mirror of
https://github.com/adulau/aha.git
synced 2024-12-27 03:06:10 +00:00
Exporter also recovers the process tree
This commit is contained in:
parent
9f5b296497
commit
26f4e7096c
1 changed files with 61 additions and 20 deletions
|
@ -219,18 +219,7 @@ class ProcessTrees:
|
|||
except KeyError,e:
|
||||
pass
|
||||
|
||||
def exportUserListTxt(self,filename):
|
||||
try:
|
||||
#Opens the file in append mode aiming to keep the history
|
||||
f = open(filename, 'a')
|
||||
ts = time.strftime("%Y-%m-%d %H:%M:%S")
|
||||
f.write("*** UserList created on %s ***\n"%(str(ts)))
|
||||
for pid in self.userList.keys():
|
||||
#Each sshd clone is not necessarly related to a user
|
||||
if (len(self.get_children(pid)) == 0):
|
||||
#Discard empty subtrees
|
||||
continue
|
||||
|
||||
def desc_root_process(self,f,pid):
|
||||
f.write("** user root process %d **\n"%pid)
|
||||
#See if some annotation is found for this pid
|
||||
if self.aplist.has_key(pid):
|
||||
|
@ -250,6 +239,22 @@ class ProcessTrees:
|
|||
f.write("No timestamp information is there\n")
|
||||
else:
|
||||
sys.stderr.write("No annotations found for pid: %d\n"%pid)
|
||||
#Add process vector
|
||||
vec = self.recover_process_vector(pid)
|
||||
f.write("Process vector: %s\n"%','.join(vec))
|
||||
|
||||
def exportUserListTxt(self,filename):
|
||||
try:
|
||||
#Opens the file in append mode aiming to keep the history
|
||||
f = open(filename, 'a')
|
||||
ts = time.strftime("%Y-%m-%d %H:%M:%S")
|
||||
f.write("*** UserList created on %s ***\n"%(str(ts)))
|
||||
for pid in self.userList.keys():
|
||||
#Each sshd clone is not necessarly related to a user
|
||||
if (len(self.get_children(pid)) == 0):
|
||||
#Discard empty subtrees
|
||||
continue
|
||||
self.desc_root_process(f,pid)
|
||||
f.close()
|
||||
except IOError,e:
|
||||
#TODO implement logging of internal errors
|
||||
|
@ -257,6 +262,42 @@ class ProcessTrees:
|
|||
#user lists are outdated or corrupted
|
||||
pass
|
||||
|
||||
def get_command_from_pid(self,pid):
|
||||
if self.aplist.has_key(pid):
|
||||
if self.aplist[pid].has_key('file'):
|
||||
return self.aplist[pid]['file']
|
||||
else:
|
||||
sys.stderr.write('No file information for pid=%d\n'%pid)
|
||||
else:
|
||||
sys.stderr.write('pid %d was not annotated\n'%pid)
|
||||
return None
|
||||
|
||||
def get_timestamp_from_pid(self,pid):
|
||||
if self.aplist.has_key(pid):
|
||||
if self.aplist[pid].has_key('timestamp'):
|
||||
return self.aplist[pid]['timestamp']
|
||||
else:
|
||||
sys.stderr.write('No timestamp information for pid: %d\n'%pid)
|
||||
else:
|
||||
sys.stderr.write('pid %d was not annotated\n'%pid)
|
||||
return -1
|
||||
|
||||
def recover_process_vector(self,pid):
|
||||
vector = dict() # FIXME use timestamps as key for a dictionary
|
||||
print "Children of ",pid," ",self.get_children(pid)
|
||||
for pid in self.get_children(pid):
|
||||
ts = self.get_timestamp_from_pid(pid)
|
||||
file = self.get_command_from_pid(pid)
|
||||
if ts != -1 and file != None:
|
||||
vector[int(ts)] = file
|
||||
#Now sort the vector
|
||||
tab = vector.keys()
|
||||
tab.sort()
|
||||
ret = []
|
||||
for ts in tab:
|
||||
ret.append(vector[ts])
|
||||
return ret
|
||||
|
||||
class TestProcessTree(unittest.TestCase):
|
||||
def testSearchRegular0(self):
|
||||
x = ProcessTrees()
|
||||
|
|
Loading…
Reference in a new issue