diff --git a/parsers/brctl.py b/parsers/brctl.py index 3d987d9..c876e40 100644 --- a/parsers/brctl.py +++ b/parsers/brctl.py @@ -8,6 +8,7 @@ import os from utils.base import BaseParserInterface +# TODO brctl analyser for boot_history section -> timeline class BrctlParser(BaseParserInterface): description = "Parsing brctl files" diff --git a/parsers/ps.py b/parsers/ps.py index f677ba2..3aa2124 100644 --- a/parsers/ps.py +++ b/parsers/ps.py @@ -35,6 +35,7 @@ def get_log_files(self) -> list: return log_files def execute(self) -> list | dict: + # TODO not really easy to conver to timebased jsonl, as the timestamp is complex to compute. return PsParser.parse_file(self.get_log_files()[0]) def parse_file(filename): diff --git a/parsers/psthread.py b/parsers/psthread.py index f6a7499..536fd6b 100644 --- a/parsers/psthread.py +++ b/parsers/psthread.py @@ -32,6 +32,8 @@ def get_log_files(self) -> list: return log_files def execute(self) -> list | dict: + # TODO not really easy to conver to timebased jsonl, as the timestamp is complex to compute. + result = [] try: with open(self.get_log_files()[0], "r") as f: diff --git a/parsers/security_sysdiagnose.py b/parsers/security_sysdiagnose.py index 45017af..8fa1090 100644 --- a/parsers/security_sysdiagnose.py +++ b/parsers/security_sysdiagnose.py @@ -2,6 +2,12 @@ import re from utils.base import BaseParserInterface +# TODO make a security sysdiagnose analyser exporting in time based jsonl for timeline. +# - client_trust: date +# - client_transparency: date +# - client_pcs: date +# - client_local: date + class SecuritySysdiagnoseParser(BaseParserInterface): description = "Parsing security-sysdiagnose.txt file containing keychain information"