gulp-cli 1.1.1__tar.gz → 1.1.3__tar.gz

{gulp_cli-1.1.1 → gulp_cli-1.1.3}/.github/workflows/portable-bundles.yml

@@ -3,8 +3,13 @@ name: Portable bundles
 "on":
   push:
     tags: ['v*', 'test-v*']
+  release:
+    types: [published]
   workflow_dispatch: {}
 
+permissions:
+  contents: write
+
 jobs:
   build-portable:
     name: Build portable bundle (${{ matrix.bundle_name }})
@@ -72,9 +77,33 @@ jobs:
           path: dist/${{ matrix.bundle_name }}
           if-no-files-found: error
 
+      - name: Create release archive
+        shell: python
+        env:
+          BUNDLE_NAME: ${{ matrix.bundle_name }}
+        run: |
+          import os
+          import shutil
+          from pathlib import Path
+
+          dist_dir = Path("dist")
+          bundle_name = os.environ["BUNDLE_NAME"]
+          bundle_dir = dist_dir / bundle_name
+          archive_base = dist_dir / bundle_name
+          shutil.make_archive(str(archive_base), "zip", root_dir=bundle_dir.parent, base_dir=bundle_dir.name)
+
+      - name: Upload release asset
+        if: github.event_name == 'release'
+        uses: softprops/action-gh-release@v2
+        with:
+          tag_name: ${{ github.event.release.tag_name }}
+          files: dist/${{ matrix.bundle_name }}.zip
+          fail_on_unmatched_files: true
+
   build-portable-macos-x64:
     name: Build portable bundle (gulp-cli-portable-macos-x64)
-    if: github.event_name == 'workflow_dispatch'
+    if: github.event_name == 'workflow_dispatch' || github.event_name == 'release'
+    continue-on-error: ${{ github.event_name == 'release' }}
     runs-on: macos-15-intel
     timeout-minutes: 90
 
@@ -125,3 +154,26 @@ jobs:
           name: gulp-cli-portable-macos-x64
           path: dist/gulp-cli-portable-macos-x64
           if-no-files-found: error
+
+      - name: Create release archive
+        shell: python
+        env:
+          BUNDLE_NAME: gulp-cli-portable-macos-x64
+        run: |
+          import os
+          import shutil
+          from pathlib import Path
+
+          dist_dir = Path("dist")
+          bundle_name = os.environ["BUNDLE_NAME"]
+          bundle_dir = dist_dir / bundle_name
+          archive_base = dist_dir / bundle_name
+          shutil.make_archive(str(archive_base), "zip", root_dir=bundle_dir.parent, base_dir=bundle_dir.name)
+
+      - name: Upload release asset
+        if: github.event_name == 'release'
+        uses: softprops/action-gh-release@v2
+        with:
+          tag_name: ${{ github.event.release.tag_name }}
+          files: dist/gulp-cli-portable-macos-x64.zip
+          fail_on_unmatched_files: true

{gulp_cli-1.1.1/src/gulp_cli.egg-info → gulp_cli-1.1.3}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: gulp-cli
-Version: 1.1.1
+Version: 1.1.3
 Summary: Command-line client for gULP
 Author-email: Mentat <info@mentat.is>
 Requires-Python: >=3.12
@@ -80,7 +80,7 @@ gulp-cli auth whoami
 # List operations
 gulp-cli operation list
 
-# Ingest files with wildcard
+# Ingest files with wildcard (per-file progress is on by default; use --no-show-per-file-progress to hide it)
 gulp-cli ingest file my_operation win_evtx 'samples/win_evtx/*.evtx'
 
 # Query documents

{gulp_cli-1.1.1 → gulp_cli-1.1.3}/README.md

@@ -66,7 +66,7 @@ gulp-cli auth whoami
 # List operations
 gulp-cli operation list
 
-# Ingest files with wildcard
+# Ingest files with wildcard (per-file progress is on by default; use --no-show-per-file-progress to hide it)
 gulp-cli ingest file my_operation win_evtx 'samples/win_evtx/*.evtx'
 
 # Query documents

{gulp_cli-1.1.1 → gulp_cli-1.1.3}/docs/command-reference.md

@@ -455,7 +455,9 @@ gulp-cli ingest file OPERATION_ID PLUGIN FILE [FILE...] [OPTIONS]
 - `--create-operation` — Create operation automatically when it does not exist
 - `--preview` — Run preview-only ingestion (no persistence)
 - `--wait` — Wait for completion with progress
+- `--show-per-file-progress / --no-show-per-file-progress` — Show one line per completed file request in `--wait` mode (default: on)
 - `--timeout INTEGER` — Timeout in seconds for `--wait` mode
+- `--batch-size INTEGER` — Number of file ingestion requests to submit concurrently per window (default: `cores * 2`)
 
 **Examples:**
 
@@ -481,7 +483,7 @@ gulp-cli ingest file my_op win_evtx /path/to/System.evtx --preview
 # Reset operation data before ingest (destructive for collab/request data)
 gulp-cli ingest file my_op win_evtx 'samples/win_evtx/*.evtx' --reset-operation
 
-# Wait for completion
+# Wait for completion (per-file progress is enabled by default)
 gulp-cli ingest file my_op win_evtx 'samples/win_evtx/*.evtx' --wait
 ```
 
@@ -505,7 +507,9 @@ gulp-cli ingest file-to-source SOURCE_ID FILE [FILE...] [OPTIONS]
 - `--plugin-params TEXT` — JSON object for plugin_params (overrides source defaults)
 - `--flt TEXT` — JSON object for GulpIngestionFilter
 - `--wait` — Wait for completion with progress
+- `--show-per-file-progress / --no-show-per-file-progress` — Show one line per completed file request in `--wait` mode (default: on)
 - `--timeout INTEGER` — Timeout in seconds for `--wait` mode
+- `--batch-size INTEGER` — Number of file ingestion requests to submit concurrently per window (default: `cores * 2`)
 
 **Examples:**
 
@@ -1017,6 +1021,7 @@ gulp-cli stats list OPERATION_ID [OPTIONS]
 - Shows only ongoing stats (`--ongoing-only` enabled)
 - Renders a live table (`--live` enabled)
 - Default columns: `user_id`, `ws_id`, `req_id`, `status`, `req_type`, `time_updated`, `data`, `errors`
+- The `data` column shows human-readable source information for ingest stats when available
 
 **Options:**
 

{gulp_cli-1.1.1 → gulp_cli-1.1.3}/docs/examples.md

@@ -142,10 +142,10 @@ cap --plugin-params '{ "mapping_parameters": { "mapping_file": "pcap.json" } }'
 ### Bulk File Ingestion with Wildcard
 
 ```bash
-# Ingest all .evtx files from directory
+# Ingest all .evtx files from directory (default batch size is `cores * 2`)
 gulp-cli ingest file incident-001 win_evtx '/evidence/**/*.evtx'
 
-# Ingest from multiple locations
+# Ingest from multiple locations (files are processed in alphabetical order)
 gulp-cli ingest file incident-001 win_evtx '/suspect-machine/*.evtx' '/network-share/backups/*.evtx'
 
 # Preview parser output without ingesting
@@ -158,7 +158,7 @@ gulp-cli ingest file incident-001 win_evtx '/suspect-machine/System.evtx' --prev
 # Create operation for multi-source investigation
 gulp-cli operation create incident-2026-001
 
-# Ingest evidence from different sources concurrently
+# Ingest evidence from different sources concurrently (per-file progress is shown by default)
 gulp-cli ingest file incident-2026-001 win_evtx '/forensic/windows/*.evtx' --wait &
 gulp-cli ingest file incident-2026-001 syslog '/forensic/linux/**/*.log' --wait &
 gulp-cli ingest file incident-2026-001 pcap '/forensic/network/*.pcap' --wait &
@@ -195,10 +195,10 @@ gulp-cli ingest file incident-001 json '/logs/**/*.json' --create-operation
 ### Add More Evidence to Existing Source
 
 ```bash
-# First ingestion creates data-2026-001 source
+# First ingestion creates data-2026-001 source (default batch size is `cores * 2`)
 gulp-cli ingest file incident-001 win_evtx /initial/evidence.evtx
 
-# Later, add more files to same source
+# Later, add more files to same source (per-file progress is shown by default)
 gulp-cli ingest file-to-source data-2026-001 /additional/evidence.evtx --wait
 
 # You can also ingest multiple files via glob

{gulp_cli-1.1.1 → gulp_cli-1.1.3}/docs/getting-started.md

@@ -44,11 +44,13 @@ gulp-cli auth login --url http://localhost:8080 --username admin --password admi
 ```
 
 This:
+
 - Connects to your gULP instance
 - Exchanges credentials for a token
 - Stores the session in `~/.config/gulp-cli/config.json`
 
 **Output should be:**
+
 ```
 ✓ Authentication successful
 Token stored in ~/.config/gulp-cli/config.json
@@ -61,6 +63,7 @@ gulp-cli auth whoami
 ```
 
 **Expected output:**
+
 ```
 ├─ User: admin
 ├─ Permissions: admin
@@ -102,6 +105,7 @@ gulp-cli operation list
 ```
 
 **Expected output:**
+
 ```
 ╭────────────────────────────────────────────────────╮
 │                   OPERATIONS                       │
@@ -121,6 +125,7 @@ gulp-cli operation create my_investigation --description "Investigation into inc
 ```
 
 **Expected output:**
+
 ```
 ✓ Operation created successfully
 ID: my_investigation
@@ -165,6 +170,7 @@ gulp-cli ingest file my_investigation win_evtx /gulp/samples/win_evtx/System.evt
 ```
 
 **Expected output:**
+
 ```
 📥 Ingesting files...
 ✓ /gulp/samples/win_evtx/System.evtx
@@ -177,7 +183,7 @@ Documents queued for processing
 gulp-cli ingest file my_investigation win_evtx '/gulp/samples/win_evtx/*.evtx'
 ```
 
-This ingests all `.evtx` files concurrently.
+This ingests all `.evtx` files using the default batch size (`cores * 2`) and shows per-file progress by default.
 
 ### Preview Before Ingest
 
@@ -193,7 +199,7 @@ This runs parser preview without persisting documents.
 gulp-cli ingest file my_investigation win_evtx '/gulp/samples/win_evtx/*.evtx' --wait
 ```
 
-This shows a real-time progress bar while documents are being ingested.
+This shows a real-time progress bar while documents are being ingested. Per-file progress is enabled by default; use `--no-show-per-file-progress` to suppress the per-file lines.
 
 ### Add Data to Existing Source
 
@@ -234,6 +240,7 @@ gulp-cli query raw my_investigation --q '{"query":{"match_all":{}}}'
 ```
 
 **Expected output:**
+
 ```
 ╭────────────────────────────────────────────────────────╮
 │                    QUERY RESULTS                       │

{gulp_cli-1.1.1 → gulp_cli-1.1.3}/docs/portable.md

@@ -74,3 +74,40 @@ The repository includes a matrix workflow that builds portable artifacts for:
 - macOS `arm64`
 
 Artifacts are uploaded from `.github/workflows/portable-bundles.yml`.
+
+## practical usage examples
+
+following are some practical usage examples of the portable bundles
+
+### ingesting windows evtx files taken from a windows machine and ingesting them on a linux machine
+
+#### step 1: take windows evtx files from a windows machine  
+
+1. Unzip the portable bundle on a USB stick and plug it into the windows machine
+2. Open a command prompt and navigate to the gulp-cli portable bundle on the USB stick
+3. Run the following command to generate the zip with evtx files
+   ~~~bash
+   D:\> cd \path\to\gulp-cli-portable-windows-x64
+   
+   D:\path\to\gulp-cli-portable-windows-x64> .\launch-windows.bat ingest zip-create ./evtx.zip C:\Windows\System32\winevt\Logs\
+   ~~~
+
+#### step 2: ingest the evtx files on a linux machine
+
+> we assume the linux machine have gulp-cli installed and configured to connect to the gULP server, and the user have permissions to ingest data to the gULP server.
+
+1. Go on the linux machine (which can connect to the gULP server) and plug in the USB stick with the portable bundle from above
+2. Open a terminal and navigate to the gulp-cli portable bundle on the USB stick
+3. Unzip the evtx.zip file to a local directory
+    ~~~bash
+    $ cd /path/to/gulp-cli-portable-windows-x64
+    $ unzip evtx.zip
+    # you obtain a `Logs` directory with the evtx files
+    ~~~
+4. Run the following commands to ingest the evtx files to the gULP server
+    ~~~bash
+    # authenticate to the gULP server (if not already authenticated)
+    gulp-cli auth login --url http://localhost:8080 --username admin --password admin
+    # ingest the evtx files to the gULP server, we assume a `test_operation` exists on the gULP server, and we want to ingest the evtx files to that operation
+    gulp-cli ingest file test_operation win_evtx ./Logs/*.evtx --wait --batch-size 64
+    ~~~

{gulp_cli-1.1.1 → gulp_cli-1.1.3}/src/gulp_cli/_version.py

@@ -18,7 +18,7 @@ version_tuple: tuple[int | str, ...]
 commit_id: str | None
 __commit_id__: str | None
 
-__version__ = version = '1.1.1'
-__version_tuple__ = version_tuple = (1, 1, 1)
+__version__ = version = '1.1.3'
+__version_tuple__ = version_tuple = (1, 1, 3)
 
-__commit_id__ = commit_id = 'g6ee1d9a2a'
+__commit_id__ = commit_id = 'gb7959a376'