dissect.target.plugins.os.windows.sru¶
Module Contents¶
Classes¶
Return all available SRUM data stored in the SRUDB.dat. |
Functions¶
Attributes¶
- dissect.target.plugins.os.windows.sru.NetworkDataRecord¶
- dissect.target.plugins.os.windows.sru.NetworkConnectivityRecord¶
- dissect.target.plugins.os.windows.sru.EnergyEstimatorRecord¶
- dissect.target.plugins.os.windows.sru.EnergyUsageRecord¶
- dissect.target.plugins.os.windows.sru.EnergyUsageLTRecord¶
- dissect.target.plugins.os.windows.sru.ApplicationRecord¶
- dissect.target.plugins.os.windows.sru.PushNotificationRecord¶
- dissect.target.plugins.os.windows.sru.ApplicationTimelineRecord¶
- dissect.target.plugins.os.windows.sru.VfuRecord¶
- dissect.target.plugins.os.windows.sru.SdpVolumeProviderRecord¶
- dissect.target.plugins.os.windows.sru.SdpPhysicalDiskProviderRecord¶
- dissect.target.plugins.os.windows.sru.SdpCpuProviderRecord¶
- dissect.target.plugins.os.windows.sru.SdpNetworkProviderRecord¶
- dissect.target.plugins.os.windows.sru.SRURecord¶
- dissect.target.plugins.os.windows.sru.FIELD_MAPPINGS¶
- dissect.target.plugins.os.windows.sru.transform_timestamp(value: int | datetime.datetime) datetime.datetime¶
- dissect.target.plugins.os.windows.sru.TRANSFORMS¶
- class dissect.target.plugins.os.windows.sru.SRUPlugin(target)¶
Bases:
dissect.target.plugin.PluginReturn all available SRUM data stored in the SRUDB.dat.
The System Resource Usage Monitor (SRUM) stores its information in a SRUDB.dat file. As the names suggests, it contains data about resource usage, such as network and memory usage by applications.
References
- __namespace__ = 'sru'¶
Defines the plugin namespace.
- check_compatible() None¶
Perform a compatibility check with the target.
This function should return
Noneif the plugin is compatible with the current target (self.target). For example, check if a certain file exists. Otherwise it should raise anUnsupportedPluginError.- Raises:
UnsupportedPluginError – If the plugin could not be loaded.
- read_records(table_name: str, record_type: SRURecord) Iterator[SRURecord]¶
- network_data() Iterator[NetworkDataRecord]¶
Return the contents of Windows Network Data Usage Monitor table from the SRUDB.dat file.
Gives insight into the network usage of the system.
- network_connectivity() Iterator[NetworkConnectivityRecord]¶
Return the contents of Windows Network Connectivity Usage Monitor table from the SRUDB.dat file.
Gives insight into the network connectivity usage of the system.
- energy_estimator() Iterator[EnergyEstimatorRecord]¶
Return the contents of Energy Estimator table from the SRUDB.dat file.
- energy_usage() Iterator[EnergyUsageRecord]¶
Return the contents of Energy Usage Provider table from the SRUDB.dat file.
Gives insight into the energy usage of the system.
- energy_usage_lt() Iterator[EnergyUsageLTRecord]¶
Return the contents of Energy Usage Provider Long Term table from the SRUDB.dat file.
Gives insight into the energy usage of the system looking over the long term.
- application() Iterator[ApplicationRecord]¶
Return the contents of Application Resource Usage table from the SRUDB.dat file.
Gives insights into the resource usage of applications on the system.
- push_notification() Iterator[PushNotificationRecord]¶
Return the contents of Windows Push Notification Data table from the SRUDB.dat file.
Gives insight into the notification usage of the system.
- application_timeline() Iterator[ApplicationTimelineRecord]¶
Return the contents of App Timeline Provider table from the SRUDB.dat file.
- vfu() Iterator[VfuRecord]¶
Return the contents of vfuprov table from the SRUDB.dat file.
- sdp_volume_provider() Iterator[SdpVolumeProviderRecord]¶
Return the contents of SDP Volume Provider table from the SRUDB.dat file.
- sdp_physical_disk_provider() Iterator[SdpPhysicalDiskProviderRecord]¶
Return the contents of SDP Physical Disk Provider table from the SRUDB.dat file.
- sdp_cpu_provider() Iterator[SdpCpuProviderRecord]¶
Return the contents of SDP CPU Provider table from the SRUDB.dat file.
- sdp_network_provider() Iterator[SdpNetworkProviderRecord]¶
Return the contents of SDP Network Provider table from the SRUDB.dat file.