PUNCH-Cyber
diff --git a/‎carver/ole/ole/ole.py
+3-4 b/‎carver/ole/ole/ole.py
+3-4
diff --git a/‎carver/ole/ole/ole.stoq
+1-2 b/‎carver/ole/ole/ole.stoq
+1-2
diff --git a/‎carver/ole/setup.py
+1-1 b/‎carver/ole/setup.py
+1-1
diff --git a/‎carver/olepackagestream/olepackagestream/olepackagestream.py
+4-6 b/‎carver/olepackagestream/olepackagestream/olepackagestream.py
+4-6
diff --git a/‎carver/olepackagestream/olepackagestream/olepackagestream.stoq
+1-2 b/‎carver/olepackagestream/olepackagestream/olepackagestream.stoq
+1-2
diff --git a/‎carver/olepackagestream/setup.py
+1-1 b/‎carver/olepackagestream/setup.py
+1-1
diff --git a/‎carver/pe/pe/pe.py
+2-2 b/‎carver/pe/pe/pe.py
+2-2
diff --git a/‎carver/pe/pe/pe.stoq
+1-1 b/‎carver/pe/pe/pe.stoq
+1-1
diff --git a/‎carver/pe/setup.py
+1-1 b/‎carver/pe/setup.py
+1-1
diff --git a/‎carver/rtf/rtf/rtf.py
+1-2 b/‎carver/rtf/rtf/rtf.py
+1-2
diff --git a/‎carver/rtf/rtf/rtf.stoq
+1-1 b/‎carver/rtf/rtf/rtf.stoq
+1-1
diff --git a/‎carver/rtf/setup.py
+1-1 b/‎carver/rtf/setup.py
+1-1
diff --git a/‎carver/swf/setup.py
+1-1 b/‎carver/swf/setup.py
+1-1
diff --git a/‎carver/swf/swf/swf.py
+5-6 b/‎carver/swf/swf/swf.py
+5-6
diff --git a/‎carver/swf/swf/swf.stoq
+1-1 b/‎carver/swf/swf/swf.stoq
+1-1
diff --git a/‎carver/xdp/setup.py
+1-2 b/‎carver/xdp/setup.py
+1-2
diff --git a/‎carver/xdp/xdp/xdp.py
+3-4 b/‎carver/xdp/xdp/xdp.py
+3-4
diff --git a/‎carver/xdp/xdp/xdp.stoq
+1-2 b/‎carver/xdp/xdp/xdp.stoq
+1-2
diff --git a/‎connector/elasticsearch/elasticsearch/elasticsearch.py
+2-2 b/‎connector/elasticsearch/elasticsearch/elasticsearch.py
+2-2
diff --git a/‎connector/elasticsearch/elasticsearch/elasticsearch.stoq
+2-2 b/‎connector/elasticsearch/elasticsearch/elasticsearch.stoq
+2-2
diff --git a/‎connector/elasticsearch/setup.py
+1-1 b/‎connector/elasticsearch/setup.py
+1-1
diff --git a/‎connector/emailer/emailer/emailer.py
+1-1 b/‎connector/emailer/emailer/emailer.py
+1-1
diff --git a/‎connector/emailer/emailer/emailer.stoq
+1-1 b/‎connector/emailer/emailer/emailer.stoq
+1-1
diff --git a/‎connector/emailer/setup.py
+1-1 b/‎connector/emailer/setup.py
+1-1
diff --git a/‎connector/gcs/gcs/gcs.py
+2-2 b/‎connector/gcs/gcs/gcs.py
+2-2
diff --git a/‎connector/gcs/gcs/gcs.stoq
+1-1 b/‎connector/gcs/gcs/gcs.stoq
+1-1
diff --git a/‎connector/gcs/setup.py
+1-1 b/‎connector/gcs/setup.py
+1-1
diff --git a/‎connector/mongodb/mongodb/mongodb.py
+3-6 b/‎connector/mongodb/mongodb/mongodb.py
+3-6
diff --git a/‎connector/mongodb/mongodb/mongodb.stoq
+1-2 b/‎connector/mongodb/mongodb/mongodb.stoq
+1-2
diff --git a/‎connector/mongodb/setup.py
+1-1 b/‎connector/mongodb/setup.py
+1-1
@@ -75,11 +75,10 @@ def carve(self, payload, **kwargs):
                             'size': len(stream_buffer)}
                     results.append((meta, stream_buffer))
 
-                    self.stoq.log.info("Carved OLE stream {}[{}] ({} bytes)".format(meta['name'],
-                                                                                    meta['stream'],
-                                                                                    meta['size']))
+                    self.log.info("Carved OLE stream {}[{}] ({} bytes)".format(meta['name'],
+                                                                               meta['stream'],
+                                                                               meta['size']))
             except:
                 pass
 
         return results
-
@@ -18,7 +18,6 @@ Module = ole
 
 [Documentation]
 Author = Marcus LaFerrera
-Version = 0.9.1
+Version = 0.10
 Website = https://github.com/PUNCH-Cyber/stoq-plugins-public
 Description = Carve OLE streams within Microsoft Office Documents
-
@@ -2,7 +2,7 @@
 
 setup(
     name="ole",
-    version="0.9",
+    version="0.10",
     author="Marcus LaFerrera (@mlaferrera)",
     url="https://github.com/PUNCH-Cyber/stoq-plugins-public",
     license="Apache License 2.0",
 
@@ -56,7 +56,7 @@ def carve(self, payload, **kwargs):
             payload = BytesIO(payload)
             return self.parse_stream(payload)
         except:
-           return None
+            return None
 
     def split_null(self, payload):
         pos = payload.tell()
@@ -104,9 +104,7 @@ def parse_stream(self, payload):
 
         meta['OrgFileW'] = hexlify(payload.read(meta['OrgFileWLength'] * 2)).decode()
 
-        self.stoq.log.info("Carved OLE Package Stream {} ({} bytes)".format(meta['DefaultExtractPath'],
-                                                                            meta['size']))
- 
-        return [(meta, stream_buffer)]
-
+        self.log.info("Carved OLE Package Stream {} ({} bytes)".format(meta['DefaultExtractPath'],
+                                                                       meta['size']))
 
+        return [(meta, stream_buffer)]
@@ -18,7 +18,6 @@ Module = olepackagestream
 
 [Documentation]
 Author = Marcus LaFerrera
-Version = 0.2
+Version = 0.3
 Website = https://github.com/PUNCH-Cyber/stoq-plugins-public
 Description = Carve OLE Package Streams
-
@@ -2,7 +2,7 @@
 
 setup(
     name="olepackagestream",
-    version="0.2",
+    version="0.3",
     author="Marcus LaFerrera (@mlaferrera)",
     url="https://github.com/PUNCH-Cyber/stoq-plugins-public",
     license="Apache License 2.0",
 
@@ -78,8 +78,8 @@ def carve(self, payload, **kwargs):
             meta = {'offset': start, 'size': len(binary)}
             results.append((meta, pe.trim()))
 
-            self.stoq.log.info("Carved executable at offset {} ({} bytes)".format(meta['offset'],
-                                                                                  meta['size']))
+            self.log.info("Carved executable at offset {} ({} bytes)".format(meta['offset'],
+                                                                             meta['size']))
 
             # Start all over
             payload.seek(0)
 
@@ -18,7 +18,7 @@ Module = pe
 
 [Documentation]
 Author = Jeff Ito, Marcus LaFerrera
-Version = 0.9
+Version = 0.10
 Website = https://github.com/PUNCH-Cyber/stoq-plugins-public
 Description = Carve portable executable files from a data stream
 
 
@@ -2,7 +2,7 @@
 
 setup(
     name="pe",
-    version="0.9",
+    version="0.10",
     author="Jeff Ito, Marcus LaFerrera (@mlaferrera)",
     url="https://github.com/PUNCH-Cyber/stoq-plugins-public",
     license="Apache License 2.0",
 
@@ -95,7 +95,6 @@ def carve(self, payload, **kwargs):
             meta = {"offset": start, "size": content_size}
             results.append((meta, content))
 
-            self.stoq.log.info("Carved binary stream in RTF at offset {} ({} bytes)".format(start, content_size))
+            self.log.info("Carved binary stream in RTF at offset {} ({} bytes)".format(start, content_size))
 
         return results
-
@@ -18,7 +18,7 @@ Module = rtf
 
 [Documentation]
 Author = Marcus LaFerrera
-Version = 0.9
+Version = 0.10
 Website = https://github.com/PUNCH-Cyber/stoq-plugins-public
 Description = Carve hex/binary streams from RTF payloads
 
 
@@ -2,7 +2,7 @@
 
 setup(
     name="rtf",
-    version="0.9",
+    version="0.10",
     author="Marcus LaFerrera (@mlaferrera)",
     url="https://github.com/PUNCH-Cyber/stoq-plugins-public",
     license="Apache License 2.0",
 
@@ -2,7 +2,7 @@
 
 setup(
     name="swf",
-    version="0.9.1",
+    version="0.10",
     author="Marcus LaFerrera (@mlaferrera)",
     url="https://github.com/PUNCH-Cyber/stoq-plugins-public",
     license="Apache License 2.0",
 
@@ -73,7 +73,7 @@ def carve(self, payload, **kwargs):
         return results
 
     def decompress(self, payload, offset=0):
-        try: 
+        try:
             ##
             # Header as obtained from SWF File Specification:
             # Field Type Comment
@@ -98,13 +98,13 @@ def decompress(self, payload, offset=0):
             payload.seek(offset)
 
             # Grab the first three bytes, should be FWS, CWS or ZWS
-            magic = payload.read(3).decode() 
+            magic = payload.read(3).decode()
 
             # Grab the SWF version - 1 byte
             swf_version = struct.unpack('<b', payload.read(1))[0]
 
             # Grab next 4 bytes so we can unpack to calculate the uncompressed
-            # size of the payload. 
+            # size of the payload.
             decompressed_size = struct.unpack("<i", payload.read(4))[0] - 8
 
             # Let's go back to the offset byte, jumping beyond the SWF header
@@ -141,16 +141,15 @@ def decompress(self, payload, offset=0):
                     'size': decompressed_size + 8
                     }
 
-            self.stoq.log.info("Carved SWF at offset {} ({} bytes)".format(meta['offset'],
+            self.log.info("Carved SWF at offset {} ({} bytes)".format(meta['offset'],
                                                                            meta['size']))
             return (meta, swf)
 
         except:
-            self.stoq.log.warn("Unable to decompress SWF payload at offset {}".format(offset))
+            self.log.warn("Unable to decompress SWF payload at offset {}".format(offset))
             return None
 
 
 class InvalidSWFSize(Exception):
     """ Invalid size of carved SWF content """
     pass
-
@@ -18,7 +18,7 @@ Module = swf
 
 [Documentation]
 Author = Marcus LaFerrera
-Version = 0.9.1
+Version = 0.10
 Website = https://github.com/PUNCH-Cyber/stoq-plugins-public
 Description = Carve and decompress SWF payloads
 
 
@@ -2,12 +2,11 @@
 
 setup(
     name="xdp",
-    version="0.9",
+    version="0.10",
     author="Marcus LaFerrera (@mlaferrera)",
     url="https://github.com/PUNCH-Cyber/stoq-plugins-public",
     license="Apache License 2.0",
     description="Carve and decode streams from XDP documents",
     packages=find_packages(),
     include_package_data=True,
 )
-
@@ -41,7 +41,7 @@ def activate(self, stoq):
         try:
             self.base64 = self.stoq.load_plugin("b64", "decoder")
         except:
-            self.stoq.log.error("Unable to load decoder:b64 plugin.")
+            self.log.error("Unable to load decoder:b64 plugin.")
             pass
 
     def carve(self, payload, **kwargs):
@@ -96,9 +96,8 @@ def carve(self, payload, **kwargs):
 
                 # Gather the metadata and content
                 meta = {"size": len(content), "element_name": name}
-                self.stoq.log.info("Carved XDP {} ({} bytes)".format(meta['element_name'],
-                                                                     meta['size']))
+                self.log.info("Carved XDP {} ({} bytes)".format(meta['element_name'],
+                                                                meta['size']))
                 results.append((meta, content))
 
         return results
-
@@ -18,7 +18,6 @@ Module = xdp
 
 [Documentation]
 Author = Marcus LaFerrera
-Version = 0.9
+Version = 0.10
 Website = https://github.com/PUNCH-Cyber/stoq-plugins-public
 Description = Carve and decode streams from XDP documents
-
@@ -79,8 +79,8 @@ def _commit(self):
                 self.buffer.pop()
         except TransportError:
             tb = traceback.format_exc()
-            self.stoq.log.error("Error committing to Elasticsearch: {}".format(tb))
-            self.stoq.log.error("Failed commits: {}".format(str(self.buffer)))
+            self.log.error("Error committing to Elasticsearch: {}".format(tb))
+            self.log.error("Failed commits: {}".format(str(self.buffer)))
         finally:
             self.buffer_lock.release()
 
 
@@ -18,7 +18,7 @@ Module = elasticsearch
 
 [Documentation]
 Author = Marcus LaFerrera
-Version = 0.4
+Version = 0.5
 Website = https://github.com/PUNCH-Cyber/stoq-plugins-public
 Description = Saves content to an ElasticSearch index
 
@@ -51,4 +51,4 @@ bulk = False
 
 bulk_interval = 10
 
-bulk_size = 500
+bulk_size = 500
@@ -2,7 +2,7 @@
 
 setup(
     name="elasticsearch",
-    version="0.4",
+    version="0.5",
     author="Marcus LaFerrera (@mlaferrera) Aaron Gee-Clough (@gclef_)",
     url="https://github.com/PUNCH-Cyber/stoq-plugins-public",
     license="Apache License 2.0",
 
@@ -60,7 +60,7 @@ def save(self, payload, archive=False, **kwargs):
             recipients = self.recipients_list
 
         if not recipients:
-            self.stoq.log.error("No recipient defined!")
+            self.log.error("No recipient defined!")
             return None
 
         msg = MIMEMultipart('alternative')
 
@@ -18,7 +18,7 @@ Module = emailer
 
 [Documentation]
 Author = Marcus LaFerrera
-Version = 0.3
+Version = 0.4
 Website = https://github.com/PUNCH-Cyber/stoq-plugins-public
 Description = Send results to recipients via e-mail
 
 
@@ -2,7 +2,7 @@
 
 setup(
     name="emailer",
-    version="0.3",
+    version="0.4",
     author="Marcus LaFerrera (@mlaferrera)",
     url="https://github.com/PUNCH-Cyber/stoq-plugins-public",
     license="Apache License 2.0",
 
@@ -109,9 +109,9 @@ def save(self, payload, archive=False, **kwargs):
             req = self.conn.objects().insert(bucket=bucket, body=body,
                                              media_body=media_body)
             resp = req.execute()
-            self.stoq.log.debug(resp)
+            self.log.debug(resp)
         except Exception as err:
-            self.stoq.log.error("Unable to save file to GCS: {}".format(str(err)))
+            self.log.error("Unable to save file to GCS: {}".format(str(err)))
             return None
 
         return filename
 
@@ -18,7 +18,7 @@ Module = gcs
 
 [Documentation]
 Author = Marcus LaFerrera
-Version = 0.2
+Version = 0.3
 Website = https://github.com/PUNCH-Cyber/stoq-plugins-public
 Description = Sends and retrieves content from Google Cloud Storage buckets
 
 
@@ -2,7 +2,7 @@
 
 setup(
     name="gcs",
-    version="0.2",
+    version="0.3",
     author="Marcus LaFerrera (@mlaferrera)",
     url="https://github.com/PUNCH-Cyber/stoq-plugins-public",
     license="Apache License 2.0",
 
@@ -25,7 +25,6 @@
 from pymongo.errors import DuplicateKeyError
 from gridfs.errors import FileExists
 
-from stoq.scan import get_sha1
 from stoq.plugins import StoqConnectorPlugin
 
 
@@ -70,7 +69,7 @@ def get_file(self, **kwargs):
 
                 # So gridfs' documentation states we can use find_one, but
                 # it doesn't exist. So instead, we are going to use find,
-                # then just use the first item in the index, since we 
+                # then just use the first item in the index, since we
                 # should always only return a single result anyway.
                 results = self.collection.find({key: kwargs[key]})
 
@@ -79,8 +78,7 @@ def get_file(self, **kwargs):
                         with self.collection.get(results[0]._id) as requested_file:
                             return requested_file.read()
                     except Exception as e:
-                        self.stoq.log.error("Unable to retrieve file "
-                                            "{0} :: {1}".format(kwargs, str(e)))
+                        self.log.error("Unable to retrieve file {} :: {}".format(kwargs, str(e)))
                         return None
 
         # No results, carry on.
@@ -104,7 +102,7 @@ def save(self, payload, archive=False, **kwargs):
 
         self.archive = archive
 
-        # Define the index name, if available. 
+        # Define the index name, if available.
         index = kwargs.get('index', None)
 
         if not hasattr(self, 'collection'):
@@ -187,4 +185,3 @@ def disconnect(self):
 
         self.mongo_client.disconnect()
         super().disconnect()
-
@@ -18,7 +18,7 @@ Module = mongodb
 
 [Documentation]
 Author = Marcus LaFerrera
-Version = 0.9.2
+Version = 0.10
 Website = https://github.com/PUNCH-Cyber/stoq-plugins-public
 Description = Sends and retrieves content from MongoDB
 
@@ -35,4 +35,3 @@ Description = Sends and retrieves content from MongoDB
 # conn = mongodb://localhost:27017/
 
 conn = mongodb://localhost:27017/
-
@@ -2,7 +2,7 @@
 
 setup(
     name="mongodb",
-    version="0.9.2",
+    version="0.10",
     author="Marcus LaFerrera (@mlaferrera)",
     url="https://github.com/PUNCH-Cyber/stoq-plugins-public",
     license="Apache License 2.0",