Autopsy  4.5.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
Public Member Functions | Static Public Member Functions | Public Attributes | Static Public Attributes | Private Member Functions | Private Attributes | List of all members
org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes Enum Reference

Inherits org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType, and org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.

Public Member Functions

BlackboardArtifact.Type getArtifactType ()
 
default int getArtifactTypeID ()
 
default BaseTypes getBaseType ()
 
default Color getColor ()
 
BlackboardAttribute.Type getDateTimeAttributeType ()
 
String getDisplayName ()
 
Function< BlackboardArtifact, String > getFullExtractor ()
 
Image getFXImage ()
 
String getIconBase ()
 
Function< BlackboardArtifact, String > getMedExtractor ()
 
Function< BlackboardArtifact, String > getShortExtractor ()
 
default List<?extends EventTypegetSiblingTypes ()
 
EventType getSubType (String string)
 
List<?extends EventTypegetSubTypes ()
 
default List<?extends EventTypegetSubTypesRecusive ()
 
EventType getSuperType ()
 
EventTypeZoomLevel getZoomLevel ()
 
int ordinal ()
 
default AttributeEventDescription parseAttributesHelper (BlackboardArtifact artf) throws TskCoreException
 

Static Public Member Functions

static AttributeEventDescription buildEventDescription (ArtifactEventType type, BlackboardArtifact artf) throws TskCoreException
 
static BlackboardAttribute getAttributeSafe (BlackboardArtifact artf, BlackboardAttribute.Type attrType)
 
static Comparator< EventTypegetComparator ()
 
static String stringValueOf (BlackboardAttribute attr)
 
static String toFrom (BlackboardAttribute dir)
 

Public Attributes

 CALL_LOG
 
 DEVICES_ATTACHED
 
 EMAIL
 
 EXIF
 
 GPS_ROUTE
 
 GPS_TRACKPOINT
 
 INSTALLED_PROGRAM
 
 MESSAGE
 
 RECENT_DOCUMENTS
 

Static Public Attributes

static final List<?extends EventTypeallTypes = RootEventType.getInstance().getSubTypesRecusive()
 
static final Logger LOGGER = Logger.getLogger(ArtifactEventType.class.getName())
 

Private Member Functions

 MiscTypes (String displayName, String iconBase, BlackboardArtifact.Type artifactType, BlackboardAttribute.Type dateTimeAttributeType, Function< BlackboardArtifact, String > shortExtractor, Function< BlackboardArtifact, String > medExtractor, Function< BlackboardArtifact, String > longExtractor)
 

Private Attributes

final BlackboardArtifact.Type artifactType
 
final BlackboardAttribute.Type dateTimeAttributeType
 
final String displayName
 
final String iconBase
 
final Image image
 
final Function< BlackboardArtifact, String > longExtractor
 
final Function< BlackboardArtifact, String > medExtractor
 
final Function< BlackboardArtifact, String > shortExtractor
 

Detailed Description

Definition at line 42 of file MiscTypes.java.

Constructor & Destructor Documentation

org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.MiscTypes ( String  displayName,
String  iconBase,
BlackboardArtifact.Type  artifactType,
BlackboardAttribute.Type  dateTimeAttributeType,
Function< BlackboardArtifact, String >  shortExtractor,
Function< BlackboardArtifact, String >  medExtractor,
Function< BlackboardArtifact, String >  longExtractor 
)
private

Definition at line 230 of file MiscTypes.java.

Member Function Documentation

static AttributeEventDescription org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.buildEventDescription ( ArtifactEventType  type,
BlackboardArtifact  artf 
) throws TskCoreException
staticinherited

Build a AttributeEventDescription derived from a BlackboardArtifact. This is a template method that relies on each ArtifactEventType's implementation of ArtifactEventType::parseAttributesHelper() to know how to go from BlackboardAttributes to the event description.

Parameters
type
artfthe BlackboardArtifact to derive the event description from
Returns
an AttributeEventDescription derived from the given artifact, if the given artifact has no timestamp
Exceptions
TskCoreExceptionis there is a problem accessing the blackboard data

Definition at line 159 of file ArtifactEventType.java.

Referenced by org.sleuthkit.autopsy.timeline.db.EventsRepository.DBPopulationWorker.insertEventForArtifact().

BlackboardArtifact.Type org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.getArtifactType ( )

Get the artifact type this event type is derived from.

Returns
The artifact type this event type is derived from.

Implements org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.

Definition at line 256 of file MiscTypes.java.

default int org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.getArtifactTypeID ( )
inherited

Get the ID of the the artifact type that this EventType is derived from.

Returns
the ID of the the artifact type that this EventType is derived from.

Definition at line 58 of file ArtifactEventType.java.

References org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.getArtifactType().

Referenced by org.sleuthkit.autopsy.timeline.db.EventsRepository.DBPopulationWorker.populateEventType().

static BlackboardAttribute org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.getAttributeSafe ( BlackboardArtifact  artf,
BlackboardAttribute.Type  attrType 
)
staticinherited

Definition at line 198 of file ArtifactEventType.java.

Referenced by org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.AttributeExtractor.apply().

default BaseTypes org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getBaseType ( )
inherited

Definition at line 42 of file EventType.java.

References org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getBaseType(), and org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getSuperType().

Referenced by org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getBaseType().

default Color org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getColor ( )
inherited
Returns
the color used to represent this event type visually

Implemented in org.sleuthkit.autopsy.timeline.datamodel.eventtype.RootEventType.

Definition at line 63 of file EventType.java.

References org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getColor(), org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getSiblingTypes(), org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getSubTypes(), org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getSuperType(), and org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.ordinal().

Referenced by org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getColor(), and org.sleuthkit.autopsy.timeline.filters.TypeFilter.getColor().

static Comparator<EventType> org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getComparator ( )
staticinherited

Definition at line 37 of file EventType.java.

BlackboardAttribute.Type org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.getDateTimeAttributeType ( )

The attribute type this event type is derived from.

Returns
The attribute type this event type is derived from.

Implements org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.

Definition at line 202 of file MiscTypes.java.

String org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.getDisplayName ( )

Implements org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.

Definition at line 216 of file MiscTypes.java.

Function<BlackboardArtifact, String> org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.getFullExtractor ( )
Returns
a function from an artifact to a String to use as part of the full event description

Implements org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.

Definition at line 187 of file MiscTypes.java.

Image org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.getFXImage ( )

Implements org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.

Definition at line 176 of file MiscTypes.java.

String org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.getIconBase ( )

Implements org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.

Definition at line 221 of file MiscTypes.java.

Function<BlackboardArtifact, String> org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.getMedExtractor ( )
Returns
a function from an artifact to a String to use as part of the medium event description

Implements org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.

Definition at line 192 of file MiscTypes.java.

Function<BlackboardArtifact, String> org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.getShortExtractor ( )
Returns
a function from an artifact to a String to use as part of the short event description

Implements org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.

Definition at line 197 of file MiscTypes.java.

default List<? extends EventType> org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getSiblingTypes ( )
inherited

Implemented in org.sleuthkit.autopsy.timeline.datamodel.eventtype.RootEventType.

Definition at line 79 of file EventType.java.

References org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getSubTypes(), and org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getSuperType().

Referenced by org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getColor().

EventType org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.getSubType ( String  string)

Implements org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.

Definition at line 226 of file MiscTypes.java.

List<? extends EventType> org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.getSubTypes ( )
Returns
a list of event types, one for each subtype of this eventype, or an empty list if this event type has no subtypes

Implements org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.

Definition at line 251 of file MiscTypes.java.

default List<? extends EventType> org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getSubTypesRecusive ( )
inherited

Definition at line 50 of file EventType.java.

References org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getSubTypes().

EventType org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.getSuperType ( )
Returns
the super type of this event

Implements org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.

Definition at line 246 of file MiscTypes.java.

References org.sleuthkit.autopsy.timeline.datamodel.eventtype.BaseTypes.MISC_TYPES.

EventTypeZoomLevel org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.getZoomLevel ( )

Implements org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.

Definition at line 207 of file MiscTypes.java.

References org.sleuthkit.autopsy.timeline.zooming.EventTypeZoomLevel.SUB_TYPE.

int org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.ordinal ( )
inherited

Implemented in org.sleuthkit.autopsy.timeline.datamodel.eventtype.RootEventType.

Referenced by org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.getColor().

default AttributeEventDescription org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.parseAttributesHelper ( BlackboardArtifact  artf) throws TskCoreException
inherited

given an artifact, pull out the time stamp, and compose the descriptions. Each implementation of ArtifactEventType needs to implement parseAttributesHelper() as hook for buildEventDescription(org.sleuthkit.datamodel.BlackboardArtifact) to invoke. Most subtypes can use this default implementation.

Parameters
artf
Returns
an AttributeEventDescription containing the timestamp and description information
Exceptions
TskCoreException

Definition at line 75 of file ArtifactEventType.java.

References org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.getDateTimeAttributeType(), org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.getFullExtractor(), org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.getMedExtractor(), and org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.getShortExtractor().

static String org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.stringValueOf ( BlackboardAttribute  attr)
static

Definition at line 148 of file MiscTypes.java.

static String org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.toFrom ( BlackboardAttribute  dir)
static

Definition at line 154 of file MiscTypes.java.

Member Data Documentation

final List<? extends EventType> org.sleuthkit.autopsy.timeline.datamodel.eventtype.EventType.allTypes = RootEventType.getInstance().getSubTypesRecusive()
staticinherited

Definition at line 35 of file EventType.java.

Referenced by org.sleuthkit.autopsy.timeline.db.EventDB.constructTimeLineEvent(), org.sleuthkit.autopsy.timeline.db.EventDB.countEventsByType(), org.sleuthkit.autopsy.timeline.db.EventDB.eventClusterHelper(), and org.sleuthkit.autopsy.timeline.db.EventsRepository.DBPopulationWorker.insertArtifactDerivedEvents().

final BlackboardArtifact.Type org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.artifactType
private

Definition at line 213 of file MiscTypes.java.

org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.CALL_LOG
Initial value:
=(NbBundle.getMessage(MiscTypes.class, "MiscTypes.Calls.name"), "calllog.png",
new BlackboardArtifact.Type(ARTIFACT_TYPE.TSK_CALLLOG),
new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DATETIME_START),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_NAME)),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_PHONE_NUMBER)),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DIRECTION)))

Definition at line 80 of file MiscTypes.java.

final BlackboardAttribute.Type org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.dateTimeAttributeType
private

Definition at line 169 of file MiscTypes.java.

org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.DEVICES_ATTACHED
Initial value:
=(NbBundle.getMessage(MiscTypes.class, "MiscTypes.devicesAttached.name"), "usb_devices.png",
new BlackboardArtifact.Type(ARTIFACT_TYPE.TSK_DEVICE_ATTACHED),
new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DATETIME),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DEVICE_MAKE)),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DEVICE_MODEL)),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DEVICE_ID)))

Definition at line 141 of file MiscTypes.java.

final String org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.displayName
private

Definition at line 211 of file MiscTypes.java.

org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.EMAIL
Initial value:
=(NbBundle.getMessage(MiscTypes.class, "MiscTypes.Email.name"), "mail-icon-16.png",
new BlackboardArtifact.Type(ARTIFACT_TYPE.TSK_EMAIL_MSG),
new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DATETIME_SENT),
artf -> {
final BlackboardAttribute emailFrom = getAttributeSafe(artf, new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_EMAIL_FROM));
final BlackboardAttribute emailTo = getAttributeSafe(artf, new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_EMAIL_TO));
return stringValueOf(emailFrom) + " to " + stringValueOf(emailTo);
},
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_SUBJECT)),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_EMAIL_CONTENT_PLAIN)))

Definition at line 86 of file MiscTypes.java.

org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.EXIF
Initial value:
=(NbBundle.getMessage(MiscTypes.class, "MiscTypes.exif.name"), "camera-icon-16.png",
new BlackboardArtifact.Type(ARTIFACT_TYPE.TSK_METADATA_EXIF),
new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DATETIME_CREATED),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DEVICE_MAKE)),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DEVICE_MODEL)),
artf -> {
try {
AbstractFile file = artf.getSleuthkitCase().getAbstractFileById(artf.getObjectID());
if (file != null) {
return file.getName();
}
} catch (TskCoreException ex) {
LOGGER.log(Level.SEVERE, "Exif event type failed to look up backing file name", ex);
}
return "error loading file name";
})

Definition at line 125 of file MiscTypes.java.

org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.GPS_ROUTE
Initial value:
=(NbBundle.getMessage(MiscTypes.class, "MiscTypes.GPSRoutes.name"), "gps-search.png",
new BlackboardArtifact.Type(ARTIFACT_TYPE.TSK_GPS_ROUTE),
new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DATETIME),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_PROG_NAME)),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_LOCATION)),
artf -> {
final BlackboardAttribute latStart = getAttributeSafe(artf, new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_GEO_LATITUDE_START));
final BlackboardAttribute longStart = getAttributeSafe(artf, new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_GEO_LONGITUDE_START));
final BlackboardAttribute latEnd = getAttributeSafe(artf, new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_GEO_LATITUDE_END));
final BlackboardAttribute longEnd = getAttributeSafe(artf, new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_GEO_LONGITUDE_END));
return String.format("from %1$s %2$s to %3$s %4$s", stringValueOf(latStart), stringValueOf(longStart), stringValueOf(latEnd), stringValueOf(longEnd));
})

Definition at line 58 of file MiscTypes.java.

org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.GPS_TRACKPOINT
Initial value:
=(NbBundle.getMessage(MiscTypes.class, "MiscTypes.GPSTrackpoint.name"), "gps-trackpoint.png",
new BlackboardArtifact.Type(ARTIFACT_TYPE.TSK_GPS_TRACKPOINT),
new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DATETIME),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_PROG_NAME)),
artf -> {
final BlackboardAttribute longitude = getAttributeSafe(artf, new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_GEO_LONGITUDE));
final BlackboardAttribute latitude = getAttributeSafe(artf, new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_GEO_LATITUDE));
return stringValueOf(latitude) + " " + stringValueOf(longitude);
},
new EmptyExtractor())

Definition at line 70 of file MiscTypes.java.

final String org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.iconBase
private

Definition at line 171 of file MiscTypes.java.

final Image org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.image
private

Definition at line 173 of file MiscTypes.java.

org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.INSTALLED_PROGRAM
Initial value:
=(NbBundle.getMessage(MiscTypes.class, "MiscTypes.installedPrograms.name"), "programs.png",
new BlackboardArtifact.Type(ARTIFACT_TYPE.TSK_INSTALLED_PROG),
new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DATETIME),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_PROG_NAME)),
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 119 of file MiscTypes.java.

final Logger org.sleuthkit.autopsy.timeline.datamodel.eventtype.ArtifactEventType.LOGGER = Logger.getLogger(ArtifactEventType.class.getName())
staticinherited

Definition at line 36 of file ArtifactEventType.java.

final Function<BlackboardArtifact, String> org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.longExtractor
private

Definition at line 180 of file MiscTypes.java.

final Function<BlackboardArtifact, String> org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.medExtractor
private

Definition at line 182 of file MiscTypes.java.

org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.MESSAGE
Initial value:
=(NbBundle.getMessage(MiscTypes.class, "MiscTypes.message.name"), "message.png",
new BlackboardArtifact.Type(ARTIFACT_TYPE.TSK_MESSAGE),
new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DATETIME),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_MESSAGE_TYPE)),
artf -> {
final BlackboardAttribute dir = getAttributeSafe(artf, new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DIRECTION));
final BlackboardAttribute readStatus = getAttributeSafe(artf, new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_READ_STATUS));
final BlackboardAttribute name = getAttributeSafe(artf, new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_NAME));
final BlackboardAttribute phoneNumber = getAttributeSafe(artf, new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_PHONE_NUMBER));
final BlackboardAttribute subject = getAttributeSafe(artf, new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_SUBJECT));
List<String> asList = Arrays.asList(stringValueOf(dir), stringValueOf(readStatus), name != null || phoneNumber != null ? toFrom(dir) : "", stringValueOf(name != null ? name : phoneNumber), (subject == null ? "" : stringValueOf(subject)));
return StringUtils.join(asList, " ");
},
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_TEXT)))

Definition at line 44 of file MiscTypes.java.

org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.RECENT_DOCUMENTS
Initial value:
=(NbBundle.getMessage(MiscTypes.class, "MiscTypes.recentDocuments.name"), "recent_docs.png",
new BlackboardArtifact.Type(ARTIFACT_TYPE.TSK_RECENT_OBJECT),
new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DATETIME),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_PATH)).andThen(
(String t) -> (StringUtils.substringBeforeLast(StringUtils.substringBeforeLast(t, "\\"), "\\"))),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_PATH)).andThen(
(String t) -> StringUtils.substringBeforeLast(t, "\\")),
new AttributeExtractor(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_PATH))) {
@Override
public AttributeEventDescription parseAttributesHelper(BlackboardArtifact artf) throws TskCoreException {
final BlackboardAttribute dateTimeAttr = artf.getAttribute(getDateTimeAttributeType());
long time = dateTimeAttr.getValueLong();
String shortDescription = getShortExtractor().apply(artf);
String medDescription = getMedExtractor().apply(artf);
String fullDescription = getFullExtractor().apply(artf);
return new AttributeEventDescription(time, shortDescription, medDescription, fullDescription);
}
}

Definition at line 96 of file MiscTypes.java.

final Function<BlackboardArtifact, String> org.sleuthkit.autopsy.timeline.datamodel.eventtype.MiscTypes.shortExtractor
private

Definition at line 184 of file MiscTypes.java.

The documentation for this enum was generated from the following file:

Copyright © 2012-2016 Basis Technology. Generated on: Tue Feb 20 2018
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.