|
Autopsy
4.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
|
Inherits org.sleuthkit.autopsy.ingest.FileIngestModule.
Classes | |
| class | Indexer |
| enum | IngestStatus |
| enum | UpdateFrequency |
Public Member Functions | |
| ProcessResult | process (AbstractFile abstractFile) |
| void | shutDown () |
| void | startUp (IngestJobContext context) throws IngestModuleException |
Private Member Functions | |
| void | cleanup () |
| void | postIndexSummary () |
| void | stop () |
Static Private Member Functions | |
| static void | putIngestStatus (long ingestJobId, long fileId, IngestStatus status) |
Private Attributes | |
| IngestJobContext | context |
| long | dataSourceId |
| FileTypeDetector | fileTypeDetector |
| Indexer | indexer |
| Ingester | ingester = null |
| boolean | initialized = false |
| int | instanceNum = 0 |
| long | jobId |
| final IngestServices | services = IngestServices.getInstance() |
| final KeywordSearchJobSettings | settings |
| boolean | startedSearching = false |
| StringsTextExtractor | stringExtractor |
| List< TextExtractor > | textExtractors |
Static Private Attributes | |
| static final Map< Long, Map< Long, IngestStatus > > | ingestStatus = new HashMap<>() |
| static final AtomicInteger | instanceCount = new AtomicInteger(0) |
| static final Logger | logger = Logger.getLogger(KeywordSearchIngestModule.class.getName()) |
| static final IngestModuleReferenceCounter | refCounter = new IngestModuleReferenceCounter() |
An ingest module on a file level Performs indexing of allocated and Solr supported files, string extraction and indexing of unallocated and not Solr supported files Index commit is done periodically (determined by user set ingest update interval) Runs a periodic keyword / regular expression search on currently configured lists for ingest and writes results to blackboard Reports interesting events to Inbox and to viewers
Definition at line 56 of file KeywordSearchIngestModule.java.
|
private |
Common cleanup code when module stops or final searcher completes
Definition at line 330 of file KeywordSearchIngestModule.java.
Referenced by org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.shutDown(), and org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.stop().
|
private |
Posts inbox message with summary of text_ingested files
Definition at line 341 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.ingest.IngestMessage.createMessage(), org.sleuthkit.autopsy.coreutils.MessageNotifyUtil.Notify.error(), org.sleuthkit.autopsy.ingest.IngestMessage.MessageType.INFO, org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.ingestStatus, org.sleuthkit.autopsy.ingest.IngestServices.postMessage(), and org.sleuthkit.autopsy.coreutils.MessageNotifyUtil.Notify.warn().
Referenced by org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.shutDown().
| ProcessResult org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.process | ( | AbstractFile | file | ) |
Processes a file. Called between calls to startUp() and shutDown(). Will be called for each file in a data source.
| file | The file to analyze. |
Implements org.sleuthkit.autopsy.ingest.FileIngestModule.
Definition at line 242 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.keywordsearch.SearchRunner.getInstance(), org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.Indexer.indexFile(), org.sleuthkit.autopsy.ingest.IngestModule.ProcessResult.OK, org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.putIngestStatus(), org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.IngestStatus.SKIPPED_ERROR_INDEXING, and org.sleuthkit.autopsy.keywordsearch.SearchRunner.startJob().
|
staticprivate |
Definition at line 107 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.ingestStatus.
Referenced by org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.Indexer.extractStringsAndIndex(), org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.Indexer.indexFile(), and org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.process().
| void org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.shutDown | ( | ) |
After all files are ingested, execute final index commit and final search Cleanup resources, threads, timers
Implements org.sleuthkit.autopsy.ingest.FileIngestModule.
Definition at line 279 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.cleanup(), org.sleuthkit.autopsy.ingest.IngestModuleReferenceCounter.decrementAndGet(), org.sleuthkit.autopsy.keywordsearch.SearchRunner.endJob(), org.sleuthkit.autopsy.ingest.IngestJobContext.fileIngestIsCancelled(), org.sleuthkit.autopsy.keywordsearch.SearchRunner.getInstance(), org.sleuthkit.autopsy.keywordsearch.KeywordSearch.getServer(), org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.ingestStatus, org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.postIndexSummary(), org.sleuthkit.autopsy.keywordsearch.Server.queryNumIndexedChunks(), org.sleuthkit.autopsy.keywordsearch.Server.queryNumIndexedFiles(), and org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.stop().
| void org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.startUp | ( | IngestJobContext | context | ) | throws IngestModuleException |
Initializes the module for new ingest run Sets up threads, timers, retrieves settings, keyword lists to run on
Implements org.sleuthkit.autopsy.ingest.IngestModule.
Definition at line 131 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.context, org.sleuthkit.autopsy.ingest.IngestMessage.createErrorMessage(), org.sleuthkit.autopsy.ingest.IngestMessage.createWarningMessage(), org.sleuthkit.autopsy.casemodule.Case.getCaseType(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCase(), org.sleuthkit.autopsy.ingest.IngestJobContext.getDataSource(), org.sleuthkit.autopsy.core.UserPreferences.getIndexingServerHost(), org.sleuthkit.autopsy.core.UserPreferences.getIndexingServerPort(), org.sleuthkit.autopsy.keywordsearch.Server.getIngester(), org.sleuthkit.autopsy.ingest.IngestJobContext.getJobId(), org.sleuthkit.autopsy.keywordsearch.KeywordSearch.getServer(), org.sleuthkit.autopsy.ingest.IngestModuleReferenceCounter.incrementAndGet(), org.sleuthkit.autopsy.casemodule.Case.CaseType.MULTI_USER_CASE, org.sleuthkit.autopsy.ingest.IngestServices.postMessage(), org.sleuthkit.autopsy.keywordsearch.Server.queryNumIndexedDocuments(), and org.sleuthkit.autopsy.keywordsearchservice.KeywordSearchService.tryConnect().
|
private |
Handle stop event (ingest interrupted) Cleanup resources, threads, timers
Definition at line 319 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.cleanup(), org.sleuthkit.autopsy.keywordsearch.SearchRunner.getInstance(), and org.sleuthkit.autopsy.keywordsearch.SearchRunner.stopJob().
Referenced by org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.shutDown().
|
private |
Definition at line 94 of file KeywordSearchIngestModule.java.
Referenced by org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.startUp().
|
private |
Definition at line 90 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 80 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 79 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 78 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 105 of file KeywordSearchIngestModule.java.
Referenced by org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.postIndexSummary(), org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.putIngestStatus(), and org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.shutDown().
|
private |
Definition at line 88 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 91 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 92 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 89 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 76 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 93 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 77 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 87 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 84 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 86 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 85 of file KeywordSearchIngestModule.java.
Copyright © 2012-2015 Basis Technology. Generated on: Wed Apr 6 2016
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.