flow.record 3.20.dev1__tar.gz → 3.21.dev2__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/PKG-INFO +3 -2
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/base.py +7 -1
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/version.py +9 -4
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow.record.egg-info/PKG-INFO +3 -2
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_record.py +16 -1
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/.git-blame-ignore-revs +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/COPYRIGHT +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/LICENSE +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/MANIFEST.in +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/README.md +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/examples/filesystem.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/examples/passivedns.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/examples/records.json +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/examples/tcpconn.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/__init__.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/adapter/__init__.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/adapter/archive.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/adapter/avro.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/adapter/broker.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/adapter/csvfile.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/adapter/duckdb.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/adapter/elastic.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/adapter/jsonfile.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/adapter/line.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/adapter/mongo.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/adapter/split.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/adapter/splunk.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/adapter/sqlite.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/adapter/stream.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/adapter/text.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/adapter/xlsx.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/exceptions.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/fieldtypes/__init__.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/fieldtypes/credential.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/fieldtypes/net/__init__.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/fieldtypes/net/ip.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/fieldtypes/net/ipv4.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/fieldtypes/net/tcp.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/fieldtypes/net/udp.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/jsonpacker.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/packer.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/selector.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/stream.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/tools/__init__.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/tools/geoip.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/tools/rdump.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/utils.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow/record/whitelist.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow.record.egg-info/SOURCES.txt +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow.record.egg-info/dependency_links.txt +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow.record.egg-info/entry_points.txt +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow.record.egg-info/requires.txt +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/flow.record.egg-info/top_level.txt +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/pyproject.toml +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/setup.cfg +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/__init__.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/_utils.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/docs/Makefile +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/docs/conf.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/docs/index.rst +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/selector_explain_example.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/standalone_test.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_adapter_line.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_adapter_text.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_avro.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_avro_adapter.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_compiled_selector.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_csv_adapter.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_deprecations.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_elastic_adapter.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_fieldtype_ip.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_fieldtypes.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_json_packer.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_json_record_adapter.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_multi_timestamp.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_packer.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_rdump.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_record_adapter.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_record_descriptor.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_regression.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_selector.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_splunk_adapter.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_sqlite_duckdb_adapter.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tests/test_xlsx_adapter.py +0 -0
- {flow_record-3.20.dev1 → flow_record-3.21.dev2}/tox.ini +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
Metadata-Version: 2.
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
2
|
Name: flow.record
|
|
3
|
-
Version: 3.
|
|
3
|
+
Version: 3.21.dev2
|
|
4
4
|
Summary: A library for defining and creating structured data (called records) that can be streamed to disk or piped to other tools that use flow.record
|
|
5
5
|
Author-email: Dissect Team <dissect@fox-it.com>
|
|
6
6
|
License: Affero General Public License v3
|
|
@@ -47,6 +47,7 @@ Requires-Dist: tqdm; extra == "test"
|
|
|
47
47
|
Provides-Extra: full
|
|
48
48
|
Requires-Dist: flow.record[compression]; extra == "full"
|
|
49
49
|
Requires-Dist: tqdm; extra == "full"
|
|
50
|
+
Dynamic: license-file
|
|
50
51
|
|
|
51
52
|
# flow.record
|
|
52
53
|
|
|
@@ -185,6 +185,9 @@ class Record:
|
|
|
185
185
|
return OrderedDict((k, getattr(self, k)) for k in fields if k in self.__slots__ and k not in exclude)
|
|
186
186
|
return OrderedDict((k, getattr(self, k)) for k in self.__slots__ if k not in exclude)
|
|
187
187
|
|
|
188
|
+
if TYPE_CHECKING:
|
|
189
|
+
def __getattr__(self, name: str) -> Any: ...
|
|
190
|
+
|
|
188
191
|
def __setattr__(self, k: str, v: Any) -> None:
|
|
189
192
|
"""Enforce setting the fields to their respective types."""
|
|
190
193
|
# NOTE: This is a HOT code path
|
|
@@ -262,10 +265,13 @@ class GroupedRecord(Record):
|
|
|
262
265
|
self.fieldname_to_record[fname] = rec
|
|
263
266
|
if fname not in required_fields:
|
|
264
267
|
self.flat_fields.append(field)
|
|
265
|
-
#
|
|
268
|
+
# Flat descriptor to maintain compatibility with Record
|
|
266
269
|
|
|
267
270
|
self._desc = RecordDescriptor(self.name, [(f.typename, f.name) for f in self.flat_fields])
|
|
268
271
|
|
|
272
|
+
# _field_types to maintain compatibility with RecordDescriptor
|
|
273
|
+
self._field_types = self._desc.recordType._field_types
|
|
274
|
+
|
|
269
275
|
def get_record_by_type(self, type_name: str) -> Record | None:
|
|
270
276
|
"""
|
|
271
277
|
Get record in a GroupedRecord by type_name.
|
|
@@ -1,8 +1,13 @@
|
|
|
1
|
-
# file generated by
|
|
1
|
+
# file generated by setuptools-scm
|
|
2
2
|
# don't change, don't track in version control
|
|
3
|
+
|
|
4
|
+
__all__ = ["__version__", "__version_tuple__", "version", "version_tuple"]
|
|
5
|
+
|
|
3
6
|
TYPE_CHECKING = False
|
|
4
7
|
if TYPE_CHECKING:
|
|
5
|
-
from typing import Tuple
|
|
8
|
+
from typing import Tuple
|
|
9
|
+
from typing import Union
|
|
10
|
+
|
|
6
11
|
VERSION_TUPLE = Tuple[Union[int, str], ...]
|
|
7
12
|
else:
|
|
8
13
|
VERSION_TUPLE = object
|
|
@@ -12,5 +17,5 @@ __version__: str
|
|
|
12
17
|
__version_tuple__: VERSION_TUPLE
|
|
13
18
|
version_tuple: VERSION_TUPLE
|
|
14
19
|
|
|
15
|
-
__version__ = version = '3.
|
|
16
|
-
__version_tuple__ = version_tuple = (3,
|
|
20
|
+
__version__ = version = '3.21.dev2'
|
|
21
|
+
__version_tuple__ = version_tuple = (3, 21, 'dev2')
|
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
Metadata-Version: 2.
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
2
|
Name: flow.record
|
|
3
|
-
Version: 3.
|
|
3
|
+
Version: 3.21.dev2
|
|
4
4
|
Summary: A library for defining and creating structured data (called records) that can be streamed to disk or piped to other tools that use flow.record
|
|
5
5
|
Author-email: Dissect Team <dissect@fox-it.com>
|
|
6
6
|
License: Affero General Public License v3
|
|
@@ -47,6 +47,7 @@ Requires-Dist: tqdm; extra == "test"
|
|
|
47
47
|
Provides-Extra: full
|
|
48
48
|
Requires-Dist: flow.record[compression]; extra == "full"
|
|
49
49
|
Requires-Dist: tqdm; extra == "full"
|
|
50
|
+
Dynamic: license-file
|
|
50
51
|
|
|
51
52
|
# flow.record
|
|
52
53
|
|
|
@@ -151,6 +151,17 @@ def test_grouped_record() -> None:
|
|
|
151
151
|
("string", "hello"),
|
|
152
152
|
],
|
|
153
153
|
)
|
|
154
|
+
expected_field_types = {
|
|
155
|
+
"hello": fieldtypes.string,
|
|
156
|
+
"world": fieldtypes.string,
|
|
157
|
+
"count": fieldtypes.uint32,
|
|
158
|
+
"assignee": fieldtypes.string,
|
|
159
|
+
"profile": fieldtypes.string,
|
|
160
|
+
"_source": fieldtypes.string,
|
|
161
|
+
"_classification": fieldtypes.string,
|
|
162
|
+
"_generated": fieldtypes.datetime,
|
|
163
|
+
"_version": fieldtypes.varint,
|
|
164
|
+
}
|
|
154
165
|
|
|
155
166
|
test_record = TestRecord("a", "b", 12345)
|
|
156
167
|
meta_record = WQMetaRecord("me", "this is a test", "other hello")
|
|
@@ -176,7 +187,7 @@ def test_grouped_record() -> None:
|
|
|
176
187
|
|
|
177
188
|
assert len(grouped.records) == 2
|
|
178
189
|
|
|
179
|
-
#
|
|
190
|
+
# Test grouped._asdict
|
|
180
191
|
rdict = grouped._asdict()
|
|
181
192
|
assert {"hello", "world", "count", "assignee", "profile"} <= set(rdict)
|
|
182
193
|
|
|
@@ -185,6 +196,10 @@ def test_grouped_record() -> None:
|
|
|
185
196
|
assert rdict["profile"] == "omg"
|
|
186
197
|
assert rdict["count"] == 12345
|
|
187
198
|
|
|
199
|
+
# Test grouped._field_types
|
|
200
|
+
assert grouped._field_types
|
|
201
|
+
assert grouped._field_types == expected_field_types
|
|
202
|
+
|
|
188
203
|
|
|
189
204
|
def test_grouped_records_packing(tmp_path: Path) -> None:
|
|
190
205
|
RecordA = RecordDescriptor(
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|