dissect.target.plugins.os.windows.sru#
Module Contents#
Classes#
Return all available SRUM data stored in the SRUDB.dat. |
Functions#
Attributes#
- dissect.target.plugins.os.windows.sru.NetworkDataRecord#
- dissect.target.plugins.os.windows.sru.NetworkConnectivityRecord#
- dissect.target.plugins.os.windows.sru.EnergyEstimatorRecord#
- dissect.target.plugins.os.windows.sru.EnergyUsageRecord#
- dissect.target.plugins.os.windows.sru.EnergyUsageLTRecord#
- dissect.target.plugins.os.windows.sru.ApplicationRecord#
- dissect.target.plugins.os.windows.sru.PushNotificationRecord#
- dissect.target.plugins.os.windows.sru.ApplicationTimelineRecord#
- dissect.target.plugins.os.windows.sru.VfuRecord#
- dissect.target.plugins.os.windows.sru.SdpVolumeProviderRecord#
- dissect.target.plugins.os.windows.sru.SdpPhysicalDiskProviderRecord#
- dissect.target.plugins.os.windows.sru.SdpCpuProviderRecord#
- dissect.target.plugins.os.windows.sru.SdpNetworkProviderRecord#
- dissect.target.plugins.os.windows.sru.FIELD_MAPPINGS#
- dissect.target.plugins.os.windows.sru.transform_app_id(value)#
- dissect.target.plugins.os.windows.sru.TRANSFORMS#
- class dissect.target.plugins.os.windows.sru.SRUPlugin(target)#
Bases:
dissect.target.plugin.PluginReturn all available SRUM data stored in the SRUDB.dat.
The System Resource Usage Monitor (SRUM) stores its information in a SRUDB.dat file. As the names suggests, it contains data about resource usage, such as network and memory usage by applications.
References
- __namespace__ = 'sru'#
- check_compatible() None#
Perform a compatibility check with the target.
This function should return
Noneif the plugin is compatible with the current target (self.target). For example, check if a certain file exists. Otherwise it should raise anUnsupportedPluginError.- Raises:
UnsupportedPluginError – If the plugin could not be loaded.
- read_records(table_name, record_type)#
- network_data()#
Return the contents of Windows Network Data Usage Monitor table from the SRUDB.dat file.
Gives insight into the network usage of the system.
- network_connectivity()#
Return the contents of Windows Network Connectivity Usage Monitor table from the SRUDB.dat file.
Gives insight into the network connectivity usage of the system.
- energy_estimator()#
Return the contents of Energy Estimator table from the SRUDB.dat file.
- energy_usage()#
Return the contents of Energy Usage Provider table from the SRUDB.dat file.
Gives insight into the energy usage of the system.
- energy_usage_lt()#
Return the contents of Energy Usage Provider Long Term table from the SRUDB.dat file.
Gives insight into the energy usage of the system looking over the long term.
- application()#
Return the contents of Application Resource Usage table from the SRUDB.dat file.
Gives insights into the resource usage of applications on the system.
- push_notification()#
Return the contents of Windows Push Notification Data table from the SRUDB.dat file.
Gives insight into the notification usage of the system.
- application_timeline()#
Return the contents of App Timeline Provider table from the SRUDB.dat file.
- vfu()#
Return the contents of vfuprov table from the SRUDB.dat file.
- sdp_volume_provider()#
Return the contents of SDP Volume Provider table from the SRUDB.dat file.
- sdp_physical_disk_provider()#
Return the contents of SDP Physical Disk Provider table from the SRUDB.dat file.
- sdp_cpu_provider()#
Return the contents of SDP CPU Provider table from the SRUDB.dat file.
- sdp_network_provider()#
Return the contents of SDP Network Provider table from the SRUDB.dat file.