diff --git a/api_client/python/timesketch_api_client/client.py b/api_client/python/timesketch_api_client/client.py index 8f1a1b0369..0425fa8e59 100644 --- a/api_client/python/timesketch_api_client/client.py +++ b/api_client/python/timesketch_api_client/client.py @@ -140,7 +140,7 @@ def set_session(self, session_object): self.session = session_object def _authenticate_session(self, session, username, password): - """Post username/password to authenticate the HTTP seesion. + """Post username/password to authenticate the HTTP session. Args: session: Instance of requests.Session. diff --git a/api_client/python/timesketch_api_client/config.py b/api_client/python/timesketch_api_client/config.py index b1828601b5..8a61e6feb9 100644 --- a/api_client/python/timesketch_api_client/config.py +++ b/api_client/python/timesketch_api_client/config.py @@ -215,7 +215,7 @@ def load_config_file( the file RC_FILENAME inside the user's home directory. section (str): The configuration section to read from. This is optional and defaults to timesketch. This can be - useful if you have mutiple Timesketch servers to connect to, + useful if you have multiple Timesketch servers to connect to, with each one of them having a separate section in the config file. @@ -293,7 +293,7 @@ def save_config( default location will be used. section (str): The configuration section to write to. This is optional and defaults to timesketch. This can be - useful if you have mutiple Timesketch servers to connect to, + useful if you have multiple Timesketch servers to connect to, with each one of them having a separate section in the config file. token_file_path (str): Optional path to the location of the token @@ -370,7 +370,7 @@ def get_client( not supplied a default path will be used. config_section (str): The configuration section to read from. This is optional and defaults to timesketch. This can be - useful if you have mutiple Timesketch servers to connect to, + useful if you have multiple Timesketch servers to connect to, with each one of them having a separate section in the config file. token_password (str): an optional password to decrypt @@ -438,7 +438,7 @@ def configure_missing_parameters( This defaults to False. config_section (str): The configuration section to read from. This is optional and defaults to timesketch. This can be - useful if you have mutiple Timesketch servers to connect to, + useful if you have multiple Timesketch servers to connect to, with each one of them having a separate section in the config file. """ diff --git a/api_client/python/timesketch_api_client/search.py b/api_client/python/timesketch_api_client/search.py index a382346135..6ea799a565 100644 --- a/api_client/python/timesketch_api_client/search.py +++ b/api_client/python/timesketch_api_client/search.py @@ -28,7 +28,7 @@ class Chip: """Class definition for a query filter chip.""" - # The type of a chip that is defiend. + # The type of a chip that is defined. CHIP_TYPE = '' # The chip value defines what property or attribute of the @@ -701,12 +701,15 @@ def indices(self): @indices.setter def indices(self, indices): """Make changes to the current set of indices.""" + def _is_string_or_int(item): + return isinstance(item, (str, int)) + if not isinstance(indices, list): logger.warning( 'Indices needs to be a list of strings (indices that were ' 'passed in were not a list).') return - if not all([isinstance(x, (str, int)) for x in indices]): + if not all(map(_is_string_or_int, indices)): logger.warning( 'Indices needs to be a list of strings or ints, not all ' 'entries in the indices list are valid string/int.') diff --git a/api_client/python/timesketch_api_client/sketch.py b/api_client/python/timesketch_api_client/sketch.py index 9f8112e6e2..6d19b9c790 100644 --- a/api_client/python/timesketch_api_client/sketch.py +++ b/api_client/python/timesketch_api_client/sketch.py @@ -388,7 +388,7 @@ def remove_attribute(self, name): status = error.check_return_status(response, logger) if not status: - logger.error('Unable to remove the attriubute from the sketch.') + logger.error('Unable to remove the attribute from the sketch.') return status @@ -772,7 +772,7 @@ def get_story(self, story_id=None, story_title=None): Returns: A story object (instance of Story) if one is found. Returns - a None if neiter story_id or story_title is defined or if + a None if neither story_id or story_title is defined or if the view does not exist. If a story title is defined and not a story id, the first story that is found with the same title will be returned. @@ -802,7 +802,7 @@ def get_view(self, view_id=None, view_name=None): Returns: A search object (instance of search.Search) if one is found. - Returns a None if neiter view_id or view_name is defined or if + Returns a None if neither view_id or view_name is defined or if the search does not exist. """ return self.get_saved_search(search_id=view_id, search_name=view_name) @@ -818,7 +818,7 @@ def get_saved_search(self, search_id=None, search_name=None): Returns: A search object (instance of search.Search) if one is found. - Returns a None if neiter search_id or search_name is defined or if + Returns a None if neither search_id or search_name is defined or if the search does not exist. """ if self.is_archived(): @@ -1537,7 +1537,7 @@ def is_archived(self): return self._archived def archive(self): - """Archive a sketch and return a boolean whether it was succesful.""" + """Archive a sketch and return a boolean whether it was successful.""" if self.is_archived(): logger.error('Sketch already archived.') return False @@ -1554,7 +1554,7 @@ def archive(self): return return_status def unarchive(self): - """Unarchives a sketch and return boolean whether it was succesful.""" + """Unarchives a sketch and return boolean whether it was successful.""" if not self.is_archived(): logger.error('Sketch wasn\'t archived.') return False diff --git a/docs/Admin-Guide.md b/docs/Admin-Guide.md index f4484bec57..62fc31024d 100644 --- a/docs/Admin-Guide.md +++ b/docs/Admin-Guide.md @@ -20,6 +20,7 @@ - [search_template](#search_template) - [import](#import) - [similarity_score](#similarity_score) + - [Upgrade DB After Schema Change](#upgrade-db-after-schema-change) ## Installation @@ -176,7 +177,7 @@ tsctl db Will drop all databases. -Comand: +Command: ```shell tsctl drop_db @@ -199,7 +200,7 @@ Delete timeline permanently from Timesketch and Elasticsearch. It will alert if index_name: The name of the index in Elasticsearch ``` -Comand: +Command: ```shell tsctl purge diff --git a/docs/CreateTimeLineFromOtherData.md b/docs/CreateTimeLineFromOtherData.md index 19d9c4f6a4..c8488e6eb2 100644 --- a/docs/CreateTimeLineFromOtherData.md +++ b/docs/CreateTimeLineFromOtherData.md @@ -1,6 +1,6 @@ # Create Timeline from other data -At a certain point during an investigation, data will be generated that would add value to a timeline but are not formated or covered in [Create timeline from JSON/JSONL/CSV file](docs/CreateTimelineFromJSONorCSV.md). +At a certain point during an investigation, data will be generated that would add value to a timeline but are not formatted or covered in [Create timeline from JSON/JSONL/CSV file](docs/CreateTimelineFromJSONorCSV.md). For such a case, assume all your data is in a file called `raw_data` and it is not a CSV or a JSON that matches the timesketch format and is not a plaso output file that could be uploaded according to the [documentation](/docs/CreateTimelineFromPlaso.md). diff --git a/docs/UseSigma.md b/docs/UseSigma.md index fd781061a1..91a6bd7df4 100644 --- a/docs/UseSigma.md +++ b/docs/UseSigma.md @@ -13,7 +13,7 @@ The other option is to use Sigma via the API and the API client. Timesketch deliberately does not provide a set of Sigma rules, as those would add complexity to maintain. To use the official community rules you can clone [github.com/Neo23x0/sigma](https://github.com/Neo23x0/sigma) to /data/sigma. -This directory will not be catched by git. +This directory will not be caught by git. ```shell cd data diff --git a/importer_client/python/timesketch_import_client/importer.py b/importer_client/python/timesketch_import_client/importer.py index 0f0618db4a..647d505513 100644 --- a/importer_client/python/timesketch_import_client/importer.py +++ b/importer_client/python/timesketch_import_client/importer.py @@ -412,7 +412,7 @@ def add_data_frame(self, data_frame, part_of_iter=False): 'formatted according using this format string: ' '%Y-%m-%dT%H:%M:%S%z. If that is not provided the data frame ' 'needs to have a column that has the word "time" in it, ' - 'that can be used to conver to a datetime field.') + 'that can be used to convert to a datetime field.') if 'message' not in data_frame_use: raise ValueError( @@ -483,7 +483,7 @@ def add_excel_file(self, filepath, **kwargs): header : int, list of int, default 0 Row (0-indexed) to use for the column labels of the parsed DataFrame. If a list of integers is passed those - row positions wil be combined into a ``MultiIndex``. Use + row positions will be combined into a ``MultiIndex``. Use None if there is no header. names : array-like, default None List of column names to use. If file contains no header diff --git a/test_tools/timesketch/lib/analyzers/interface.py b/test_tools/timesketch/lib/analyzers/interface.py index 71705e08f7..7837b9a74a 100644 --- a/test_tools/timesketch/lib/analyzers/interface.py +++ b/test_tools/timesketch/lib/analyzers/interface.py @@ -244,7 +244,7 @@ def _update_change(self, change=None): """Update the status of an event. Args: - change: optional change object (instace of a namedtuple). + change: optional change object (instance of a namedtuple). If supplied the context will be updated with the change information. """ @@ -710,7 +710,7 @@ def __init__(self, file_name, sketch_id): sketch_id: Sketch ID. """ self.sketch = Sketch(sketch_id=sketch_id) - super(BaseSketchAnalyzer, self).__init__(file_name) + super().__init__(file_name) def set_context(self, context): """Sets the context of the analyzer. @@ -718,7 +718,7 @@ def set_context(self, context): Args: context: Context object (instance of AnalyzerContext). """ - super(BaseSketchAnalyzer, self).set_context(context) + super().set_context(context) self._context.sketch = self.sketch self.sketch.set_context(self._context) diff --git a/timesketch/api/v1/resources/aggregation.py b/timesketch/api/v1/resources/aggregation.py index ee106b52ff..a0f9404681 100644 --- a/timesketch/api/v1/resources/aggregation.py +++ b/timesketch/api/v1/resources/aggregation.py @@ -52,8 +52,9 @@ def get(self, sketch_id, aggregation_id): # pylint: disable=unused-argument Handler for /api/v1/sketches/:sketch_id/aggregation/:aggregation_id Args: - sketch_id: Integer primary key for a sketch database model - aggregation_id: Integer primary key for an agregation database model + sketch_id: Integer primary key for a sketch database model. + aggregation_id: Integer primary key for an aggregation database + model. Returns: JSON with aggregation results diff --git a/timesketch/api/v1/resources/sketch.py b/timesketch/api/v1/resources/sketch.py index 1b2905d16e..14bcc2915d 100644 --- a/timesketch/api/v1/resources/sketch.py +++ b/timesketch/api/v1/resources/sketch.py @@ -230,7 +230,7 @@ def _remove_label(sketch, label): @staticmethod def _get_sketch_for_admin(sketch): - """Returns a limited sketch view for adminstrators. + """Returns a limited sketch view for administrators. An administrator needs to get information about all sketches that are stored on the backend. However that view should be diff --git a/timesketch/lib/analyzers/feature_extraction.py b/timesketch/lib/analyzers/feature_extraction.py index 8e9ba4cd7f..a9775ccf9f 100644 --- a/timesketch/lib/analyzers/feature_extraction.py +++ b/timesketch/lib/analyzers/feature_extraction.py @@ -192,10 +192,10 @@ def _get_attribute_value( Args: current_val: current value of store_as. extracted_value: values matched from regexp (type list). - keep_multi: choise if you keep all match from regex (type boolean). - merge_values: choise if you merge value from extracted + keep_multi: choice if you keep all match from regex (type boolean). + merge_values: choice if you merge value from extracted and current (type boolean). - type_list: choise if you store values in list type(type boolean). + type_list: choice if you store values in list type(type boolean). Returns: Value to store diff --git a/timesketch/lib/analyzers/interface.py b/timesketch/lib/analyzers/interface.py index f7b42a080a..9722bc081e 100644 --- a/timesketch/lib/analyzers/interface.py +++ b/timesketch/lib/analyzers/interface.py @@ -548,7 +548,7 @@ def add_aggregation(self, aggregation_obj): """Add an aggregation object to the group. Args: - aggregation_obj (Aggregation): the Aggregation objec. + aggregation_obj (Aggregation): the Aggregation object. """ self.group.aggregations.append(aggregation_obj) self.group.orientation = self._orientation @@ -567,7 +567,7 @@ def set_orientation(self, orientation='layer'): """Sets how charts should be joined. Args: - orienation: string that contains how they should be connected + orientation: string that contains how they should be connected together, That is the chart orientation, the options are: "layer", "horizontal" and "vertical". The default behavior is "layer". @@ -582,7 +582,7 @@ def set_orientation(self, orientation='layer'): self.commit() def set_vertical(self): - """Sets the "orienation" to vertical.""" + """Sets the "orientation" to vertical.""" self._orientation = 'vertical' self.commit() diff --git a/timesketch/lib/datastores/elastic.py b/timesketch/lib/datastores/elastic.py index e11adc3fcf..9b70d9c3e9 100644 --- a/timesketch/lib/datastores/elastic.py +++ b/timesketch/lib/datastores/elastic.py @@ -560,7 +560,7 @@ def search_stream(self, sketch_id=None, query_string=None, query_dsl: Dictionary containing Elasticsearch DSL query indices: List of indices to query return_fields: List of fields to return - enable_scroll: Boolean determing whether scrolling is enabled. + enable_scroll: Boolean determining whether scrolling is enabled. timeline_ids: Optional list of IDs of Timeline objects that should be queried as part of the search. diff --git a/timesketch/lib/sigma_util.py b/timesketch/lib/sigma_util.py index 3cbab87ef4..4f6119bcbc 100644 --- a/timesketch/lib/sigma_util.py +++ b/timesketch/lib/sigma_util.py @@ -157,7 +157,7 @@ def get_all_sigma_rules(): def get_sigma_rule(filepath, sigma_config=None): - """ Returns a JSON represenation for a rule + """ Returns a JSON representation for a rule Args: filepath: path to the sigma rule to be parsed