How to use the turbinia.message.TurbiniaRequest function in turbinia
To help you get started, we’ve selected a few turbinia examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
google / turbinia / tests / pubsub.py View on Github 
def testTurbiniaRequestSerializationBadData(self):
"""Tests that TurbiniaRequest will raise error on non-json data."""
request_new = message.TurbiniaRequest()
self.assertRaises(TurbiniaException, request_new.from_json, 'non-json-data')def getTurbiniaRequest():
"""Get a Turbinia Request object with valid evidence attached.
Returns:
TurbiniaRequest object.
"""
request = message.TurbiniaRequest(
request_id='deadbeef', context={'kw': [1, 2]})
rawdisk = evidence.RawDisk(
name='My Evidence', local_path='/tmp/foo', mount_path='/mnt/foo')
request.evidence.append(rawdisk)
return requestdef testTurbiniaRequestSerialization(self):
"""Test that TurbiniaRequests serializes/unserializes."""
request = getTurbiniaRequest()
request_json = request.to_json()
self.assertTrue(isinstance(request_json, str))
# Create a new Turbinia Request object to load our results into
request_new = message.TurbiniaRequest()
request_new.from_json(request_json)
self.assertTrue(isinstance(request_new, message.TurbiniaRequest))
self.assertTrue(request_new.context['kw'][1], 2)
self.assertTrue(request_new.request_id, 'deadbeef')
self.assertTrue(isinstance(request_new.evidence[0], evidence.RawDisk))
self.assertEqual(request_new.evidence[0].name, 'My Evidence')def testTurbiniaRequestSerializationBadJSON(self):
"""Tests that TurbiniaRequest will raise error on wrong JSON object."""
rawdisk = evidence.RawDisk(name='My Evidence', local_path='/tmp/foo')
rawdisk_json = rawdisk.to_json()
self.assertTrue(isinstance(rawdisk_json, str))
request_new = message.TurbiniaRequest()
# Try to load serialization RawDisk() into a TurbiniaRequest, which should
# error because this is not the correct type.
self.assertRaises(TurbiniaException, request_new.from_json, rawdisk_json)'Turbinia. Consider wrapping it in a '
'GoogleCloudDiskRawEmbedded or other Cloud compatible '
'object'.format(evidence_.type))
sys.exit(1)
# If we have evidence to process and we also want to run as a server, then
# we'll just process the evidence directly rather than send it through the
# PubSub frontend interface. If we're not running as a server then we will
# create a new TurbiniaRequest and send it over PubSub.
request = None
if evidence_ and args.server:
server = TurbiniaServer()
server.add_evidence(evidence_)
server.start()
elif evidence_:
request = TurbiniaRequest(
request_id=args.request_id, requester=getpass.getuser())
request.evidence.append(evidence_)
if filter_patterns:
request.recipe['filter_patterns'] = filter_patterns
if args.jobs_blacklist:
request.recipe['jobs_blacklist'] = args.jobs_blacklist
if args.jobs_whitelist:
request.recipe['jobs_whitelist'] = args.jobs_whitelist
if args.recipe_config:
for pair in args.recipe_config:
try:
key, value = pair.split('=')
except ValueError as exception:
log.error(
'Could not parse key=value pair [{0:s}] from recipe config '
'{1:s}: {2!s}'.format(pair, args.recipe_config, exception))print('Turbinia log file: {0:s}'.format(log_file_path))
if self.state.input and not self.disk_name:
_, disk = self.state.input[0]
self.disk_name = disk.name
print('Using disk {0:s} from previous collector'.format(self.disk_name))
evidence_ = evidence.GoogleCloudDisk(
disk_name=self.disk_name, project=self.project, zone=self.turbinia_zone)
try:
evidence_.validate()
except TurbiniaException as exception:
self.state.AddError(exception, critical=True)
return
request = TurbiniaRequest(requester=getpass.getuser())
request.evidence.append(evidence_)
if self.sketch_id:
request.recipe['sketch_id'] = self.sketch_id
if not self.run_all_jobs:
request.recipe['jobs_blacklist'] = ['StringsJob']
# Get threat intelligence data from any modules that have stored some.
# In this case, observables is a list of containers.ThreatIntelligence
# objects.
threatintel = self.state.GetContainers(containers.ThreatIntelligence)
if threatintel:
print('Sending {0:d} threatintel to Turbinia GrepWorkers...'.format(
len(threatintel)))
indicators = [item.indicator for item in threatintel]
request.recipe['filter_patterns'] = indicatorsdef _validate_message(message):
"""Validates incoming messages, returns them as a new TurbiniaRequest
object.
Args:
message: The message string
Returns:
TurbiniaRequest|None: Returns the valid object, or None if there are
decoding failures.
"""
request = TurbiniaRequest()
try:
request.from_json(message)
except TurbiniaException as e:
log.error('Error decoding message: {0:s}'.format(str(e)))
return None
return requestturbinia
Automation and Scaling of Digital Forensics Tools
Package Health Score
84 / 100Popular turbinia functions
- turbinia.client.TurbiniaStats
- turbinia.config
- turbinia.config.LoadConfig
- turbinia.config.TURBINIA_PROJECT
- turbinia.evidence
- turbinia.evidence.Evidence
- turbinia.evidence.GoogleCloudDisk
- turbinia.evidence.RawDisk
- turbinia.evidence.ReportText
- turbinia.jobs.interface.TurbiniaJob
- turbinia.jobs.manager
- turbinia.jobs.manager.JobsManager
- turbinia.jobs.manager.JobsManager.RegisterJob
- turbinia.lib.text_formatter
- turbinia.lib.text_formatter.bold
- turbinia.lib.text_formatter.bullet
- turbinia.lib.text_formatter.heading4
- turbinia.message.TurbiniaRequest
- turbinia.TurbiniaException
- turbinia.workers.TurbiniaTask