:py:mod:`dissect.target.plugins.os.windows.ual`
===============================================

.. py:module:: dissect.target.plugins.os.windows.ual


Module Contents
---------------

Classes
~~~~~~~

.. autoapisummary::

   dissect.target.plugins.os.windows.ual.UalPlugin




Attributes
~~~~~~~~~~

.. autoapisummary::

   dissect.target.plugins.os.windows.ual.ClientAccessRecord
   dissect.target.plugins.os.windows.ual.RoleAccessRecord
   dissect.target.plugins.os.windows.ual.VirtualMachineRecord
   dissect.target.plugins.os.windows.ual.DomainSeenRecord
   dissect.target.plugins.os.windows.ual.SystemIdentityRecord
   dissect.target.plugins.os.windows.ual.FIELD_NAME_MAP


.. py:data:: ClientAccessRecord

   

.. py:data:: RoleAccessRecord

   

.. py:data:: VirtualMachineRecord

   

.. py:data:: DomainSeenRecord

   

.. py:data:: SystemIdentityRecord

   

.. py:data:: FIELD_NAME_MAP

   

.. py:class:: UalPlugin(target)


   Bases: :py:obj:`dissect.target.plugin.Plugin`

   Return all available User Access Log information.

   User Access Logging (UAL) is a logging system that aggregates client usage data by role and products on a local
   server. It helps Windows server administrators to quantify requests from client computers for roles and services on
   a local server.

   .. rubric:: References

   - https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh849634%28v=ws.11%29

   .. py:attribute:: __namespace__
      :value: 'ual'

      

   .. py:attribute:: LOG_DB_GLOB
      :value: 'sysvol/Windows/System32/LogFiles/Sum/*.mdb'

      

   .. py:attribute:: IDENTITY_DB_FILENAME
      :value: 'SystemIdentity.mdb'

      

   .. py:attribute:: IDENTITY_DB_PATH

      

   .. py:method:: check_compatible() -> None

      Perform a compatibility check with the target.

      This function should return ``None`` if the plugin is compatible with
      the current target (``self.target``). For example, check if a certain
      file exists.
      Otherwise it should raise an ``UnsupportedPluginError``.

      :raises UnsupportedPluginError: If the plugin could not be loaded.


   .. py:method:: find_mdb_files()


   .. py:method:: populate_role_guid_map()


   .. py:method:: read_table_records(table_name)


   .. py:method:: client_access()

      Return client access data within the User Access Logs.


   .. py:method:: role_access()

      Return role access data within the User Access Logs.


   .. py:method:: virtual_machines()

      Return virtual machine data within the User Access Logs.


   .. py:method:: domains_seen()

      Return DNS data within the User Access Logs.


   .. py:method:: system_identities()

      Return system identity data within the User Access Logs.