Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Anydesk parser plugin #4559

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Anydesk parser plugin #4559

wants to merge 2 commits into from

Conversation

caeaguilar
Copy link

@caeaguilar caeaguilar commented Jan 23, 2023
edited by joachimmetz
Loading

One line description of pull request

Added text parser plugin for AnyDesk Activity Log (ad.trace)

Description:

Parse and generates event data for each line in the ad.trace log file generated by AnyDesk client/server

Notes:

All contributions to Plaso undergo code review.
This makes sure that the code has appropriate test coverage and conforms to the
Plaso style guide.

One of the maintainers will examine your code, and may request changes. Check off the items below in
order, and then a maintainer will review your code.

Checklist:

  • No new new dependencies are required or l2tdevtools has been updated
  • Reviewer assigned
  • CI tests and test data coverage
  • Automated checks (GitHub Actions, AppVeyor) pass

@joachimmetz
Copy link
Member

@caeaguilar thx for the proposed PR, this must have slipped my attention earlier. Having a closer look when time permits, will leave some initial feedback.

@joachimmetz joachimmetz self-assigned this Feb 8, 2023
@joachimmetz joachimmetz self-requested a review February 8, 2023 05:45
@joachimmetz
Copy link
Member

joachimmetz commented Feb 8, 2023
edited
Loading

You'll need to update https://github.com/log2timeline/plaso/blob/main/data/timeliner.yaml as well

joachimmetz
joachimmetz reviewed Feb 8, 2023
View reviewed changes
data/formatters/generic.yaml
message:
- 'loglevel: {loglevel}'
- 'recorded_time: {recorded_time}'
- 'appname: {appname}'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

don't use abbreviations as per style guide https://github.com/log2timeline/l2tdocs/blob/main/process/Style-guide.md

joachimmetz
joachimmetz reviewed Feb 8, 2023
View reviewed changes
data/formatters/generic.yaml
- 'Message: {message}'
short_source: 'LOG'
source: 'AnyDesk Ad Trace Log'

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

change to --- to signify new definition

joachimmetz
joachimmetz reviewed Feb 8, 2023
View reviewed changes
plaso/parsers/text_plugins/__init__.py
@@ -2,6 +2,7 @@
"""Imports for the text parser."""

from plaso.parsers.text_plugins import android_logcat
from plaso.parsers.text_plugins import anydesk_adtrace
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: use alphabetical ordering

@joachimmetz
Copy link
Member

You'll need to add a test and test data as well

@joachimmetz joachimmetz added the pending reporter input Issue is pending input from the reporter label Feb 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joachimmetz joachimmetz joachimmetz left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@joachimmetz joachimmetz

Labels
pending reporter input Issue is pending input from the reporter
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@caeaguilar @joachimmetz