Autopsy
4.15.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
|
Inherits Runnable.
Classes | |
class | AnalysisStartupException |
class | DoNothingDSPProgressMonitor |
class | IngestJobEventListener |
Public Member Functions | |
void | run () |
Private Member Functions | |
JobProcessingTask () | |
void | analyze (AutoIngestDataSource dataSource, String ingestProfileName) throws AnalysisStartupException, InterruptedException |
Path | createCaseFolderPath (Path caseFoldersPath, String caseName) |
String | findAutFile (String caseDirectory) throws CaseActionException |
Path | findCaseDirectory (Path folderToSearch, String caseName) |
String | getOutputDirPath (Case caseForJob) |
FilesSet | getSelectedFilter (String filterName) |
IngestProfiles.IngestProfile | getSelectedProfile (String ingestProfileName) |
void | logDataSourceProcessorResult (AutoIngestDataSource dataSource) |
void | openCase (String baseCaseName, String rootOutputDirectory, CaseType caseType) throws CaseActionException |
void | openCase (String caseFolderPath) throws CaseActionException |
void | runDataSourceProcessor (Case caseForJob, AutoIngestDataSource dataSource) throws InterruptedException, AutoIngestDataSourceProcessor.AutoIngestDataSourceProcessorException |
Private Attributes | |
final Object | ingestLock |
Definition at line 104 of file CommandLineIngestManager.java.
|
private |
Definition at line 108 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.core.RuntimeProperties.setRunningWithGUI().
|
private |
Analyzes the data source content returned by the data source processor using the configured set of data source level and file level analysis modules. If an ingest profile is specified, load that profile (profile = ingest context + ingest filter) for ingest. Otherwise use baseline configuration.
dataSource | The data source to analyze. |
ingestProfileName | Name of ingest profile to use (optional) |
AnalysisStartupException | if there is an error analyzing the data source. |
InterruptedException | if the thread running the job processing task is interrupted while blocked, i.e., if auto ingest is shutting down. |
Definition at line 549 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.ingest.IngestManager.addIngestJobEventListener(), org.sleuthkit.autopsy.ingest.IngestManager.beginIngestJob(), org.sleuthkit.autopsy.commandlineingest.UserPreferences.getCommandLineModeIngestModuleContextString(), org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getContent(), org.sleuthkit.autopsy.ingest.IngestManager.getInstance(), org.sleuthkit.autopsy.ingest.IngestJobStartResult.getJob(), org.sleuthkit.autopsy.ingest.IngestJobStartResult.getModuleErrors(), org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getPath(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.getSelectedFilter(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.getSelectedProfile(), org.sleuthkit.autopsy.ingest.IngestJob.getSnapshot(), org.sleuthkit.autopsy.ingest.IngestJobStartResult.getStartupException(), org.sleuthkit.autopsy.ingest.IngestJobSettings.getWarnings(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.INGEST_JOB_EVENTS_OF_INTEREST, org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.ingestLock, org.sleuthkit.autopsy.ingest.IngestJob.CancellationReason.NOT_CANCELLED, org.sleuthkit.autopsy.ingest.IngestManager.removeIngestJobEventListener(), org.sleuthkit.autopsy.ingest.IngestJobSettings.setFileFilter(), and org.sleuthkit.autopsy.ingest.IngestJob.CancellationReason.USER_CANCELLED.
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.run().
|
private |
Creates a case folder path. Does not create the folder described by the path.
caseFoldersPath | The root case folders path. |
caseName | The name of the case. |
Definition at line 696 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.coreutils.TimeStampUtils.createTimeStamp().
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.openCase().
|
private |
Finds the path to the .aut file for the specified case directory.
caseDirectory | the directory to check for a .aut file |
CaseActionException | if there was an issue finding a .aut file |
Definition at line 399 of file CommandLineIngestManager.java.
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.openCase().
|
private |
Searches a given folder for the most recently modified case folder for a case.
folderToSearch | The folder to be searched. |
caseName | The name of the case for which a case folder is to be found. |
Definition at line 711 of file CommandLineIngestManager.java.
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.openCase().
|
private |
Returns full path to directory where command outputs should be saved.
caseForJob | Case object |
Definition at line 736 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.casemodule.Case.getCaseDirectory(), and org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.LOG_DIR_NAME.
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.run().
|
private |
Gets the specified file filter from the list of all existing file filters (custom and standard).
filterName | Name of the file filter |
Definition at line 673 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.modules.interestingitems.FilesSetsManager.getCustomFileIngestFilters(), org.sleuthkit.autopsy.modules.interestingitems.FilesSetsManager.getInstance(), and org.sleuthkit.autopsy.modules.interestingitems.FilesSetsManager.getStandardFileIngestFilters().
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.analyze().
|
private |
Gets the specified ingest profile from the list of all existing ingest profiles.
ingestProfileName | Ingest profile name |
Definition at line 651 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.ingest.IngestProfiles.getIngestProfiles().
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.analyze().
|
private |
Logs the results of running a data source processor on the data source for the current job.
dataSource | The data source. |
Definition at line 498 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getContent(), org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getDataSourceProcessorErrorMessages(), org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getPath(), and org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getResultDataSourceProcessorResultCode().
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.runDataSourceProcessor().
|
private |
Creates a new case using arguments passed in from command line CREATE_CASE command.
baseCaseName | Case name |
rootOutputDirectory | Full path to directory in which case output folder will be created |
caseType | Type of case being created |
CaseActionException |
Definition at line 350 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.casemodule.Case.createAsCurrentCase(), org.sleuthkit.autopsy.casemodule.Case.createCaseDirectory(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.createCaseFolderPath(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.findCaseDirectory(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCase(), org.sleuthkit.autopsy.casemodule.Case.getName(), and org.sleuthkit.autopsy.casemodule.Case.CaseType.SINGLE_USER_CASE.
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.run().
|
private |
Opens existing case.
caseFolderPath | full path to case directory |
CaseActionException |
Definition at line 379 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.findAutFile(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCase(), org.sleuthkit.autopsy.casemodule.Case.getName(), and org.sleuthkit.autopsy.casemodule.Case.openAsCurrentCase().
void org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.run | ( | ) |
Requests the list of command line commands from command line options processor and executes the commands one by one.
Definition at line 123 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.analyze(), org.sleuthkit.autopsy.casemodule.Case.closeCurrentCase(), org.sleuthkit.autopsy.report.infrastructure.ReportGenerator.generateReports(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCaseThrows(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.getOutputDirPath(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestSettingsPanel.getReportingConfigName(), org.sleuthkit.autopsy.casemodule.Case.getSleuthkitCase(), org.sleuthkit.autopsy.casemodule.Case.CaseType.MULTI_USER_CASE, org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.openCase(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.runDataSourceProcessor(), org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.setDataSourceProcessorOutput(), org.sleuthkit.autopsy.casemodule.Case.CaseType.SINGLE_USER_CASE, and org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.stop().
|
private |
Passes the data source for the current job through a data source processor that adds it to the case database.
caseForJob | The case |
dataSource | The data source. |
AutoIngestDataSourceProcessor.AutoIngestDataSourceProcessorExceptioif | there was a DSP processing error |
ead | running the job processing task is interrupted while blocked, i.e., if auto ingest is shutting down. |
Definition at line 440 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getContent(), org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getDeviceId(), org.sleuthkit.autopsy.datasourceprocessors.DataSourceProcessorUtility.getOrderedListOfDataSourceProcessors(), org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getPath(), org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getResultDataSourceProcessorResultCode(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.ingestLock, org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.logDataSourceProcessorResult(), and org.sleuthkit.autopsy.casemodule.Case.notifyAddingDataSource().
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.run().
|
private |
Definition at line 106 of file CommandLineIngestManager.java.
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.analyze(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.IngestJobEventListener.propertyChange(), and org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.runDataSourceProcessor().
Copyright © 2012-2020 Basis Technology. Generated on: Mon Jul 6 2020
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.