Add plugin ios_siminfo ke Plaso #4931
Conversation
plaso/data/timeliner.yaml
Outdated
| @@ -1795,3 +1795,29 @@ attribute_mappings: | |||
| - name: 'recorded_time' | |||
| description: 'Recorded Time' | |||
| place_holder_event: true | |||
|
|
|||
| --- | |||
|
|
|||
There was a problem hiding this comment.
please remove the unnecessary white-space
|
Thanks for the PR, I'm a bit preoccupied at the moment will try to take a look as soon as time permits |
| @@ -21,3 +21,6 @@ | |||
| from plaso.parsers.plist_plugins import spotlight_searched_terms | |||
| from plaso.parsers.plist_plugins import spotlight_volume | |||
| from plaso.parsers.plist_plugins import time_machine | |||
|
|
|||
| # Impor parser yang baru dibuat | |||
|
@fitrianhikma a couple of questions:
|
plaso/data/formatters/ios.yaml
Outdated
| @@ -233,3 +233,17 @@ short_message: | |||
| - 'Message: {text}' | |||
| short_source: 'Twitter iOS' | |||
| source: 'Twitter iOS Status' | |||
| --- | |||
| #ios_siminfo | |||
There was a problem hiding this comment.
this comments adds no value, removing
plaso/data/formatters/ios.yaml
Outdated
| - 'SIM MDN: {mdn}' | ||
| short_source: 'IOS' | ||
| source: 'iOS SIM Info' | ||
| --- |
plaso/data/formatters/ios.yaml
Outdated
| data_type: 'ios:sim:info' | ||
| message: | ||
| - 'SIM MDN: {mdn}' | ||
| - 'SIM Type: {sim_type}' |
There was a problem hiding this comment.
style does not match yamllint configuration
plaso/data/timeliner.yaml
Outdated
| #Configuration for data type | ||
| data_type: 'ios:sim:info' | ||
| attribute_mappings: | ||
| - name: 'mdn' |
There was a problem hiding this comment.
same yaml style nits apply here, aslo only timestamp definition is needed
plaso/data/timeliner.yaml
Outdated
| - name: 'label_id' | ||
| description: 'ID label untuk SIM' | ||
| - name: 'timestamp' | ||
| description: 'Timestamp SIM' |
There was a problem hiding this comment.
What does this timestamp represent?
|
|
||
|
|
||
| class IOSSIMInfoEventData(events.EventData): | ||
| """Event data untuk iOS SIM Info.""" |
There was a problem hiding this comment.
attribute definitions missing from docstring
| def __init__(self): | ||
| """Inisialisasi event data.""" | ||
| super(IOSSIMInfoEventData, self).__init__(data_type=self.DATA_TYPE) | ||
| self.mdn = None |
There was a problem hiding this comment.
style guide nit: use 2 space indentation
| events = list(storage_writer.GetAttributeContainers('event_data')) | ||
|
|
||
| # Memastikan bahwa data di event pertama sesuai dengan yang diharapkan | ||
| event = events[0] |
There was a problem hiding this comment.
Please use expected_event_values to match rest of codebase e.g. see ios_carplay.py for an example
plaso/data/formatters/ios.yaml
Outdated
| - 'SIM MDN: {mdn}' | ||
| short_source: 'IOS' | ||
| source: 'iOS SIM Info' | ||
| --- |
There was a problem hiding this comment.
remove trailing --- this adds an empty entry
| self.eap_aka = None | ||
| self.sim_type = None | ||
| self.cb_ver = None | ||
| self.label_id = None |
There was a problem hiding this comment.
please take a look at the style guide, abbreviations like id or ver are not desired
joachimmetz
added
the
pending reporter input
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #4931 +/- ##
=======================================
Coverage 85.09% 85.09%
=======================================
Files 432 433 +1
Lines 38792 38834 +42
=======================================
+ Hits 33009 33046 +37
- Misses 5783 5788 +5 ☔ View full report in Codecov by Sentry. |
|
You can ignore the failing "test_docs" |
One line description of pull request
Description:
Related issue (if applicable): fixes #
Notes:
All contributions to Plaso undergo code review.
This makes sure that the code has appropriate test coverage and conforms to the
Plaso style guide.
One of the maintainers will examine your code, and may request changes. Check off the items below in
order, and then a maintainer will review your code.
Checklist: