:py:mod:`dissect.target.plugins.apps.remoteaccess.rustdesk`
===========================================================

.. py:module:: dissect.target.plugins.apps.remoteaccess.rustdesk




Module Contents
---------------

Classes
~~~~~~~

.. autoapisummary::

   dissect.target.plugins.apps.remoteaccess.rustdesk.RustdeskPlugin




Attributes
~~~~~~~~~~

.. autoapisummary::

   dissect.target.plugins.apps.remoteaccess.rustdesk.RE_LOG_LINE


.. py:data:: RE_LOG_LINE

.. py:class:: RustdeskPlugin(target: dissect.target.target.Target)

   Bases: :py:obj:`dissect.target.plugins.apps.remoteaccess.remoteaccess.RemoteAccessPlugin`


   Rustdesk plugin.


   .. py:attribute:: __namespace__
      :value: 'rustdesk'


      Defines the plugin namespace.


   .. py:attribute:: RemoteAccessLogRecord


   .. py:attribute:: SERVER_GLOBS
      :value: ('%windir%/ServiceProfiles/LocalService/AppData/Roaming/RustDesk/log/server/*.log',...



   .. py:attribute:: USER_GLOBS
      :value: ('AppData/Roaming/Rustdesk/log/*.log', '.local/share/logs/RustDesk/server/*.log',...



   .. py:attribute:: log_files
      :type:  set[tuple[dissect.target.helpers.fsutil.TargetPath, dissect.target.plugins.general.users.UserDetails | None]]


   .. py:method:: check_compatible() -> None

      Perform a compatibility check with the target.

      This function should return ``None`` if the plugin is compatible with the current target (``self.target``).
      For example, check if a certain file exists. Otherwise it should raise an
      :class:`UnsupportedPluginError`.

      :raises UnsupportedPluginError: If the plugin could not be loaded.



   .. py:method:: logs() -> collections.abc.Iterator[RemoteAccessLogRecord]

      Parse RustDesk log files.

      Rustdesk is a remote desktop application that can be used to get (persistent) access to a machine.
      The project is open source and can be found at: https://github.com/rustdesk/rustdesk/

      The log files are stored in different locations, based on the Target OS and client type.
      Unlike Anydesk, Rustdesk does carry a time zone designator (TZD).

      .. rubric:: References

      - https://rustdesk.com/docs/en/self-host/rustdesk-server-pro/faq
      - https://www.reddit.com/r/rustdesk/comments/1072zst/going_to_need_to_know_where_the_client_installer/
      - https://github.com/IRB0T/Remote-Access-Tools---4N6/blob/main/RustDesk/README.md
      - https://github.com/rustdesk/rustdesk/wiki/FAQ#access-logs