Changes to structure of test_data directory log2timeline#4798

tests/engine/extractors.py

@@ -49,7 +49,7 @@ def _CreateParserMediator(self, storage_writer, file_entry=None):
 
   def testParseDataStream(self):
     """Tests the ParseDataStream function."""
-    test_file_path = self._GetTestFilePath(['INFO2'])
+    test_file_path = self._GetTestFilePath(['recycler', 'INFO2'])
     self._SkipIfPathNotExists(test_file_path)
 
     test_extractor = extractors.EventDataExtractor(

tests/engine/worker.py

@@ -370,7 +370,7 @@ def testIsMetadataFile(self):
 
   def testProcessPathSpecFile(self):
     """Tests the ProcessPathSpec function on a file."""
-    path_spec = self._GetTestFilePathSpec(['syslog'])
+    path_spec = self._GetTestFilePathSpec(['syslog', 'syslog'])
     storage_writer = fake_writer.FakeStorageWriter()
 
     expected_event_data_counts = {

tests/parsers/fseventsd.py

@@ -20,7 +20,7 @@ def testParseV1(self):
     """Tests the Parse function on a version 1 file."""
     parser = fseventsd.FseventsdParser()
 
-    path = self._GetTestFilePath(['fsevents-0000000002d89b58'])
+    path = self._GetTestFilePath(['fsevents', 'fsevents-0000000002d89b58'])
     os_path_spec = path_spec_factory.Factory.NewPathSpec(
         dfvfs_definitions.TYPE_INDICATOR_OS, location=path)
 
@@ -60,7 +60,7 @@ def testParseV2(self):
     """Tests the Parse function on a version 2 file."""
     parser = fseventsd.FseventsdParser()
 
-    path = self._GetTestFilePath(['fsevents-00000000001a0b79'])
+    path = self._GetTestFilePath(['fsevents', 'fsevents-00000000001a0b79'])
     os_path_spec = path_spec_factory.Factory.NewPathSpec(
         dfvfs_definitions.TYPE_INDICATOR_OS, location=path)
 

tests/parsers/recycler.py

@@ -15,7 +15,7 @@ class WinRecycleBinParserTest(test_lib.ParserTestCase):
   def testParseVista(self):
     """Tests the Parse function on a Windows Vista RecycleBin file."""
     parser = recycler.WinRecycleBinParser()
-    storage_writer = self._ParseFile(['$II3DF3L.zip'], parser)
+    storage_writer = self._ParseFile(['recycler', '$II3DF3L.zip'], parser)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')
@@ -42,7 +42,7 @@ def testParseVista(self):
   def testParseWindows10(self):
     """Tests the Parse function on a Windows 10 RecycleBin file."""
     parser = recycler.WinRecycleBinParser()
-    storage_writer = self._ParseFile(['$I103S5F.jpg'], parser)
+    storage_writer = self._ParseFile(['recycler', '$I103S5F.jpg'], parser)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')
@@ -73,7 +73,7 @@ class WinRecyclerInfo2ParserTest(test_lib.ParserTestCase):
   def testParse(self):
     """Tests the Parse function on a Windows Recycler INFO2 file."""
     parser = recycler.WinRecyclerInfo2Parser()
-    storage_writer = self._ParseFile(['INFO2'], parser)
+    storage_writer = self._ParseFile(['recycler', 'INFO2'], parser)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')

tests/parsers/text_plugins/syslog.py

@@ -141,7 +141,8 @@ def testCheckRequiredFormat(self):
   def testProcessChromeOS(self):
     """Tests the Process function with a ChromeOS syslog file."""
     plugin = syslog.SyslogTextPlugin()
-    storage_writer = self._ParseTextFileWithPlugin(['syslog_chromeos'], plugin)
+    storage_writer = self._ParseTextFileWithPlugin(
+        ['syslog', 'syslog_chromeos'], plugin)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')
@@ -169,7 +170,8 @@ def testProcessChromeOS(self):
   def testProcessRsyslog(self):
     """Tests the Process function with a rsyslog file."""
     plugin = syslog.SyslogTextPlugin()
-    storage_writer = self._ParseTextFileWithPlugin(['syslog_rsyslog'], plugin)
+    storage_writer = self._ParseTextFileWithPlugin(
+        ['syslog', 'syslog_rsyslog'], plugin)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')
@@ -197,7 +199,7 @@ def testProcessRsyslogProtocol23(self):
     """Tests the Process function with a protocol 23 rsyslog file."""
     plugin = syslog.SyslogTextPlugin()
     storage_writer = self._ParseTextFileWithPlugin(
-        ['syslog_rsyslog_SyslogProtocol23Format'], plugin)
+        ['syslog', 'syslog_rsyslog_SyslogProtocol23Format'], plugin)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')
@@ -351,7 +353,7 @@ def testCheckRequiredFormat(self):
   def testProcess(self):
     """Tests the Process function."""
     plugin = syslog.TraditionalSyslogTextPlugin()
-    storage_writer = self._ParseTextFileWithPlugin(['syslog'], plugin)
+    storage_writer = self._ParseTextFileWithPlugin(['syslog', 'syslog'], plugin)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')
@@ -391,7 +393,8 @@ def testProcess(self):
   def testProcessCron(self):
     """Tests the Process function with a cron syslog file."""
     plugin = syslog.TraditionalSyslogTextPlugin()
-    storage_writer = self._ParseTextFileWithPlugin(['syslog_cron.log'], plugin)
+    storage_writer = self._ParseTextFileWithPlugin(
+        ['syslog', 'syslog_cron.log'], plugin)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')
@@ -417,7 +420,8 @@ def testProcessCron(self):
   def testProcessDarwin(self):
     """Tests the Process function with a Darwin syslog file."""
     plugin = syslog.TraditionalSyslogTextPlugin()
-    storage_writer = self._ParseTextFileWithPlugin(['syslog_osx'], plugin)
+    storage_writer = self._ParseTextFileWithPlugin(
+        ['syslog', 'syslog_osx'], plugin)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')
@@ -445,7 +449,7 @@ def testProcessRsyslogSysklogd(self):
     """Tests the Process function with a syslogkd rsyslog file."""
     plugin = syslog.TraditionalSyslogTextPlugin()
     storage_writer = self._ParseTextFileWithPlugin(
-        ['syslog_rsyslog_SysklogdFileFormat'], plugin)
+        ['syslog', 'syslog_rsyslog_SysklogdFileFormat'], plugin)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')
@@ -473,7 +477,7 @@ def testProcessRsyslogTraditional(self):
     """Tests the Process function with a traditional rsyslog file."""
     plugin = syslog.TraditionalSyslogTextPlugin()
     storage_writer = self._ParseTextFileWithPlugin(
-        ['syslog_rsyslog_traditional'], plugin)
+        ['syslog', 'syslog_rsyslog_traditional'], plugin)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')
@@ -500,7 +504,8 @@ def testProcessRsyslogTraditional(self):
   def testProcessSshd(self):
     """Tests the Process function with a sshd syslog file."""
     plugin = syslog.TraditionalSyslogTextPlugin()
-    storage_writer = self._ParseTextFileWithPlugin(['syslog_ssh.log'], plugin)
+    storage_writer = self._ParseTextFileWithPlugin(
+        ['syslog', 'syslog_ssh.log'], plugin)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')

tests/parsers/winprefetch.py

@@ -15,7 +15,8 @@ class WinPrefetchParserTest(test_lib.ParserTestCase):
   def testParse17(self):
     """Tests the Parse function on a version 17 Prefetch file."""
     parser = winprefetch.WinPrefetchParser()
-    storage_writer = self._ParseFile(['CMD.EXE-087B4001.pf'], parser)
+    storage_writer = self._ParseFile(
+        ['winprefetch', 'CMD.EXE-087B4001.pf'], parser)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')
@@ -96,7 +97,8 @@ def testParse17(self):
   def testParse23(self):
     """Tests the Parse function on a version 23 Prefetch file."""
     parser = winprefetch.WinPrefetchParser()
-    storage_writer = self._ParseFile(['PING.EXE-B29F6629.pf'], parser)
+    storage_writer = self._ParseFile(
+        ['winprefetch', 'PING.EXE-B29F6629.pf'], parser)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')
@@ -140,7 +142,7 @@ def testParse23MultiVolume(self):
     """Tests the Parse function on a multi volume version 23 Prefetch file."""
     parser = winprefetch.WinPrefetchParser()
     storage_writer = self._ParseFile(
-        ['WUAUCLT.EXE-830BCC14.pf'], parser)
+        ['winprefetch', 'WUAUCLT.EXE-830BCC14.pf'], parser)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')
@@ -190,7 +192,7 @@ def testParse26(self):
     """Tests the Parse function on a version 26 Prefetch file."""
     parser = winprefetch.WinPrefetchParser()
     storage_writer = self._ParseFile(
-        ['TASKHOST.EXE-3AE259FC.pf'], parser)
+        ['winprefetch', 'TASKHOST.EXE-3AE259FC.pf'], parser)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')
@@ -298,7 +300,7 @@ def testParse30Compressed(self):
     """Tests the Parse function on a compressed version 30 Prefetch file."""
     parser = winprefetch.WinPrefetchParser()
     storage_writer = self._ParseFile(
-        ['BYTECODEGENERATOR.EXE-C1E9BCE6.pf'], parser)
+        ['winprefetch', 'BYTECODEGENERATOR.EXE-C1E9BCE6.pf'], parser)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')
@@ -347,7 +349,8 @@ def testParse30Compressed(self):
   def testParse30Variant1Compressed(self):
     """Tests the Parse function on a compressed version 30 variant 1 file."""
     parser = winprefetch.WinPrefetchParser()
-    storage_writer = self._ParseFile(['ONEDRIVE.EXE-7E152375.pf'], parser)
+    storage_writer = self._ParseFile(
+        ['winprefetch', 'ONEDRIVE.EXE-7E152375.pf'], parser)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')
@@ -391,7 +394,8 @@ def testParse30Variant1Compressed(self):
   def testParse30Variant2Compressed(self):
     """Tests the Parse function on a compressed version 30 variant 2 file."""
     parser = winprefetch.WinPrefetchParser()
-    storage_writer = self._ParseFile(['NOTEPAD.EXE-D8414F97.pf'], parser)
+    storage_writer = self._ParseFile(
+        ['winprefetch', 'NOTEPAD.EXE-D8414F97.pf'], parser)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')

tests/preprocessors/linux.py

@@ -203,7 +203,7 @@ def testParseFileEntryWithTZif(self):
 
   def testParseFileEntryWithBogusTZif(self):
     """Tests the _ParseFileEntry function on a bogus TZif file."""
-    test_file_path = self._GetTestFilePath(['syslog'])
+    test_file_path = self._GetTestFilePath(['syslog', 'syslog'])
     self._SkipIfPathNotExists(test_file_path)
 
     file_system_builder = fake_file_system_builder.FakeFileSystemBuilder()