Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
"""Job to execute Jenkins analysis task."""
from __future__ import unicode_literals
from turbinia.evidence import Directory
from turbinia.evidence import DockerContainer
from turbinia.evidence import RawDisk
from turbinia.evidence import GoogleCloudDisk
from turbinia.evidence import GoogleCloudDiskRawEmbedded
from turbinia.evidence import ReportText
from turbinia.jobs import interface
from turbinia.jobs import manager
from turbinia.workers.analysis.jenkins import JenkinsAnalysisTask
class JenkinsAnalysisJob(interface.TurbiniaJob):
"""Jenkins analysis job."""
evidence_input = [
Directory, DockerContainer, RawDisk, GoogleCloudDisk,
GoogleCloudDiskRawEmbedded
]
evidence_output = [ReportText]
NAME = 'JenkinsAnalysisJob'
def create_tasks(self, evidence):
"""Create task for Jenkins analysis job.
Args:
evidence: List of evidence objects to process
from __future__ import unicode_literals
from turbinia.evidence import APFSEncryptedDisk
from turbinia.evidence import BitlockerDisk
from turbinia.evidence import CompressedDirectory
from turbinia.evidence import Directory
from turbinia.evidence import GoogleCloudDisk
from turbinia.evidence import GoogleCloudDiskRawEmbedded
from turbinia.evidence import PlasoFile
from turbinia.evidence import RawDisk
from turbinia.jobs import interface
from turbinia.jobs import manager
from turbinia.workers.plaso import PlasoTask
class PlasoJob(interface.TurbiniaJob):
"""Runs Plaso on some evidence to generate a Plaso file."""
# The types of evidence that this Job will process
evidence_input = [
Directory, RawDisk, GoogleCloudDisk, GoogleCloudDiskRawEmbedded,
BitlockerDisk, APFSEncryptedDisk, CompressedDirectory
]
evidence_output = [PlasoFile]
NAME = 'PlasoJob'
def create_tasks(self, evidence):
"""Create task for Plaso.
Args:
evidence: List of evidence objects to process
# limitations under the License.
"""Job to execute strings task."""
from __future__ import unicode_literals
from turbinia.evidence import GoogleCloudDisk
from turbinia.evidence import GoogleCloudDiskRawEmbedded
from turbinia.evidence import RawDisk
from turbinia.evidence import TextFile
from turbinia.jobs import interface
from turbinia.jobs import manager
from turbinia.workers.strings import StringsAsciiTask
from turbinia.workers.strings import StringsUnicodeTask
class StringsJob(interface.TurbiniaJob):
"""Strings collection Job.
This will generate a Unicode and ASCII string collection task for each piece
of evidence.
"""
# The types of evidence that this Job will process
evidence_input = [RawDisk, GoogleCloudDisk, GoogleCloudDiskRawEmbedded]
evidence_output = [TextFile]
NAME = 'StringsJob'
def create_tasks(self, evidence):
"""Create task for Strings.
Args:
# limitations under the License.
"""Job to execute Hadoop task."""
from __future__ import unicode_literals
from turbinia.evidence import DockerContainer
from turbinia.evidence import GoogleCloudDisk
from turbinia.evidence import GoogleCloudDiskRawEmbedded
from turbinia.evidence import RawDisk
from turbinia.evidence import ReportText
from turbinia.jobs import interface
from turbinia.jobs import manager
from turbinia.workers.hadoop import HadoopAnalysisTask
class HadoopAnalysisJob(interface.TurbiniaJob):
"""Analyzes Hadoop AppRoot files."""
evidence_input = [
DockerContainer, GoogleCloudDisk, GoogleCloudDiskRawEmbedded, RawDisk
]
evidence_output = [ReportText]
NAME = 'HadoopAnalysisJob'
def create_tasks(self, evidence):
"""Create task.
Args:
evidence: List of evidence objects to process
Returns:
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Job to execute grep task."""
from __future__ import unicode_literals
from turbinia.evidence import TextFile
from turbinia.evidence import FilteredTextFile
from turbinia.evidence import PlasoCsvFile
from turbinia.jobs import interface
from turbinia.jobs import manager
from turbinia.workers.grep import GrepTask
class GrepJob(interface.TurbiniaJob):
"""Filter input based on regular expression patterns."""
# The types of evidence that this Job will process
evidence_input = [TextFile, PlasoCsvFile]
evidence_output = [FilteredTextFile]
NAME = 'GrepJob'
def create_tasks(self, evidence):
"""Create task.
Args:
evidence: List of evidence objects to process
Returns:
A list of tasks to schedule.
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Job to execute Psort task."""
from __future__ import unicode_literals
from turbinia.evidence import PlasoFile
from turbinia.evidence import PlasoCsvFile
from turbinia.jobs import interface
from turbinia.jobs import manager
from turbinia.workers.psort import PsortTask
class PsortJob(interface.TurbiniaJob):
"""Run psort on PlasoFile to generate a CSV file."""
# The types of evidence that this Job will process
evidence_input = [PlasoFile]
evidence_output = [PlasoCsvFile]
NAME = 'PsortJob'
def create_tasks(self, evidence):
"""Create task for Psort.
Args:
evidence: List of evidence objects to process
Returns:
A list of PsortTasks.
def create_tasks(self, evidence):
"""Create task.
Args:
evidence: List of evidence objects to process
Returns:
A list of tasks to schedule.
"""
tasks = [
artifact.FileArtifactExtractionTask('SshdConfigFile') for _ in evidence
]
return tasks
class SSHDAnalysisJob(interface.TurbiniaJob):
"""Filter input based on regular expression patterns."""
evidence_input = [ExportedFileArtifact]
evidence_output = [ReportText]
NAME = 'SSHDAnalysisJob'
def create_tasks(self, evidence):
"""Create task.
Args:
evidence: List of evidence objects to process
Returns:
A list of tasks to schedule.
"""
from turbinia.evidence import DockerContainer
from turbinia.evidence import RawDisk
from turbinia.evidence import GoogleCloudDisk
from turbinia.evidence import GoogleCloudDiskRawEmbedded
from turbinia.evidence import ExportedFileArtifact
from turbinia.evidence import ReportText
from turbinia.jobs import interface
from turbinia.jobs import manager
from turbinia.workers.analysis import wordpress
ACCESS_LOG_ARTIFACTS = [
'GKEDockerContainerLogs', 'NginxAccessLogs', 'ApacheAccessLogs'
]
class HTTPAccessLogExtractionJob(interface.TurbiniaJob):
"""HTTP Access log extraction job."""
evidence_input = [
Directory, DockerContainer, RawDisk, GoogleCloudDisk,
GoogleCloudDiskRawEmbedded
]
evidence_output = [ExportedFileArtifact]
NAME = 'HTTPAccessLogExtractionJob'
def create_tasks(self, evidence):
"""Create task.
Args:
evidence: List of evidence objects to process
def create_tasks(self, evidence):
"""Create task.
Args:
evidence: List of evidence objects to process
Returns:
A list of tasks to schedule.
"""
tasks = [
artifact.FileArtifactExtractionTask('TomcatFiles') for _ in evidence
]
return tasks
class TomcatAnalysisJob(interface.TurbiniaJob):
"""Create tasks to analyse Apache Tomcat files."""
evidence_input = [ExportedFileArtifact]
evidence_output = [ReportText]
NAME = 'TomcatAnalysisJob'
def create_tasks(self, evidence):
"""Create task.
Args:
evidence: List of evidence objects to process
Returns:
A list of tasks to schedule.
"""
from __future__ import unicode_literals
from turbinia.workers import artifact
from turbinia.workers import sshd
from turbinia.evidence import Directory
from turbinia.evidence import DockerContainer
from turbinia.evidence import GoogleCloudDisk
from turbinia.evidence import GoogleCloudDiskRawEmbedded
from turbinia.evidence import ExportedFileArtifact
from turbinia.evidence import RawDisk
from turbinia.evidence import ReportText
from turbinia.jobs import interface
from turbinia.jobs import manager
class SSHDExtractionJob(interface.TurbiniaJob):
"""Filter input based on regular expression patterns."""
# The types of evidence that this Job will process
evidence_input = [
Directory, DockerContainer, RawDisk, GoogleCloudDisk,
GoogleCloudDiskRawEmbedded
]
evidence_output = [ExportedFileArtifact]
NAME = 'SSHDExtractionJob'
def create_tasks(self, evidence):
"""Create task.
Args: