UnifiedLogReader icon indicating copy to clipboard operation
UnifiedLogReader copied to clipboard

Published 20 hours ago verified publisher icon ydkhatri

Refactored log entry to object and tracev3 file

Open joachimmetz opened this issue 6 years ago • 1 comments

  • added more test coverage for tracev3 file
  • changes to not catch ImportError, NameError, UnboundLocalError in wide exception catch
  • added log entry and changes to use object instead of list

joachimmetz avatar Mar 09 '19 19:03 joachimmetz

@ydkhatri please ensure to test these changes. The large methods with multiple concerns are very hard to refactor. Therefor it is also hard to add test coverage for these methods before doing the refactor.

joachimmetz avatar Mar 09 '19 19:03 joachimmetz

Hi Joachim,

noticed you are currently working on the format in libyal. (https://github.com/libyal/dtformats/commit/fe9634845fa8387659595254ba4fc342c01e0915)

Is it time to move to that code-base?

Schramp avatar Jun 06 '23 13:06 Schramp

Is it time to move to that code-base?

for what purpose? dtFormats is currently most my testbed

joachimmetz avatar Jun 06 '23 18:06 joachimmetz

Seeing this PR had no follow up since 2019, closing it

joachimmetz avatar Jun 06 '23 18:06 joachimmetz

Is it time to move to that code-base?

for what purpose? dtFormats is currently most my testbed

I had the feeling the dtFormats version of the functionality may be the better version.

Schramp avatar Jun 07 '23 08:06 Schramp

I had the feeling the dtFormats version of the functionality may be the better version.

better is very subjective, there will be pros and cons, maybe drop me an email, might be easier to discuss what you're looking for and your plans with https://github.com/Schramp/UnifiedLogReader

Not sure what @ydkhatri his plans are for this project, might be good to align to prevent duplication.

For now the work in dtFormats is to better understand the format and be able to debug format changes.

joachimmetz avatar Jun 07 '23 16:06 joachimmetz

@ydkhatri seems to be bound to other tasks, for now I just forked and aggregated the open issues and went on. Also on my side its a project with a level of "as time permits, but normally I would take the time to review PR's and accept them on my fork. And if @ydkhatri wants to be more involved he is more then welcome to cherry pick from the fork, merge it in, refactor as he seems fit.

I do not want to start a "ownership" war over it.

Schramp avatar Jun 08 '23 08:06 Schramp

I do not want to start a "ownership" war over it.

Definitely not my goal.

My needs are (1) format documentation (now completed by dtFormats) and (2) a well maintained and tested, reusable Python module I could leverage from Plaso. So happy to help out with an effort that aligns with those goals. Unfortunately earlier efforts to get this project into shape have stalled.

If @ydkhatri does not have the bandwidth and no concerns I would encourage him to be explicit about this.

joachimmetz avatar Jun 08 '23 09:06 joachimmetz

Hi @Schramp and @joachimmetz, apologies for the delayed response. I definitely do not have the bandwidth to carry forward with this, as I am too occupied with other stuff. So feel free to do whatever you'd like with it. I trust you will add functionality and improve it.

@Schramp , I've invited you as contributer now, so you have full control now. I'm just not going to be able to contribute to it, at least not in the near future.

ydkhatri avatar Jun 09 '23 00:06 ydkhatri

@ydkhatri thanks. @Schramp let me know if you want to sync offline about your plans

joachimmetz avatar Jun 10 '23 04:06 joachimmetz