Autopsy  4.1
Graphical digital forensics platform for The Sleuth Kit and other tools.
Classes | Public Member Functions | Private Member Functions | Static Private Member Functions | Private Attributes | Static Private Attributes | List of all members
org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule Class Reference

Inherits org.sleuthkit.autopsy.ingest.FileIngestModule.


class  Indexer
enum  IngestStatus
enum  UpdateFrequency

Public Member Functions

ProcessResult process (AbstractFile abstractFile)
void shutDown ()
void startUp (IngestJobContext context) throws IngestModuleException

Private Member Functions

void cleanup ()
void postIndexSummary ()
void stop ()

Static Private Member Functions

static void putIngestStatus (long ingestJobId, long fileId, IngestStatus status)

Private Attributes

IngestJobContext context
long dataSourceId
FileTypeDetector fileTypeDetector
Indexer indexer
Ingester ingester = null
boolean initialized = false
int instanceNum = 0
long jobId
final IngestServices services = IngestServices.getInstance()
final KeywordSearchJobSettings settings
boolean startedSearching = false
StringsTextExtractor stringExtractor
List< TextExtractor > textExtractors

Static Private Attributes

static final Map< Long, Map< Long, IngestStatus > > ingestStatus = new HashMap<>()
static final AtomicInteger instanceCount = new AtomicInteger(0)
static final Logger logger = Logger.getLogger(KeywordSearchIngestModule.class.getName())
static final IngestModuleReferenceCounter refCounter = new IngestModuleReferenceCounter()

Detailed Description

An ingest module on a file level Performs indexing of allocated and Solr supported files, string extraction and indexing of unallocated and not Solr supported files Index commit is done periodically (determined by user set ingest update interval) Runs a periodic keyword / regular expression search on currently configured lists for ingest and writes results to blackboard Reports interesting events to Inbox and to viewers

Definition at line 63 of file

Member Function Documentation

void org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.cleanup ( )

Common cleanup code when module stops or final searcher completes

Definition at line 326 of file

void org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.postIndexSummary ( )
ProcessResult org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.process ( AbstractFile  file)
static void org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.putIngestStatus ( long  ingestJobId,
long  fileId,
IngestStatus  status 

Records the ingest status for a given file for a given ingest job. Used for final statistics at the end of the job.

ingestJobIdid of ingest job
fileIdid of file
statusingest status of the file

Definition at line 121 of file

void org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.shutDown ( )
void org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.startUp ( IngestJobContext  context) throws IngestModuleException
void org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.stop ( )

Handle stop event (ingest interrupted) Cleanup resources, threads, timers

Definition at line 315 of file

References org.sleuthkit.autopsy.keywordsearch.SearchRunner.getInstance(), and org.sleuthkit.autopsy.keywordsearch.SearchRunner.stopJob().

Member Data Documentation

IngestJobContext org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.context
long org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.dataSourceId

Definition at line 97 of file

FileTypeDetector org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.fileTypeDetector

Definition at line 87 of file

Indexer org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.indexer

Definition at line 86 of file

Ingester org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.ingester = null

Definition at line 85 of file

final Map<Long, Map<Long, IngestStatus> > org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.ingestStatus = new HashMap<>()

Definition at line 112 of file

boolean org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.initialized = false

Definition at line 95 of file

final AtomicInteger org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.instanceCount = new AtomicInteger(0)

Definition at line 98 of file

int org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.instanceNum = 0

Definition at line 99 of file

long org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.jobId

Definition at line 96 of file

final Logger org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.logger = Logger.getLogger(KeywordSearchIngestModule.class.getName())

Definition at line 83 of file

final IngestModuleReferenceCounter org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.refCounter = new IngestModuleReferenceCounter()

Definition at line 100 of file

final IngestServices = IngestServices.getInstance()

Definition at line 84 of file

final KeywordSearchJobSettings org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.settings

Definition at line 94 of file

boolean org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.startedSearching = false

Definition at line 91 of file

StringsTextExtractor org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.stringExtractor

Definition at line 93 of file

List<TextExtractor> org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.textExtractors

Definition at line 92 of file

The documentation for this class was generated from the following file:

Copyright © 2012-2016 Basis Technology. Generated on: Tue Oct 25 2016
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.