api-docs/4.1/_keyword_hits_8java_source.html

 /*

  * Autopsy Forensic Browser

  *

  * Copyright 2011-2015 Basis Technology Corp.

  * Contact: carrier <at> sleuthkit <dot> org

  *

  * Licensed under the Apache License, Version 2.0 (the "License");

  * you may not use this file except in compliance with the License.

  * You may obtain a copy of the License at

  *

  *     http://www.apache.org/licenses/LICENSE-2.0

  *

  * Unless required by applicable law or agreed to in writing, software

  * distributed under the License is distributed on an "AS IS" BASIS,

  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  * See the License for the specific language governing permissions and

  * limitations under the License.

  */

 package org.sleuthkit.autopsy.datamodel;


 import java.beans.PropertyChangeEvent;

 import java.beans.PropertyChangeListener;

 import java.sql.ResultSet;

 import java.sql.SQLException;

 import java.util.ArrayList;

 import java.util.Collections;

 import java.util.HashSet;

 import java.util.LinkedHashMap;

 import java.util.List;

 import java.util.Map;

 import java.util.Observable;

 import java.util.Observer;

 import java.util.Set;

 import java.util.logging.Level;

 import org.openide.nodes.ChildFactory;

 import org.openide.nodes.Children;

 import org.openide.nodes.Node;

 import org.openide.nodes.Sheet;

 import org.openide.util.NbBundle;

 import org.openide.util.lookup.Lookups;

 import org.sleuthkit.autopsy.casemodule.Case;

 import org.sleuthkit.autopsy.coreutils.Logger;

 import org.sleuthkit.autopsy.ingest.IngestManager;

 import org.sleuthkit.autopsy.ingest.ModuleDataEvent;

 import org.sleuthkit.datamodel.AbstractFile;

 import org.sleuthkit.datamodel.BlackboardArtifact;

 import org.sleuthkit.datamodel.BlackboardAttribute;

 import org.sleuthkit.datamodel.SleuthkitCase;

 import org.sleuthkit.datamodel.SleuthkitCase.CaseDbQuery;

 import org.sleuthkit.datamodel.TskCoreException;

 import org.sleuthkit.datamodel.TskException;


 public class KeywordHits implements AutopsyVisitableItem {


     private SleuthkitCase skCase;

     private static final Logger logger = Logger.getLogger(KeywordHits.class.getName());

     private static final String KEYWORD_HITS = NbBundle.getMessage(KeywordHits.class, "KeywordHits.kwHits.text");

     public static final String NAME = BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getLabel();

     public static final String SIMPLE_LITERAL_SEARCH = NbBundle

             .getMessage(KeywordHits.class, "KeywordHits.simpleLiteralSearch.text");

     public static final String SIMPLE_REGEX_SEARCH = NbBundle

             .getMessage(KeywordHits.class, "KeywordHits.singleRegexSearch.text");

     private final KeywordResults keywordResults;


     public KeywordHits(SleuthkitCase skCase) {

         this.skCase = skCase;

         keywordResults = new KeywordResults();

     }


     private final class KeywordResults extends Observable {


         // Map from listName/Type to Map of keyword to set of artifact Ids

         // NOTE: the map can be accessed by multiple worker threads and needs to be synchronized

         private final Map<String, Map<String, Set<Long>>> topLevelMap = new LinkedHashMap<>();


         KeywordResults() {

             update();

         }


         List<String> getListNames() {

             synchronized (topLevelMap) {

                 List<String> names = new ArrayList<>(topLevelMap.keySet());

                 // this causes the "Single ..." terms to be in the middle of the results,

                 // which is wierd.  Make a custom comparator or do something else to maek them on top

                 //Collections.sort(names);

                 return names;

             }

         }


         List<String> getKeywords(String listName) {

             List<String> keywords;

             synchronized (topLevelMap) {

                 keywords = new ArrayList<>(topLevelMap.get(listName).keySet());

             }

             Collections.sort(keywords);

             return keywords;

         }


         Set<Long> getArtifactIds(String listName, String keyword) {

             synchronized (topLevelMap) {

                 return topLevelMap.get(listName).get(keyword);

             }

         }


         // populate maps based on artifactIds

         void populateMaps(Map<Long, Map<Long, String>> artifactIds) {

             synchronized (topLevelMap) {

                 topLevelMap.clear();


                 // map of list name to keword to artifact IDs

                 Map<String, Map<String, Set<Long>>> listsMap = new LinkedHashMap<>();


                 // Map from from literal keyword to artifact IDs

                 Map<String, Set<Long>> literalMap = new LinkedHashMap<>();


                 // Map from regex keyword artifact IDs

                 Map<String, Set<Long>> regexMap = new LinkedHashMap<>();


                 // top-level nodes

                 topLevelMap.put(SIMPLE_LITERAL_SEARCH, literalMap);

                 topLevelMap.put(SIMPLE_REGEX_SEARCH, regexMap);


                 for (Map.Entry<Long, Map<Long, String>> art : artifactIds.entrySet()) {

                     long id = art.getKey();

                     Map<Long, String> attributes = art.getValue();


                     // I think we can use attributes.remove(...) here?

                     String listName = attributes.get(Long.valueOf(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME.getTypeID()));

                     String word = attributes.get(Long.valueOf(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD.getTypeID()));

                     String reg = attributes.get(Long.valueOf(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_REGEXP.getTypeID()));


                     // part of a list

                     if (listName != null) {

                         if (listsMap.containsKey(listName) == false) {

                             listsMap.put(listName, new LinkedHashMap<String, Set<Long>>());

                         }


                         Map<String, Set<Long>> listMap = listsMap.get(listName);

                         if (listMap.containsKey(word) == false) {

                             listMap.put(word, new HashSet<Long>());

                         }


                         listMap.get(word).add(id);

                     } // regular expression, single term

                     else if (reg != null) {

                         if (regexMap.containsKey(reg) == false) {

                             regexMap.put(reg, new HashSet<Long>());

                         }

                         regexMap.get(reg).add(id);

                     } // literal, single term

                     else {

                         if (literalMap.containsKey(word) == false) {

                             literalMap.put(word, new HashSet<Long>());

                         }

                         literalMap.get(word).add(id);

                     }

                     topLevelMap.putAll(listsMap);

                 }

             }


             setChanged();

             notifyObservers();

         }


         @SuppressWarnings("deprecation")

         public void update() {

             Map<Long, Map<Long, String>> artifactIds = new LinkedHashMap<>();


             if (skCase == null) {

                 return;

             }


             int setId = BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME.getTypeID();

             int wordId = BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD.getTypeID();

             int regexId = BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_REGEXP.getTypeID();

             int artId = BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID();

             String query = "SELECT blackboard_attributes.value_text,blackboard_attributes.artifact_id," //NON-NLS

                     + "blackboard_attributes.attribute_type_id FROM blackboard_attributes,blackboard_artifacts WHERE " //NON-NLS

                     + "(blackboard_attributes.artifact_id=blackboard_artifacts.artifact_id AND " //NON-NLS

                     + "blackboard_artifacts.artifact_type_id=" + artId //NON-NLS

                     + ") AND (attribute_type_id=" + setId + " OR " //NON-NLS

                     + "attribute_type_id=" + wordId + " OR " //NON-NLS

                     + "attribute_type_id=" + regexId + ")"; //NON-NLS


             try (CaseDbQuery dbQuery = skCase.executeQuery(query)) {

                 ResultSet resultSet = dbQuery.getResultSet();

                 while (resultSet.next()) {

                     String value = resultSet.getString("value_text"); //NON-NLS

                     long artifactId = resultSet.getLong("artifact_id"); //NON-NLS

                     long typeId = resultSet.getLong("attribute_type_id"); //NON-NLS

                     if (!artifactIds.containsKey(artifactId)) {

                         artifactIds.put(artifactId, new LinkedHashMap<Long, String>());

                     }

                     if (!value.equals("")) {

                         artifactIds.get(artifactId).put(typeId, value);

                     }

                 }

             } catch (TskCoreException | SQLException ex) {

                 logger.log(Level.WARNING, "SQL Exception occurred: ", ex); //NON-NLS

             }


             populateMaps(artifactIds);

         }

     }


     @Override

     public <T> T accept(AutopsyItemVisitor<T> v) {

         return v.visit(this);

     }


     // Created by CreateAutopsyNodeVisitor

     public class RootNode extends DisplayableItemNode {


         public RootNode() {

             super(Children.create(new ListFactory(), true), Lookups.singleton(KEYWORD_HITS));

             super.setName(NAME);

             super.setDisplayName(KEYWORD_HITS);

             this.setIconBaseWithExtension("org/sleuthkit/autopsy/images/keyword_hits.png"); //NON-NLS

         }


         @Override

         public boolean isLeafTypeNode() {

             return false;

         }


         @Override

         public <T> T accept(DisplayableItemNodeVisitor<T> v) {

             return v.visit(this);

         }


         @Override

         protected Sheet createSheet() {

             Sheet s = super.createSheet();

             Sheet.Set ss = s.get(Sheet.PROPERTIES);

             if (ss == null) {

                 ss = Sheet.createPropertiesSet();

                 s.put(ss);

             }


             ss.put(new NodeProperty<>(NbBundle.getMessage(this.getClass(), "KeywordHits.createSheet.name.name"),

                     NbBundle.getMessage(this.getClass(), "KeywordHits.createSheet.name.displayName"),

                     NbBundle.getMessage(this.getClass(), "KeywordHits.createSheet.name.desc"),

                     getName()));


             return s;

         }


         /*

          * TODO (AUT-1849): Correct or remove peristent column reordering code

          *

          * Added to support this feature.

          */

 //        @Override

 //        public String getItemType() {

 //            return "KeywordRoot"; //NON-NLS

 //        }

     }


     private class ListFactory extends ChildFactory.Detachable<String> implements Observer {


         private final PropertyChangeListener pcl = new PropertyChangeListener() {

             @Override

             public void propertyChange(PropertyChangeEvent evt) {

                 String eventType = evt.getPropertyName();

                 if (eventType.equals(IngestManager.IngestModuleEvent.DATA_ADDED.toString())) {

                     try {

                         Case.getCurrentCase();

                         ModuleDataEvent eventData = (ModuleDataEvent) evt.getOldValue();

                         if (null != eventData && eventData.getBlackboardArtifactType().getTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) {

                             keywordResults.update();

                         }

                     } catch (IllegalStateException notUsed) {

                     }

                 } else if (eventType.equals(IngestManager.IngestJobEvent.COMPLETED.toString())

                         || eventType.equals(IngestManager.IngestJobEvent.CANCELLED.toString())) {

                     try {

                         Case.getCurrentCase();

                         keywordResults.update();

                     } catch (IllegalStateException notUsed) {

                     }

                 } else if (eventType.equals(Case.Events.CURRENT_CASE.toString())) {

                     // case was closed. Remove listeners so that we don't get called with a stale case handle

                     if (evt.getNewValue() == null) {

                         removeNotify();

                         skCase = null;

                     }

                 }

             }

         };


         @Override

         protected void addNotify() {

             IngestManager.getInstance().addIngestJobEventListener(pcl);

             IngestManager.getInstance().addIngestModuleEventListener(pcl);

             Case.addPropertyChangeListener(pcl);

             keywordResults.update();

             keywordResults.addObserver(this);

         }


         @Override

         protected void removeNotify() {

             IngestManager.getInstance().removeIngestJobEventListener(pcl);

             IngestManager.getInstance().removeIngestModuleEventListener(pcl);

             Case.removePropertyChangeListener(pcl);

             keywordResults.deleteObserver(this);

         }


         @Override

         protected boolean createKeys(List<String> list) {

             list.addAll(keywordResults.getListNames());

             return true;

         }


         @Override

         protected Node createNodeForKey(String key) {

             return new ListNode(key);

         }


         @Override

         public void update(Observable o, Object arg) {

             refresh(true);

         }

     }


     public class ListNode extends DisplayableItemNode implements Observer {


         private String listName;


         public ListNode(String listName) {

             super(Children.create(new TermFactory(listName), true), Lookups.singleton(listName));

             super.setName(listName);

             this.setIconBaseWithExtension("org/sleuthkit/autopsy/images/keyword_hits.png"); //NON-NLS

             this.listName = listName;

             updateDisplayName();

             keywordResults.addObserver(this);

         }


         private void updateDisplayName() {

             int totalDescendants = 0;

             for (String word : keywordResults.getKeywords(listName)) {

                 Set<Long> ids = keywordResults.getArtifactIds(listName, word);

                 totalDescendants += ids.size();

             }

             super.setDisplayName(listName + " (" + totalDescendants + ")");

         }


         @Override

         protected Sheet createSheet() {

             Sheet s = super.createSheet();

             Sheet.Set ss = s.get(Sheet.PROPERTIES);

             if (ss == null) {

                 ss = Sheet.createPropertiesSet();

                 s.put(ss);

             }


             ss.put(new NodeProperty<>(NbBundle.getMessage(this.getClass(), "KeywordHits.createSheet.listName.name"),

                     NbBundle.getMessage(this.getClass(), "KeywordHits.createSheet.listName.displayName"),

                     NbBundle.getMessage(this.getClass(), "KeywordHits.createSheet.listName.desc"),

                     listName));


             ss.put(new NodeProperty<>(NbBundle.getMessage(this.getClass(), "KeywordHits.createSheet.numChildren.name"),

                     NbBundle.getMessage(this.getClass(), "KeywordHits.createSheet.numChildren.displayName"),

                     NbBundle.getMessage(this.getClass(), "KeywordHits.createSheet.numChildren.desc"),

                     keywordResults.getKeywords(listName).size()));


             return s;

         }


         @Override

         public boolean isLeafTypeNode() {

             return false;

         }


         @Override

         public <T> T accept(DisplayableItemNodeVisitor<T> v) {

             return v.visit(this);

         }


         @Override

         public void update(Observable o, Object arg) {

             updateDisplayName();

         }


         /*

          * TODO (AUT-1849): Correct or remove peristent column reordering code

          *

          * Added to support this feature.

          */

 //        @Override

 //        public String getItemType() {

 //            return "KeywordList"; //NON-NLS

 //        }

     }


     private class TermFactory extends ChildFactory.Detachable<String> implements Observer {


         private String setName;


         private TermFactory(String setName) {

             super();

             this.setName = setName;

         }


         @Override

         protected void addNotify() {

             keywordResults.addObserver(this);

         }


         @Override

         protected void removeNotify() {

             keywordResults.deleteObserver(this);

         }


         @Override

         protected boolean createKeys(List<String> list) {

             list.addAll(keywordResults.getKeywords(setName));

             return true;

         }


         @Override

         protected Node createNodeForKey(String key) {

             return new TermNode(setName, key);

         }


         @Override

         public void update(Observable o, Object arg) {

             refresh(true);

         }

     }


     public class TermNode extends DisplayableItemNode implements Observer {


         private String setName;

         private String keyword;


         public TermNode(String setName, String keyword) {

             super(Children.create(new HitsFactory(setName, keyword), true), Lookups.singleton(keyword));

             super.setName(keyword);

             this.setName = setName;

             this.keyword = keyword;

             this.setIconBaseWithExtension("org/sleuthkit/autopsy/images/keyword_hits.png"); //NON-NLS

             updateDisplayName();

             keywordResults.addObserver(this);

         }


         private void updateDisplayName() {

             super.setDisplayName(keyword + " (" + keywordResults.getArtifactIds(setName, keyword).size() + ")");

         }


         @Override

         public void update(Observable o, Object arg) {

             updateDisplayName();

         }


         @Override

         public boolean isLeafTypeNode() {

             return true;

         }


         @Override

         public <T> T accept(DisplayableItemNodeVisitor<T> v) {

             return v.visit(this);

         }


         @Override

         protected Sheet createSheet() {

             Sheet s = super.createSheet();

             Sheet.Set ss = s.get(Sheet.PROPERTIES);

             if (ss == null) {

                 ss = Sheet.createPropertiesSet();

                 s.put(ss);

             }


             ss.put(new NodeProperty<>(NbBundle.getMessage(this.getClass(), "KeywordHits.createSheet.listName.name"),

                     NbBundle.getMessage(this.getClass(), "KeywordHits.createSheet.listName.displayName"),

                     NbBundle.getMessage(this.getClass(), "KeywordHits.createSheet.listName.desc"),

                     getDisplayName()));


             ss.put(new NodeProperty<>(NbBundle.getMessage(this.getClass(), "KeywordHits.createSheet.filesWithHits.name"),

                     NbBundle.getMessage(this.getClass(), "KeywordHits.createSheet.filesWithHits.displayName"),

                     NbBundle.getMessage(this.getClass(), "KeywordHits.createSheet.filesWithHits.desc"),

                     keywordResults.getArtifactIds(setName, keyword).size()));


             return s;

         }


         /*

          * TODO (AUT-1849): Correct or remove peristent column reordering code

          *

          * Added to support this feature.

          */

 //        @Override

 //        public String getItemType() {

 //            return "KeywordTerm"; //NON-NLS

 //        }

     }


     public class HitsFactory extends ChildFactory.Detachable<Long> implements Observer {


         private String keyword;

         private String setName;


         public HitsFactory(String setName, String keyword) {

             super();

             this.setName = setName;

             this.keyword = keyword;

         }


         @Override

         protected void addNotify() {

             keywordResults.addObserver(this);

         }


         @Override

         protected void removeNotify() {

             keywordResults.deleteObserver(this);

         }


         @Override

         protected boolean createKeys(List<Long> list) {

             list.addAll(keywordResults.getArtifactIds(setName, keyword));

             return true;

         }


         @Override

         protected Node createNodeForKey(Long artifactId) {

             if (skCase == null) {

                 return null;

             }


             try {

                 BlackboardArtifact art = skCase.getBlackboardArtifact(artifactId);

                 BlackboardArtifactNode n = new BlackboardArtifactNode(art);

                 AbstractFile file;

                 try {

                     file = skCase.getAbstractFileById(art.getObjectID());

                 } catch (TskCoreException ex) {

                     logger.log(Level.SEVERE, "TskCoreException while constructing BlackboardArtifact Node from KeywordHitsKeywordChildren"); //NON-NLS

                     return n;

                 }


                 // It is possible to get a keyword hit on artifacts generated

                 // for the underlying image in which case MAC times are not

                 // available/applicable/useful.

                 if (file == null) {

                     return n;

                 }


                 n.addNodeProperty(new NodeProperty<>(

                         NbBundle.getMessage(this.getClass(), "KeywordHits.createNodeForKey.modTime.name"),

                         NbBundle.getMessage(this.getClass(),

                                 "KeywordHits.createNodeForKey.modTime.displayName"),

                         NbBundle.getMessage(this.getClass(),

                                 "KeywordHits.createNodeForKey.modTime.desc"),

                         ContentUtils.getStringTime(file.getMtime(), file)));

                 n.addNodeProperty(new NodeProperty<>(

                         NbBundle.getMessage(this.getClass(), "KeywordHits.createNodeForKey.accessTime.name"),

                         NbBundle.getMessage(this.getClass(),

                                 "KeywordHits.createNodeForKey.accessTime.displayName"),

                         NbBundle.getMessage(this.getClass(),

                                 "KeywordHits.createNodeForKey.accessTime.desc"),

                         ContentUtils.getStringTime(file.getAtime(), file)));

                 n.addNodeProperty(new NodeProperty<>(

                         NbBundle.getMessage(this.getClass(), "KeywordHits.createNodeForKey.chgTime.name"),

                         NbBundle.getMessage(this.getClass(),

                                 "KeywordHits.createNodeForKey.chgTime.displayName"),

                         NbBundle.getMessage(this.getClass(),

                                 "KeywordHits.createNodeForKey.chgTime.desc"),

                         ContentUtils.getStringTime(file.getCtime(), file)));

                 return n;

             } catch (TskException ex) {

                 logger.log(Level.WARNING, "TSK Exception occurred", ex); //NON-NLS

             }

             return null;

         }


         @Override

         public void update(Observable o, Object arg) {

             refresh(true);

         }

     }

 }

org.sleuthkit

org.sleuthkit.autopsy.datamodel.KeywordHits.ListFactory.pcl
final PropertyChangeListener pcl
Definition: KeywordHits.java:264

org.sleuthkit.autopsy.datamodel.KeywordHits
Definition: KeywordHits.java:56

org.sleuthkit.autopsy.datamodel.KeywordHits.KeywordHits
KeywordHits(SleuthkitCase skCase)
Definition: KeywordHits.java:68

org.sleuthkit.autopsy.datamodel.KeywordHits.KEYWORD_HITS
static final String KEYWORD_HITS
Definition: KeywordHits.java:60

org.sleuthkit.autopsy.ingest.ModuleDataEvent.getBlackboardArtifactType
BlackboardArtifact.Type getBlackboardArtifactType()
Definition: ModuleDataEvent.java:104

org.sleuthkit.autopsy.ingest.IngestManager.removeIngestModuleEventListener
void removeIngestModuleEventListener(final PropertyChangeListener listener)
Definition: IngestManager.java:698

org.sleuthkit.autopsy.datamodel.KeywordHits.RootNode.createSheet
Sheet createSheet()
Definition: KeywordHits.java:235

org.sleuthkit.autopsy.datamodel.KeywordHits.TermNode.update
void update(Observable o, Object arg)
Definition: KeywordHits.java:478

org.sleuthkit.autopsy.casemodule.Case
Definition: Case.java:88

org.sleuthkit.autopsy.datamodel.ContentUtils.getStringTime
static String getStringTime(long epochSeconds, TimeZone tzone)
Definition: ContentUtils.java:83

org.sleuthkit.autopsy.datamodel.KeywordHits.TermFactory.createNodeForKey
Node createNodeForKey(String key)
Definition: KeywordHits.java:448

org.sleuthkit.autopsy.ingest.IngestManager.getInstance
static synchronized IngestManager getInstance()
Definition: IngestManager.java:234

org.sleuthkit.autopsy.datamodel.KeywordHits.HitsFactory.update
void update(Observable o, Object arg)
Definition: KeywordHits.java:605

org.sleuthkit.autopsy.datamodel.KeywordHits.keywordResults
final KeywordResults keywordResults
Definition: KeywordHits.java:66

org.sleuthkit.autopsy.datamodel.KeywordHits.HitsFactory.removeNotify
void removeNotify()
Definition: KeywordHits.java:542

org.sleuthkit.autopsy.datamodel.KeywordHits.HitsFactory.setName
String setName
Definition: KeywordHits.java:528

org.sleuthkit.autopsy.datamodel.KeywordHits.ListFactory.removeNotify
void removeNotify()
Definition: KeywordHits.java:328

org.sleuthkit.autopsy.datamodel.KeywordHits.TermNode.setName
String setName
Definition: KeywordHits.java:460

org.sleuthkit.autopsy.datamodel.KeywordHits.ListFactory.update
void update(Observable o, Object arg)
Definition: KeywordHits.java:347

org.sleuthkit.autopsy.casemodule.Case.removePropertyChangeListener
static void removePropertyChangeListener(PropertyChangeListener listener)
Definition: Case.java:318

org.sleuthkit.autopsy.datamodel.ContentUtils
Definition: ContentUtils.java:52

org.sleuthkit.autopsy.datamodel.KeywordHits.RootNode
Definition: KeywordHits.java:215

org.sleuthkit.autopsy.datamodel.KeywordHits.skCase
SleuthkitCase skCase
Definition: KeywordHits.java:58

org

org.sleuthkit.autopsy.datamodel.KeywordHits.ListNode
Definition: KeywordHits.java:352

org.sleuthkit.autopsy.datamodel.KeywordHits.SIMPLE_REGEX_SEARCH
static final String SIMPLE_REGEX_SEARCH
Definition: KeywordHits.java:64

org.sleuthkit.autopsy.casemodule
Definition: AddImageAction.java:19

org.sleuthkit.autopsy.datamodel.KeywordHits.HitsFactory.addNotify
void addNotify()
Definition: KeywordHits.java:537

org.sleuthkit.autopsy.ingest.IngestManager.IngestJobEvent
Definition: IngestManager.java:159

org.sleuthkit.autopsy.datamodel.KeywordHits.ListFactory
Definition: KeywordHits.java:262

org.sleuthkit.autopsy.ingest.ModuleDataEvent
Definition: ModuleDataEvent.java:49

org.sleuthkit.autopsy.datamodel.KeywordHits.ListNode.createSheet
Sheet createSheet()
Definition: KeywordHits.java:375

org.sleuthkit.autopsy.ingest.IngestManager.IngestJobEvent.COMPLETED
COMPLETED
Definition: IngestManager.java:172

org.sleuthkit.autopsy.datamodel.KeywordHits.TermFactory.TermFactory
TermFactory(String setName)
Definition: KeywordHits.java:426

org.sleuthkit.autopsy.datamodel.KeywordHits.ListNode.isLeafTypeNode
boolean isLeafTypeNode()
Definition: KeywordHits.java:397

org.sleuthkit.autopsy.datamodel.KeywordHits.TermNode.keyword
String keyword
Definition: KeywordHits.java:461

org.sleuthkit.autopsy.datamodel.KeywordHits.ListFactory.addNotify
void addNotify()
Definition: KeywordHits.java:319

org.sleuthkit.autopsy.datamodel.KeywordHits.ListNode.updateDisplayName
void updateDisplayName()
Definition: KeywordHits.java:365

org.sleuthkit.autopsy.coreutils
Definition: AutopsyExceptionHandler.java:19

org.sleuthkit.autopsy.coreutils.Logger
Definition: Logger.java:36

org.sleuthkit.autopsy.datamodel.DisplayableItemNodeVisitor.visit
T visit(DataSourcesNode in)

org.sleuthkit.autopsy.datamodel.KeywordHits.KeywordResults.topLevelMap
final Map< String, Map< String, Set< Long > > > topLevelMap
Definition: KeywordHits.java:77

org.sleuthkit.autopsy.datamodel.KeywordHits.ListFactory.createKeys
boolean createKeys(List< String > list)
Definition: KeywordHits.java:336

org.sleuthkit.autopsy.ingest.IngestManager.removeIngestJobEventListener
void removeIngestJobEventListener(final PropertyChangeListener listener)
Definition: IngestManager.java:680

org.sleuthkit.autopsy.datamodel.KeywordHits.TermFactory.setName
String setName
Definition: KeywordHits.java:424

org.sleuthkit.autopsy.datamodel.KeywordHits.TermNode.TermNode
TermNode(String setName, String keyword)
Definition: KeywordHits.java:463

org.sleuthkit.autopsy.datamodel.KeywordHits.TermFactory.createKeys
boolean createKeys(List< String > list)
Definition: KeywordHits.java:442

org.sleuthkit.autopsy.datamodel.KeywordHits.ListNode.update
void update(Observable o, Object arg)
Definition: KeywordHits.java:407

org.sleuthkit.autopsy.datamodel.KeywordHits.TermFactory
Definition: KeywordHits.java:422

org.sleuthkit.autopsy.casemodule.Case.Events
Definition: Case.java:172

org.sleuthkit.autopsy.datamodel.DisplayableItemNodeVisitor
Definition: DisplayableItemNodeVisitor.java:31

org.sleuthkit.autopsy.datamodel.KeywordHits.TermNode
Definition: KeywordHits.java:458

org.sleuthkit.autopsy.ingest
Definition: DataSourceIngestCancellationPanel.java:19

org.sleuthkit.autopsy.ingest.IngestManager.addIngestJobEventListener
void addIngestJobEventListener(final PropertyChangeListener listener)
Definition: IngestManager.java:671

org.sleuthkit.autopsy.datamodel.KeywordHits.RootNode.RootNode
RootNode()
Definition: KeywordHits.java:217

org.sleuthkit.autopsy.ingest.IngestManager
Definition: IngestManager.java:68

org.sleuthkit.autopsy.datamodel.KeywordHits.HitsFactory.createNodeForKey
Node createNodeForKey(Long artifactId)
Definition: KeywordHits.java:553

org.sleuthkit.autopsy.datamodel.KeywordHits.ListFactory.createNodeForKey
Node createNodeForKey(String key)
Definition: KeywordHits.java:342

org.sleuthkit.autopsy.ingest.IngestManager.IngestModuleEvent.DATA_ADDED
DATA_ADDED
Definition: IngestManager.java:210

org.sleuthkit.autopsy.datamodel.AutopsyItemVisitor.visit
T visit(DataSources i)

org.sleuthkit.autopsy.datamodel.KeywordHits.KeywordResults
Definition: KeywordHits.java:73

org.sleuthkit.autopsy.datamodel.KeywordHits.ListNode.ListNode
ListNode(String listName)
Definition: KeywordHits.java:356

org.sleuthkit.autopsy.datamodel.KeywordHits.HitsFactory.createKeys
boolean createKeys(List< Long > list)
Definition: KeywordHits.java:547

org.sleuthkit.autopsy.casemodule.Case.addPropertyChangeListener
static void addPropertyChangeListener(PropertyChangeListener listener)
Definition: Case.java:306

org.sleuthkit.autopsy.datamodel.KeywordHits.ListNode.listName
String listName
Definition: KeywordHits.java:354

org.sleuthkit.autopsy.datamodel.KeywordHits.TermNode.updateDisplayName
void updateDisplayName()
Definition: KeywordHits.java:473

org.sleuthkit.autopsy.casemodule.Case.Events.CURRENT_CASE
CURRENT_CASE
Definition: Case.java:229

org.sleuthkit.autopsy.datamodel.NodeProperty
Definition: NodeProperty.java:28

org.sleuthkit.autopsy.datamodel.KeywordHits.logger
static final Logger logger
Definition: KeywordHits.java:59

org.sleuthkit.autopsy.datamodel.KeywordHits.TermFactory.addNotify
void addNotify()
Definition: KeywordHits.java:432

org.sleuthkit.autopsy.datamodel.KeywordHits.TermNode.isLeafTypeNode
boolean isLeafTypeNode()
Definition: KeywordHits.java:483

org.sleuthkit.autopsy.datamodel.KeywordHits.HitsFactory.keyword
String keyword
Definition: KeywordHits.java:527

org.sleuthkit.autopsy.datamodel.KeywordHits.TermFactory.removeNotify
void removeNotify()
Definition: KeywordHits.java:437

org.sleuthkit.autopsy.ingest.IngestManager.addIngestModuleEventListener
void addIngestModuleEventListener(final PropertyChangeListener listener)
Definition: IngestManager.java:689

org.sleuthkit.autopsy.datamodel.KeywordHits.KeywordResults.update
void update()
Definition: KeywordHits.java:169

org.sleuthkit.autopsy.casemodule.Case.getCurrentCase
static Case getCurrentCase()
Definition: Case.java:380

org.sleuthkit.autopsy.coreutils.Logger.getLogger
synchronized static Logger getLogger(String name)
Definition: Logger.java:161

org.sleuthkit.autopsy.datamodel.KeywordHits.RootNode.isLeafTypeNode
boolean isLeafTypeNode()
Definition: KeywordHits.java:225

org.sleuthkit.autopsy.ingest.IngestManager.IngestJobEvent.CANCELLED
CANCELLED
Definition: IngestManager.java:178

org.sleuthkit.autopsy

org.sleuthkit.autopsy.datamodel.AutopsyItemVisitor
Definition: AutopsyItemVisitor.java:30

org.sleuthkit.autopsy.datamodel.AutopsyVisitableItem
Definition: AutopsyVisitableItem.java:26

org.sleuthkit.autopsy.ingest.IngestManager.IngestModuleEvent
Definition: IngestManager.java:202

org.sleuthkit.autopsy.datamodel.BlackboardArtifactNode
Definition: BlackboardArtifactNode.java:52

org.sleuthkit.autopsy.datamodel.BlackboardArtifactNode.addNodeProperty
void addNodeProperty(NodeProperty<?> np)
Definition: BlackboardArtifactNode.java:320

org.sleuthkit.autopsy.datamodel.KeywordHits.NAME
static final String NAME
Definition: KeywordHits.java:61

org.sleuthkit.autopsy.datamodel.KeywordHits.HitsFactory
Definition: KeywordHits.java:525

org.sleuthkit.autopsy.datamodel.KeywordHits.SIMPLE_LITERAL_SEARCH
static final String SIMPLE_LITERAL_SEARCH
Definition: KeywordHits.java:62

org.sleuthkit.autopsy.datamodel.KeywordHits.TermNode.createSheet
Sheet createSheet()
Definition: KeywordHits.java:493

org.sleuthkit.autopsy.datamodel.KeywordHits.TermFactory.update
void update(Observable o, Object arg)
Definition: KeywordHits.java:453

org.sleuthkit.autopsy.datamodel.KeywordHits.HitsFactory.HitsFactory
HitsFactory(String setName, String keyword)
Definition: KeywordHits.java:530

org.sleuthkit.autopsy.datamodel.DisplayableItemNode
Definition: DisplayableItemNode.java:34