Skip to content

Add error handling for artifact parsing #634

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
yosuahres wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add error handling for artifact parsing #634

yosuahres wants to merge 1 commit into from

Conversation

@yosuahres
Copy link

@yosuahres yosuahres commented Dec 9, 2025

Enhance artifacts, update core funcs, add Turbo artifacts

This pull request introduces two new artifacts for Google Device Health Services and significantly enhances several existing artifacts by adding fallback queries, improving data extraction, and modernizing core utility functions for better compatibility and reporting.

Core Changes (scripts/ilapfuncs.py):

  • Refactor/Standardization: Implemented @artifact_processor decorator on new and existing v2 artifacts to standardize logging, reporting (HTML, TSV, Timeline, KML, LAVA), and streamline argument handling.
  • Timestamp Utility: Added convert_local_to_utc function for robust parsing and conversion of timezone-offset timestamps (e.g., YYYY-MM-DD HH:MM:SS+ZZZZ) to UTC.
  • Source Path Handling: Updated reporting functions (get_results_with_extra_sourcepath_if_needed) to correctly append the source file path when merging data from multiple files.
  • Media Handling: Refined media functions to ensure proper embedding of images, videos, and audio in HTML reports and accurate path listing in other output formats.

New Artifacts:

  • Turbo - Phone Battery (Turbo_Battery): Parses battery events, including battery level, charge type, battery saver status, and timezone from turbo.db.
  • Turbo - Bluetooth Device Info (Turbo_Bluetooth): Parses Bluetooth connection data, including MAC address, device ID, battery/volume level, and timezone from bluetooth.db.

Artifact Enhancements:

  • FacebookMessenger.py:
    • Added fallback SQLite queries for the msys_database for chats (omitting Reaction Time column if missing).
    • Added fallback logic for threads_db2 contacts (omitting friendship_status and contact_relationship_status if missing columns).
  • googleCallScreen.py:
    • Added support for extracting, copying, and embedding playable audio clips (<audio> tag) for call recordings in the report.
    • Implemented fallback queries in Transcript table access to gracefully handle missing lastModifiedMillis and audioRecordingFilePath columns.
  • keepNotes.py:
    • Added a fallback query to retrieve note text from the note_changes table if the primary text_search_note_content_content table is unavailable.
  • wellbeing.py:
    • Applied consistent UTC conversion to timestamps for all events (Events and URL Events) for standardized timeline generation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@yosuahres