_PREPROCESS = descriptor.Descriptor(
name='PreProcess',
full_name='plaso_storage.PreProcess',
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
descriptor.FieldDescriptor(
name='collection_information', full_name='plaso_storage.PreProcess.collection_information', index=0,
number=1, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='counter', full_name='plaso_storage.PreProcess.counter', index=1,
number=2, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='store_range', full_name='plaso_storage.PreProcess.store_range', index=2,
number=3, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='attributes', full_name='plaso_storage.PreProcess.attributes', index=3,
number=4, type=11, cpp_type=10, label=3,
has_default_value=False, default_value=[],
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='plugin_counter', full_name='plaso_storage.PreProcess.plugin_counter', index=4,
number=5, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
],
extensions=[
],
nested_types=[],
enum_types=[
],
options=None,
is_extendable=False,
extension_ranges=[],
serialized_start=2099,
serialized_end=2336,
)
_ANALYSISREPORT = descriptor.Descriptor(
name='AnalysisReport',
full_name='plaso_storage.AnalysisReport',
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
descriptor.FieldDescriptor(
name='plugin_name', full_name='plaso_storage.AnalysisReport.plugin_name', index=0,
number=1, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='time_compiled', full_name='plaso_storage.AnalysisReport.time_compiled', index=1,
number=2, type=3, cpp_type=2, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='text', full_name='plaso_storage.AnalysisReport.text', index=2,
number=3, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='images', full_name='plaso_storage.AnalysisReport.images', index=3,
number=4, type=12, cpp_type=9, label=3,
has_default_value=False, default_value=[],
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='report_dict', full_name='plaso_storage.AnalysisReport.report_dict', index=4,
number=5, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='report_array', full_name='plaso_storage.AnalysisReport.report_array', index=5,
number=6, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
descriptor.FieldDescriptor(
name='filter_string', full_name='plaso_storage.AnalysisReport.filter_string', index=6,
number=7, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=unicode("", "utf-8"),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
],
extensions=[
],
nested_types=[],
enum_types=[
],
options=None,
is_extendable=False,
extension_ranges=[],
serialized_start=2339,
serialized_end=2538,
)
_ATTRIBUTE.fields_by_name['array'].message_type = _ARRAY
_ATTRIBUTE.fields_by_name['dict'].message_type = _DICT
_DICT.fields_by_name['attributes'].message_type = _ATTRIBUTE
_VALUE.fields_by_name['array'].message_type = _ARRAY
_VALUE.fields_by_name['dict'].message_type = _DICT
_ARRAY.fields_by_name['values'].message_type = _VALUE
_EVENTOBJECT.fields_by_name['attributes'].message_type = _ATTRIBUTE
_EVENTOBJECT.fields_by_name['tag'].message_type = _EVENTTAGGING
_EVENTOBJECT.fields_by_name['source_short'].enum_type = _EVENTOBJECT_SOURCESHORT
_EVENTOBJECT.fields_by_name['strings'].message_type = _ARRAY
_EVENTOBJECT.fields_by_name['metadata'].message_type = _DICT
_EVENTOBJECT.fields_by_name['regvalue'].message_type = _DICT
_EVENTOBJECT_SOURCESHORT.containing_type = _EVENTOBJECT;
_EVENTTAGGING_TAG.containing_type = _EVENTTAGGING;
_EVENTTAGGING.fields_by_name['tags'].message_type = _EVENTTAGGING_TAG
_EVENTGROUP_EVENTDESCRIPTION.containing_type = _EVENTGROUP;
_EVENTGROUP.fields_by_name['events'].message_type = _EVENTGROUP_EVENTDESCRIPTION
_PREPROCESS.fields_by_name['collection_information'].message_type = _DICT
_PREPROCESS.fields_by_name['counter'].message_type = _DICT
_PREPROCESS.fields_by_name['store_range'].message_type = _ARRAY
_PREPROCESS.fields_by_name['attributes'].message_type = _ATTRIBUTE
_PREPROCESS.fields_by_name['plugin_counter'].message_type = _DICT
_ANALYSISREPORT.fields_by_name['report_dict'].message_type = _DICT
_ANALYSISREPORT.fields_by_name['report_array'].message_type = _ARRAY
DESCRIPTOR.message_types_by_name['Attribute'] = _ATTRIBUTE
DESCRIPTOR.message_types_by_name['Dict'] = _DICT
DESCRIPTOR.message_types_by_name['Value'] = _VALUE
DESCRIPTOR.message_types_by_name['Array'] = _ARRAY
DESCRIPTOR.message_types_by_name['EventObject'] = _EVENTOBJECT
DESCRIPTOR.message_types_by_name['EventTagging'] = _EVENTTAGGING
DESCRIPTOR.message_types_by_name['EventGroup'] = _EVENTGROUP
DESCRIPTOR.message_types_by_name['PreProcess'] = _PREPROCESS
DESCRIPTOR.message_types_by_name['AnalysisReport'] = _ANALYSISREPORT
class Attribute(message.Message):
__metaclass__ = reflection.GeneratedProtocolMessageType
DESCRIPTOR = _ATTRIBUTE
# @@protoc_insertion_point(class_scope:plaso_storage.Attribute)
class Dict(message.Message):
__metaclass__ = reflection.GeneratedProtocolMessageType
DESCRIPTOR = _DICT
# @@protoc_insertion_point(class_scope:plaso_storage.Dict)
class Value(message.Message):
__metaclass__ = reflection.GeneratedProtocolMessageType
DESCRIPTOR = _VALUE
# @@protoc_insertion_point(class_scope:plaso_storage.Value)
class Array(message.Message):
__metaclass__ = reflection.GeneratedProtocolMessageType
DESCRIPTOR = _ARRAY
# @@protoc_insertion_point(class_scope:plaso_storage.Array)
class EventObject(message.Message):
__metaclass__ = reflection.GeneratedProtocolMessageType
DESCRIPTOR = _EVENTOBJECT
# @@protoc_insertion_point(class_scope:plaso_storage.EventObject)
class EventTagging(message.Message):
__metaclass__ = reflection.GeneratedProtocolMessageType
class Tag(message.Message):
__metaclass__ = reflection.GeneratedProtocolMessageType
DESCRIPTOR = _EVENTTAGGING_TAG
# @@protoc_insertion_point(class_scope:plaso_storage.EventTagging.Tag)
DESCRIPTOR = _EVENTTAGGING
# @@protoc_insertion_point(class_scope:plaso_storage.EventTagging)
class EventGroup(message.Message):
__metaclass__ = reflection.GeneratedProtocolMessageType
class EventDescription(message.Message):
__metaclass__ = reflection.GeneratedProtocolMessageType
DESCRIPTOR = _EVENTGROUP_EVENTDESCRIPTION
# @@protoc_insertion_point(class_scope:plaso_storage.EventGroup.EventDescription)
DESCRIPTOR = _EVENTGROUP
# @@protoc_insertion_point(class_scope:plaso_storage.EventGroup)
class PreProcess(message.Message):
__metaclass__ = reflection.GeneratedProtocolMessageType
DESCRIPTOR = _PREPROCESS
# @@protoc_insertion_point(class_scope:plaso_storage.PreProcess)
class AnalysisReport(message.Message):
__metaclass__ = reflection.GeneratedProtocolMessageType
DESCRIPTOR = _ANALYSISREPORT
# @@protoc_insertion_point(class_scope:plaso_storage.AnalysisReport)
# @@protoc_insertion_point(module_scope)
Reference in New Issue View Git Blame Copy Permalink