Code review: 6873054: Small \"fixes\" to output when no parameters us…

…ed in front-end as well as error handling when wrong o…
log2timeline · Dec 4, 2012 · c530e9c · c530e9c
1 parent 504136d
commit c530e9c
Show file tree

Hide file tree

Showing 8 changed files with 72 additions and 23 deletions.
diff --git a/frontend/log2timeline.py b/frontend/log2timeline.py
@@ -17,6 +17,7 @@
 
 import argparse
 import os
+import multiprocessing
 import logging
 import sys
 
@@ -28,6 +29,7 @@
 
 
 if __name__ == '__main__':
+  multiprocessing.freeze_support()
   arg_parser = argparse.ArgumentParser(
       description=('log2timeline is the main frontend to the plaso backend, us'
                    'ed to collect and correlate events extracted from the file'
@@ -99,21 +101,20 @@
       '-w', '--write', dest='output', action='store', metavar='STORAGE_FILE',
       help='The output file (needs to be defined).')
 
-  arg_parser.add_argument(
-      '-f', '--filter', dest='filter', action='store', metavar='FILTER',
-      default=None,
-      help=('A filter that can be used to filter the dataset before it '
-            'is written into storage. More information about the filters'
-            ' and it\'s usage can be found here: http://plaso.kiddaland.'
-            'net/usage/filters'))
-
   arg_parser.add_argument(
       'filename', action='store', metavar='FILENAME_OR_MOUNT_POINT',
       default=None, help=(
           'The path to the file, directory, image file or mount point that the'
           ' tool should parse. If this is a directory it will recursively go '
           'through it, same with an image file.'))
 
+  arg_parser.add_argument(
+      'filter', action='store', metavar='FILTER', nargs='?', default=None,
+      help=('A filter that can be used to filter the dataset before it '
+            'is written into storage. More information about the filters'
+            ' and it\'s usage can be found here: http://plaso.kiddaland.'
+            'net/usage/filters'))
+
   options = arg_parser.parse_args()
 
   if options.tzone == 'list':
@@ -138,7 +139,11 @@
 
   if not options.output:
     arg_parser.print_help()
-    logging.error('Wrong usage: need to define an output.')
+    print ''
+    arg_parser.print_usage()
+    print ''
+    logging.error(
+        'Wrong usage: need to define an output (using -w parameter).')
     sys.exit(1)
 
   if options.image_offset or options.image_offset_bytes:

diff --git a/frontend/plaso_information.py b/frontend/plaso_information.py
@@ -103,6 +103,9 @@ def DisplayInformation(info, params):
   """
   arg_parser = argparse.ArgumentParser(description=usage)
 
+  format_str = '[%(levelname)s] %(message)s'
+  logging.basicConfig(level=logging.INFO, format=format_str)
+
   arg_parser.add_argument(
       '-v', '--verbose', dest='verbose', action='store_true', default=False,
       help='Be extra verbose in the information printed out.')
@@ -115,6 +118,9 @@ def DisplayInformation(info, params):
 
   if not options.storage_file:
     arg_parser.print_help()
+    print ''
+    arg_parser.print_usage()
+    print ''
     logging.error('Not able to run without a storage file being indicated.')
     sys.exit(1)
 

diff --git a/frontend/psort.py b/frontend/psort.py
@@ -289,9 +289,6 @@ def End(self):
   parser.add_argument('-d', '--debug', action='store_true',
                       help='Fall back to debug shell if psort fails.')
 
-  parser.add_argument('-s', '--storagefile', metavar='PLASOFILE', default=None,
-                      dest='protofile', help='Path to the Plaso container file')
-
   parser.add_argument('-t', '--first_time', metavar='STARTDATE',
                       dest='first_time', help='Earliest time as "YYYY-MM-DD'
                       'HH:MM:SS"')
@@ -324,6 +321,9 @@ def End(self):
                       version='log2timeline - psort version %s' % __version__,
                       help='Show the current version of psort.')
 
+  parser.add_argument('protofile', metavar='PLASOFILE', default=None,
+                      nargs='?', help='Path to the Plaso storage file')
+
   parser.add_argument(
       'filter', nargs='?', action='store', metavar='FILTER', default=None,
       help=('A filter that can be used to filter the dataset before it '
@@ -333,6 +333,9 @@ def End(self):
 
   my_args = parser.parse_args()
 
+  format_str = '[%(levelname)s] %(message)s'
+  logging.basicConfig(level=logging.INFO, format=format_str)
+
   if my_args.timezone == 'list':
     print '=' * 40
     print '       ZONES'
@@ -353,6 +356,9 @@ def End(self):
 
   if not my_args.protofile:
     parser.print_help()
+    print ''
+    parser.print_usage()
+    print ''
     logging.error('-s STORAGEFILE required! or -h for HELP')
     sys.exit(0)
 

diff --git a/lib/collector.py b/lib/collector.py
@@ -24,6 +24,7 @@
 import pytsk3
 import pyvshadow
 
+from plaso.lib import errors
 from plaso.lib import pfile
 from plaso.lib import queue
 from plaso.lib import vss
@@ -69,9 +70,12 @@ def CollectFromVss(self, image_path, store_nr, offset=0):
     """
     logging.debug('Collecting from VSS store %d', store_nr)
 
-    fs = self._fscache.Open(image_path, offset, store_nr)
+    try:
+      fs = self._fscache.Open(image_path, offset, store_nr)
+      self.ParseImageDir(fs, fs.fs.info.root_inum, '/')
+    except errors.UnableToOpenFilesystem as e:
+      logging.error('Unable to read filesystem: %s.', e)
 
-    self.ParseImageDir(fs, fs.fs.info.root_inum, '/')
     logging.debug('Collection from VSS store: %d COMPLETED.', store_nr)
 
   def CollectFromImage(self, image, offset=0):
@@ -86,10 +90,12 @@ def CollectFromImage(self, image, offset=0):
 
     logging.debug(u'Collecting from an image file [%s]', image)
 
-    fs = self._fscache.Open(image, offset)
-
-    # read the root dir, and move from there
-    self.ParseImageDir(fs, fs.fs.info.root_inum, os.path.sep)
+    try:
+      fs = self._fscache.Open(image, offset)
+      # read the root dir, and move from there
+      self.ParseImageDir(fs, fs.fs.info.root_inum, os.path.sep)
+    except errors.UnableToOpenFilesystem as e:
+      logging.error('Unable to read image [no collection] - %s.', e)
 
   def ParseImageDir(self, fs, cur_inode, path, retry=False):
     """A recursive traversal of a directory inside an image file.

diff --git a/lib/engine.py b/lib/engine.py
@@ -45,7 +45,7 @@
 from plaso.lib import worker
 
 
-__version__ = '1.0b'
+__version__ = '1.0alpha'
 
 
 def GetTimeZoneList():
@@ -213,7 +213,16 @@ def _StartSingleThread(self):
     pre_obj = preprocess.PlasoPreprocess()
 
     if self.config.preprocess:
-      self._PreProcess(pre_obj)
+      try:
+        self._PreProcess(pre_obj)
+      except errors.UnableToOpenFilesystem as e:
+        logging.error(u'Unable to open the filesystem: %s', e)
+        return
+      except IOError as e:
+        logging.error(
+            (u'An IOError occurred while trying to pre-process, bailing out.'
+             'The error given is: %s'), e)
+        return
     else:
       pre_obj.zone = self.config.zone
 
@@ -280,6 +289,9 @@ def _StartLocal(self):
     if self.config.preprocess:
       try:
         self._PreProcess(pre_obj)
+      except errors.UnableToOpenFilesystem as e:
+        logging.error(u'Unable to open the filesystem: %s', e)
+        return
       except IOError as e:
         logging.error(
             (u'An IOError occurred while trying to pre-process, bailing out.'

diff --git a/lib/errors.py b/lib/errors.py
@@ -54,3 +54,7 @@ class PreProcessFail(Error):
 
 class PathNotFound(Error):
   """Raised when a preprocessor fails to fill in a path variable."""
+
+
+class UnableToOpenFilesystem(Error):
+  """Raised when unable to open filesystem."""
diff --git a/lib/pfile.py b/lib/pfile.py
@@ -80,9 +80,17 @@ def OpenTskImage(self, path, offset=0):
 
     Returns:
       A FilesystemContainer object that stores a cache of the FS.
+
+    Raises:
+      errors.UnableToOpenFilesystem: If it is not able to open the filesystem.
     """
     img = pytsk3.Img_Info(path)
-    fs = pytsk3.FS_Info(img, offset=offset)
+    try:
+      fs = pytsk3.FS_Info(img, offset=offset)
+    except IOError as e:
+      raise errors.UnableToOpenFilesystem(
+          'Unable to mount image, wrong offset? [%s]' % e)
+
     return FilesystemContainer(fs, img, path, offset)
 
   def OpenVssImage(self, path, store_nr, offset=0):

diff --git a/lib/storage.py b/lib/storage.py
@@ -115,6 +115,7 @@ def __init__(self, output_file, buffer_size=0, read_only=False,
     self._max_buffer_size = buffer_size or self.MAX_BUFFER_SIZE
     self._write_counter = 0
     self._pre_obj = pre_obj
+    self._read_only = read_only
 
     if read_only:
       mode = 'r'
@@ -721,8 +722,9 @@ def CloseStorage(self):
       self.FlushBuffer()
       self.zipfile.close()
       self._file_open = False
-      logging.info(('[Storage] Closing the storage, nr. of events processed:'
-                    ' %d'), self._write_counter)
+      if not self._read_only:
+        logging.info(('[Storage] Closing the storage, nr. of events processed:'
+                      ' %d'), self._write_counter)
 
   def __exit__(self, unused_type, unused_value, unused_traceback):
     """Make usable with "with" statement."""