The Sleuth Kit Framework  4.1
Public Member Functions | Static Public Attributes | Protected Member Functions | Protected Attributes | List of all members
TskPipeline Class Referenceabstract

The Pipeline class controls the processing of data through an ordered list of dynamic library or executable modules. More...

#include <TskPipeline.h>

Inheritance diagram for TskPipeline:
TskFileAnalysisPipeline TskReportPipeline

Public Member Functions

virtual TskPluginModulecreatePluginModule ()=0
 Create a module for the given pipeline type. More...
 
void initialize (const std::string &pipelineConfig)
 Parses the XML config file. More...
 
bool isEmpty () const
 
void logModuleExecutionTimes () const
 Logs the recorded execution times of the modules in the pipeline.
 
virtual void run (const uint64_t fileId)=0
 Run a file analysis pipeline on a file with the given ID. More...
 
virtual void run (TskFile *file)=0
 Run a file analysis pipeline on the given file object. More...
 
virtual void run ()=0
 Run a reporting / post-analysis pipeline. More...
 
 TskPipeline ()
 Default constructor.
 
void validate (const std::string &pipelineConfig)
 Validate a Pipeline based on the given XML configuration string. More...
 
 ~TskPipeline ()
 Destructor.
 

Static Public Attributes

static const std::string MODULE_ARGS_ATTR = "arguments"
 attribute for module arguments in XML config file
 
static const std::string MODULE_ELEMENT = "MODULE"
 module element in XML config file
 
static const std::string MODULE_EXECUTABLE_TYPE = "executable"
 value of MODULE_TYPE_ATTR for executable modules
 
static const std::string MODULE_LOCATION_ATTR = "location"
 attribute for module location in XML config file
 
static const std::string MODULE_ORDER_ATTR = "order"
 attribute for module order in XML config file
 
static const std::string MODULE_OUTPUT_ATTR = "output"
 attribute for module output in XML config file
 
static const std::string MODULE_PLUGIN_TYPE = "plugin"
 value of MODULE_TYPE_ATTR for library modules
 
static const std::string MODULE_TYPE_ATTR = "type"
 attribute for module type in XML config file
 

Protected Member Functions

bool excludeFile (const TskFile *)
 Determine whether a particular file should be processed. More...
 
void updateModuleExecutionTime (int moduleId, const Poco::Timespan::TimeDiff &executionTime)
 Updates the recorded execution time of a module in the pipeline. More...
 

Protected Attributes

bool m_hasExeModule
 True if any module is an executable module.
 
std::vector< TskModule * > m_modules
 Collection of modules in the pipeline.
 

Detailed Description

The Pipeline class controls the processing of data through an ordered list of dynamic library or executable modules.

Different types of pipeline implementations exist for the different types of data. Pipelines are created by the TskPipelineManager class.

Member Function Documentation

virtual TskPluginModule* TskPipeline::createPluginModule ( )
pure virtual

Create a module for the given pipeline type.

Returns
Plug-in module

Implemented in TskReportPipeline, and TskFileAnalysisPipeline.

bool TskPipeline::excludeFile ( const TskFile file)
protected

Determine whether a particular file should be processed.

Returns
true if file should be excluded, false otherwise

References TskFile::isDirectory(), TskFile::isVirtual(), and LOGERROR.

Referenced by TskFileAnalysisPipeline::run().

void TskPipeline::initialize ( const std::string &  pipelineConfig)

Parses the XML config file.

Modules are loaded if m_loadDll is set to true.

Parameters
pipelineConfigString of a config file for the specific type of pipeline.
Exceptions
TskExceptionin case of error.

References TskModule::getDescription(), TskServices::getImgDB(), TskModule::getModuleId(), TskModule::getName(), TskServices::Instance(), LOGWARN, m_modules, MODULE_ELEMENT, MODULE_ORDER_ATTR, and TskModule::setModuleId().

Referenced by TskPipelineManager::createPipeline(), and validate().

virtual void TskPipeline::run ( const uint64_t  fileId)
pure virtual

Run a file analysis pipeline on a file with the given ID.

Parameters
fileIdId of file to run pipeilne on.
Exceptions
exceptionson errors

Implemented in TskReportPipeline, and TskFileAnalysisPipeline.

virtual void TskPipeline::run ( TskFile file)
pure virtual

Run a file analysis pipeline on the given file object.

Parameters
fileTskFile object to run pipeilne on.
Exceptions
exceptionson errors

Implemented in TskReportPipeline, and TskFileAnalysisPipeline.

virtual void TskPipeline::run ( )
pure virtual

Run a reporting / post-analysis pipeline.

Exceptions
exceptionson errors

Implemented in TskReportPipeline, and TskFileAnalysisPipeline.

void TskPipeline::updateModuleExecutionTime ( int  moduleId,
const Poco::Timespan::TimeDiff &  executionTime 
)
protected

Updates the recorded execution time of a module in the pipeline.

Parameters
moduleIdModule ID of the module.
executionTimeTime increment to add to totasl execution time of the module.

References LOGERROR.

Referenced by TskFileAnalysisPipeline::run(), and TskReportPipeline::run().

void TskPipeline::validate ( const std::string &  pipelineConfig)

Validate a Pipeline based on the given XML configuration string.

Parameters
pipelineConfigString of config file for the specific type of pipeline.
Exceptions
TskExceptionin case of error.

References initialize().


The documentation for this class was generated from the following files:

Copyright © 2011-2013 Brian Carrier. (carrier -at- sleuthkit -dot- org)
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.