diff --git a/timesketch.conf b/timesketch.conf index a5d9072a37..cdfe0718ee 100644 --- a/timesketch.conf +++ b/timesketch.conf @@ -61,3 +61,7 @@ UPLOAD_FOLDER = u'/tmp' # server is running. CELERY_BROKER_URL='redis://ip:port', CELERY_RESULT_BACKEND='redis://ip:port' + +# Path to plaso data directory. +# If not set, defaults to system prefix + share/plaso +#PLASO_DATA_LOCATION = u'/path/to/dir/with/plaso/data/files' diff --git a/timesketch/lib/tasks.py b/timesketch/lib/tasks.py index d8f079aefc..28034cfff4 100644 --- a/timesketch/lib/tasks.py +++ b/timesketch/lib/tasks.py @@ -13,13 +13,37 @@ # limitations under the License. """Celery task for processing Plaso storage files.""" -from plaso.frontend import psort +import os +import sys + +from flask import current_app +# We currently don't have plaso in our Travis setup. This is a workaround +# for that until we fix the Travis environment. +# TODO: Add Plaso to our Travis environment we are running our tests in. +try: + from plaso.frontend import psort +except ImportError: + pass from timesketch import create_celery_app celery = create_celery_app() +def get_data_location(): + """Path to the plaso data directory. + + Returns: + The path to where the plaso data directory is or None if not existing. + """ + data_location = current_app.config.get(u'PLASO_DATA_LOCATION', None) + if not data_location: + data_location = os.path.join(sys.prefix, u'share', u'plaso') + if not os.path.exists(data_location): + data_location = None + return data_location + + @celery.task(track_started=True) def run_plaso(source_file_path, timeline_name, index_name): """Create a Celery task for processing Plaso storage file. @@ -32,11 +56,13 @@ def run_plaso(source_file_path, timeline_name, index_name): Returns: Dictionary with count of processed events. """ + plaso_data_location = get_data_location() analysis_plugins = None flush_interval_ms = 1000 # Use the Psort frontend for processing. frontend = psort.PsortFrontend() + frontend.SetDataLocation(plaso_data_location) storage_file = frontend.OpenStorage( source_file_path, read_only=True) diff --git a/timesketch/lib/tasks_test.py b/timesketch/lib/tasks_test.py new file mode 100644 index 0000000000..b8ca662b74 --- /dev/null +++ b/timesketch/lib/tasks_test.py @@ -0,0 +1,30 @@ +# Copyright 2014 Google Inc. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Tests for tasks.""" + +from flask import current_app + +from timesketch.lib.testlib import BaseTest +from timesketch.lib.tasks import get_data_location + + +class TestTasks(BaseTest): + """Tests for the functionality on the tasks module.""" + def test_get_data_location(self): + """Test to get data_location path.""" + data_location_none = get_data_location() + current_app.config[u'PLASO_DATA_LOCATION'] = u'/tmp' + data_location_exists = get_data_location() + self.assertFalse(data_location_none) + self.assertEqual(u'/tmp', data_location_exists) diff --git a/wsgi.py b/wsgi.py index 9b7fe31685..e6ab999abb 100644 --- a/wsgi.py +++ b/wsgi.py @@ -15,7 +15,7 @@ """This module is for creating the app for a WSGI server. Example with Gunicorn: -$ gunicorn -b 127.0.0.1:4000 --log-file - wsgi:application +$ gunicorn -b 127.0.0.1:4000 --log-file --timeout 120 - wsgi:application Example configuration for Apache with mod_wsgi (a2enmod mod_wsgi):