Autopsy  4.1
Graphical digital forensics platform for The Sleuth Kit and other tools.
Classes | Public Member Functions | Static Public Member Functions | Private Member Functions | Private Attributes | Static Private Attributes | List of all members
org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager Class Reference

Inherits PropertyChangeListener.

Classes

class  HashDb
 
class  HashDbIndexer
 
class  HashDbManagerException
 
enum  SetEvt
 

Public Member Functions

synchronized HashDb addExistingHashDatabase (String hashSetName, String path, boolean searchDuringIngest, boolean sendIngestMessages, HashDb.KnownFilesType knownFilesType) throws HashDbManagerException
 
synchronized HashDb addNewHashDatabase (String hashSetName, String path, boolean searchDuringIngest, boolean sendIngestMessages, HashDb.KnownFilesType knownFilesType) throws HashDbManagerException
 
synchronized HashDb addNewHashDatabaseNoSave (String hashSetName, String path, boolean searchDuringIngest, boolean sendIngestMessages, HashDb.KnownFilesType knownFilesType) throws HashDbManagerException
 
synchronized void addPropertyChangeListener (PropertyChangeListener listener)
 
synchronized List< HashDbgetAllHashSets ()
 
synchronized List< HashDbgetKnownBadFileHashSets ()
 
synchronized List< HashDbgetKnownFileHashSets ()
 
synchronized List< HashDbgetUpdateableHashSets ()
 
synchronized void loadLastSavedConfiguration ()
 
void propertyChange (PropertyChangeEvent event)
 
synchronized void removeHashDatabase (HashDb hashDb) throws HashDbManagerException
 
synchronized void removeHashDatabaseNoSave (HashDb hashDb) throws HashDbManagerException
 
synchronized void removePropertyChangeListener (PropertyChangeListener listener)
 

Static Public Member Functions

static synchronized HashDbManager getInstance ()
 

Private Member Functions

 HashDbManager ()
 
HashDb addHashDatabase (int handle, String hashSetName, boolean searchDuringIngest, boolean sendIngestMessages, HashDb.KnownFilesType knownFilesType) throws TskCoreException
 
void closeHashDatabases (List< HashDb > hashDatabases)
 
void configureSettings (HashLookupSettings settings)
 
List< HashDbgetUpdateableHashSets (List< HashDb > hashDbs)
 
String getValidFilePath (String hashSetName, String configuredPath)
 
void loadHashsetsConfiguration ()
 
String searchForFile ()
 

Private Attributes

boolean allDatabasesLoadedCorrectly = false
 
Set< String > hashSetNames = new HashSet<>()
 
Set< String > hashSetPaths = new HashSet<>()
 
List< HashDbknownBadHashSets = new ArrayList<>()
 
List< HashDbknownHashSets = new ArrayList<>()
 

Static Private Attributes

static final String HASH_DATABASE_FILE_EXTENSON = "kdb"
 
static HashDbManager instance = null
 
static final Logger logger = Logger.getLogger(HashDbManager.class.getName())
 

Detailed Description

This class implements a singleton that manages the set of hash databases used to classify files as unknown, known or known bad.

Definition at line 57 of file HashDbManager.java.

Constructor & Destructor Documentation

org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.HashDbManager ( )
private

Member Function Documentation

synchronized HashDb org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.addExistingHashDatabase ( String  hashSetName,
String  path,
boolean  searchDuringIngest,
boolean  sendIngestMessages,
HashDb.KnownFilesType  knownFilesType 
) throws HashDbManagerException

Adds an existing hash database to the set of hash databases used to classify files as known or known bad and saves the configuration.

Parameters
hashSetNameName used to represent the hash database in user interface components.
pathFull path to either a hash database file or a hash database index file.
searchDuringIngestA flag indicating whether or not the hash database should be searched during ingest.
sendIngestMessagesA flag indicating whether hash set hit messages should be sent as ingest messages.
knownFilesTypeThe classification to apply to files whose hashes are found in the hash database.
Returns
A HashDb representing the hash database.
Exceptions
HashDbManagerException

Definition at line 148 of file HashDbManager.java.

HashDb org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.addHashDatabase ( int  handle,
String  hashSetName,
boolean  searchDuringIngest,
boolean  sendIngestMessages,
HashDb.KnownFilesType  knownFilesType 
) throws TskCoreException
private
synchronized HashDb org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.addNewHashDatabase ( String  hashSetName,
String  path,
boolean  searchDuringIngest,
boolean  sendIngestMessages,
HashDb.KnownFilesType  knownFilesType 
) throws HashDbManagerException

Adds a new hash database to the set of hash databases used to classify files as known or known bad and saves the configuration.

Parameters
hashSetNameHash set name used to represent the hash database in user interface components.
pathFull path to the database file to be created.
searchDuringIngestA flag indicating whether or not the hash database should be searched during ingest.
sendIngestMessagesA flag indicating whether hash set hit messages should be sent as ingest messages.
knownFilesTypeThe classification to apply to files whose hashes are found in the hash database.
Returns
A HashDb representing the hash database.
Exceptions
HashDbManagerException

Definition at line 195 of file HashDbManager.java.

References org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.addNewHashDatabaseNoSave().

synchronized HashDb org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.addNewHashDatabaseNoSave ( String  hashSetName,
String  path,
boolean  searchDuringIngest,
boolean  sendIngestMessages,
HashDb.KnownFilesType  knownFilesType 
) throws HashDbManagerException
synchronized void org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.addPropertyChangeListener ( PropertyChangeListener  listener)
void org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.closeHashDatabases ( List< HashDb hashDatabases)
private
void org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.configureSettings ( HashLookupSettings  settings)
private
synchronized List<HashDb> org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.getAllHashSets ( )

Gets all of the hash databases used to classify files as known or known bad.

Returns
A list, possibly empty, of hash databases.

Definition at line 371 of file HashDbManager.java.

Referenced by org.sleuthkit.autopsy.modules.hashdatabase.HashLookupSettingsPanel.saveSettings().

static synchronized HashDbManager org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.getInstance ( )
static
synchronized List<HashDb> org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.getKnownBadFileHashSets ( )
synchronized List<HashDb> org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.getKnownFileHashSets ( )
synchronized List<HashDb> org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.getUpdateableHashSets ( )

Gets all of the hash databases that accept updates.

Returns
A list, possibly empty, of hash databases.

Definition at line 405 of file HashDbManager.java.

List<HashDb> org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.getUpdateableHashSets ( List< HashDb hashDbs)
private
String org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.getValidFilePath ( String  hashSetName,
String  configuredPath 
)
private
void org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.loadHashsetsConfiguration ( )
private
synchronized void org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.loadLastSavedConfiguration ( )
void org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.propertyChange ( PropertyChangeEvent  event)
synchronized void org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.removeHashDatabase ( HashDb  hashDb) throws HashDbManagerException

Removes a hash database from the set of hash databases used to classify files as known or known bad and saves the configuration.

Parameters
hashDb
Exceptions
HashDbManagerException

Definition at line 304 of file HashDbManager.java.

References org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.removeHashDatabaseNoSave().

synchronized void org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.removeHashDatabaseNoSave ( HashDb  hashDb) throws HashDbManagerException
synchronized void org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.removePropertyChangeListener ( PropertyChangeListener  listener)

Definition at line 95 of file HashDbManager.java.

String org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.searchForFile ( )
private

Member Data Documentation

boolean org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.allDatabasesLoadedCorrectly = false
private

Definition at line 67 of file HashDbManager.java.

final String org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.HASH_DATABASE_FILE_EXTENSON = "kdb"
staticprivate

Definition at line 59 of file HashDbManager.java.

Set<String> org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.hashSetNames = new HashSet<>()
private

Definition at line 63 of file HashDbManager.java.

Set<String> org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.hashSetPaths = new HashSet<>()
private

Definition at line 64 of file HashDbManager.java.

HashDbManager org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.instance = null
staticprivate
List<HashDb> org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.knownBadHashSets = new ArrayList<>()
private

Definition at line 62 of file HashDbManager.java.

List<HashDb> org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.knownHashSets = new ArrayList<>()
private

Definition at line 61 of file HashDbManager.java.

final Logger org.sleuthkit.autopsy.modules.hashdatabase.HashDbManager.logger = Logger.getLogger(HashDbManager.class.getName())
staticprivate

Definition at line 66 of file HashDbManager.java.


The documentation for this class was generated from the following file:

Copyright © 2012-2016 Basis Technology. Generated on: Mon Jan 2 2017
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.