jni-docs/4.2/_blackboard_artifact_8java_source.html

 /*

  * Sleuth Kit Data Model

  *

  * Copyright 2011-2014 Basis Technology Corp.

  * Contact: carrier <at> sleuthkit <dot> org

  *

  * Licensed under the Apache License, Version 2.0 (the "License");

  * you may not use this file except in compliance with the License.

  * You may obtain a copy of the License at

  *

  *       http://www.apache.org/licenses/LICENSE-2.0

  *

  * Unless required by applicable law or agreed to in writing, software

  * distributed under the License is distributed on an "AS IS" BASIS,

  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  * See the License for the specific language governing permissions and

  * limitations under the License.

  */

 package org.sleuthkit.datamodel;


 import java.util.ArrayList;

 import java.util.Collection;

 import java.util.List;

 import java.util.ResourceBundle;


 public class BlackboardArtifact implements SleuthkitVisitableItem {


         private static final ResourceBundle bundle = ResourceBundle.getBundle("org.sleuthkit.datamodel.Bundle");


         /* It is very important that this list be kept up to

          * date and in sync with the C++ code.  Do not add

          * anything here unless you also add it there.

          * See framework/Services/TskBlackboard.* */

         public enum ARTIFACT_TYPE implements SleuthkitVisitableItem {


                 TSK_GEN_INFO(1, "TSK_GEN_INFO", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskGenInfo.text")),

                 TSK_WEB_BOOKMARK(2, "TSK_WEB_BOOKMARK", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskWebBookmark.text")),

                 TSK_WEB_COOKIE(3, "TSK_WEB_COOKIE", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskWebCookie.text")),

                 TSK_WEB_HISTORY(4, "TSK_WEB_HISTORY", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskWebHistory.text")),

                 TSK_WEB_DOWNLOAD(5, "TSK_WEB_DOWNLOAD", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskWebDownload.text")),

                 TSK_RECENT_OBJECT(6, "TSK_RECENT_OBJ", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tsk.recentObject.text")),

                 TSK_GPS_TRACKPOINT(7, "TSK_GPS_TRACKPOINT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskGpsTrackpoint.text")),

                 TSK_INSTALLED_PROG(8, "TSK_INSTALLED_PROG", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskInstalledProg.text")),

                 TSK_KEYWORD_HIT(9, "TSK_KEYWORD_HIT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskKeywordHits.text")),

                 TSK_HASHSET_HIT(10, "TSK_HASHSET_HIT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskHashsetHit.text")),

                 TSK_DEVICE_ATTACHED(11, "TSK_DEVICE_ATTACHED", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskDeviceAttached.text")),

                 TSK_INTERESTING_FILE_HIT(12, "TSK_INTERESTING_FILE_HIT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskInterestingFileHit.text")),

                 TSK_EMAIL_MSG(13, "TSK_EMAIL_MSG", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskEmailMsg.text")),

                 TSK_EXTRACTED_TEXT(14, "TSK_EXTRACTED_TEXT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskExtractedText.text")),

                 TSK_WEB_SEARCH_QUERY(15, "TSK_WEB_SEARCH_QUERY", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskWebSearchQuery.text")),

                 TSK_METADATA_EXIF(16, "TSK_METADATA_EXIF", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskMetadataExif.text")),

                 @Deprecated

                 // tags are now added via a special table, not blackboard

                 TSK_TAG_FILE(17, "TSK_TAG_FILE", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tagFile.text")),

                 @Deprecated

                 // tags are now added via a special table, not blackboard

                 TSK_TAG_ARTIFACT(18, "TSK_TAG_ARTIFACT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskTagArtifact.text")),

                 TSK_OS_INFO(19, "TSK_OS_INFO", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskOsInfo.text")),

                 TSK_OS_ACCOUNT(20, "TSK_OS_ACCOUNT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskOsAccount.text")),

                 TSK_SERVICE_ACCOUNT(21, "TSK_SERVICE_ACCOUNT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskServiceAccount.text")),

                 @Deprecated

                 // use Case.addReport in Autopsy

                 TSK_TOOL_OUTPUT(22, "TSK_TOOL_OUTPUT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskToolOutput.text")),

                 TSK_CONTACT(23, "TSK_CONTACT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskContact.text")),

                 TSK_MESSAGE(24, "TSK_MESSAGE", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskMessage.text")),

                 TSK_CALLLOG(25, "TSK_CALLLOG", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskCalllog.text")),

                 TSK_CALENDAR_ENTRY(26, "TSK_CALENDAR_ENTRY", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskCalendarEntry.text")),

                 TSK_SPEED_DIAL_ENTRY(27, "TSK_SPEED_DIAL_ENTRY", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskSpeedDialEntry.text")),

                 TSK_BLUETOOTH_PAIRING(28, "TSK_BLUETOOTH_PAIRING", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskBluetoothPairing.text")),

                 TSK_GPS_BOOKMARK(29, "TSK_GPS_BOOKMARK", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskGpsBookmark.text")), // GPS Bookmarks

                 TSK_GPS_LAST_KNOWN_LOCATION(30, "TSK_GPS_LAST_KNOWN_LOCATION", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskGpsLastKnownLocation.text")), // GPS Last known location

                 TSK_GPS_SEARCH(31, "TSK_GPS_SEARCH", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskGpsSearch.text")), // GPS Searches

                 TSK_PROG_RUN(32, "TSK_PROG_RUN", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskProgRun.text")),

                 TSK_ENCRYPTION_DETECTED(33, "TSK_ENCRYPTION_DETECTED", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskEncryptionDetected.text")),

                 TSK_EXT_MISMATCH_DETECTED(34, "TSK_EXT_MISMATCH_DETECTED", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskExtMismatchDetected.text")),

                 TSK_INTERESTING_ARTIFACT_HIT(35, "TSK_INTERESTING_ARTIFACT_HIT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskInterestingArtifactHit.text")), // Any artifact that should be called out

                 TSK_GPS_ROUTE(36, "TSK_GPS_ROUTE", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskGpsRoute.text")), // Route based on GPS coordinates

                 TSK_REMOTE_DRIVE(37, "TSK_REMOTE_DRIVE", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskRemoteDrive.text")),

                 TSK_FACE_DETECTED(38, "TSK_FACE_DETECTED", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskFaceDetected.text"));


                 /* SEE ABOVE -- KEEP C++ CODE IN SYNC */

                 private final String label;

                 private final int typeID;

                 private final String displayName;


                 private ARTIFACT_TYPE(int typeID, String label, String displayName) {

                         this.typeID = typeID;

                         this.label = label;

                         this.displayName = displayName;

                 }


                 public String getLabel() {

                         return this.label;

                 }


                 public int getTypeID() {

                         return this.typeID;

                 }


                 static public ARTIFACT_TYPE fromLabel(String label) {

                         for (ARTIFACT_TYPE v : ARTIFACT_TYPE.values()) {

                                 if (v.label.equals(label)) {

                                         return v;

                                 }

                         }

                         throw new IllegalArgumentException("No ARTIFACT_TYPE matching type: " + label);

                 }


                 static public ARTIFACT_TYPE fromID(int ID) {

                         for (ARTIFACT_TYPE v : ARTIFACT_TYPE.values()) {

                                 if (v.typeID == ID) {

                                         return v;

                                 }

                         }

                         throw new IllegalArgumentException("No ARTIFACT_TYPE matching type: " + ID);

                 }


                 public String getDisplayName() {

                         return this.displayName;

                 }


                 @Override

                 public <T> T accept(SleuthkitItemVisitor<T> v) {

                         return v.visit(this);

                 }

         }

         private final long artifactID;

         private final long objID;

         private final int artifactTypeID;

         private final String artifactTypeName;

         private final String displayName;

         private final SleuthkitCase sleuthkitCase;

         private final List<BlackboardAttribute> attrsCache = new ArrayList<BlackboardAttribute>();

         private boolean loadedCacheFromDb = false; // true once we've gone to the DB to fill in the attrsCache.  Until it is set, it may not be complete.


         protected BlackboardArtifact(SleuthkitCase sleuthkitCase, long artifactID, long objID, int artifactTypeID, String artifactTypeName, String displayName) {

                 this.sleuthkitCase = sleuthkitCase;

                 this.artifactID = artifactID;

                 this.objID = objID;

                 this.artifactTypeID = artifactTypeID;

                 this.artifactTypeName = artifactTypeName;

                 this.displayName = displayName;

         }


         BlackboardArtifact(SleuthkitCase sleuthkitCase, long artifactID, long objID, int artifactTypeID, String artifactTypeName, String displayName, boolean isNew) {

                 this.sleuthkitCase = sleuthkitCase;

                 this.artifactID = artifactID;

                 this.objID = objID;

                 this.artifactTypeID = artifactTypeID;

                 this.artifactTypeName = artifactTypeName;

                 this.displayName = displayName;


                 // If the artifact is new, we don't need to waste a database call later to load the attributes

                 if (isNew) {

                         this.loadedCacheFromDb = true;

                 }

         }


         public long getArtifactID() {

                 return this.artifactID;

         }


         public long getObjectID() {

                 return this.objID;

         }


         public int getArtifactTypeID() {

                 return this.artifactTypeID;

         }


         public String getArtifactTypeName() {

                 return this.artifactTypeName;

         }


         public String getDisplayName() {

                 return this.displayName;

         }


         public void addAttribute(BlackboardAttribute attr) throws TskCoreException {

                 attr.setArtifactID(artifactID);

                 attr.setCase(sleuthkitCase);

                 sleuthkitCase.addBlackboardAttribute(attr, this.artifactTypeID);

                 attrsCache.add(attr);

         }


         public void addAttributes(Collection<BlackboardAttribute> attributes) throws TskCoreException {

                 if (attributes.isEmpty()) {

                         return;

                 }


                 for (BlackboardAttribute attr : attributes) {

                         attr.setArtifactID(artifactID);

                         attr.setCase(sleuthkitCase);

                 }

                 sleuthkitCase.addBlackboardAttributes(attributes, this.artifactTypeID);

                 attrsCache.addAll(attributes);

         }


         public List<BlackboardAttribute> getAttributes() throws TskCoreException {

                 if (loadedCacheFromDb == false) {

                         List<BlackboardAttribute> attrs = sleuthkitCase.getBlackboardAttributes(this);

                         attrsCache.clear();

                         attrsCache.addAll(attrs);

                         loadedCacheFromDb = true;

                 }

                 return attrsCache;

         }


         public List<BlackboardAttribute> getAttributes(final BlackboardAttribute.ATTRIBUTE_TYPE attributeType) throws TskCoreException {

                 if (loadedCacheFromDb == false) {

                         List<BlackboardAttribute> attrs = sleuthkitCase.getBlackboardAttributes(this);

                         attrsCache.clear();

                         attrsCache.addAll(attrs);

                         loadedCacheFromDb = true;

                 }

                 ArrayList<BlackboardAttribute> filteredAttributes = new ArrayList<BlackboardAttribute>();

                 for (BlackboardAttribute attr : attrsCache) {

                         if (attr.getAttributeTypeID() == attributeType.getTypeID()) {

                                 filteredAttributes.add(attr);

                         }

                 }

                 return filteredAttributes;

         }


         @Override

         public <T> T accept(SleuthkitItemVisitor<T> v) {

                 return v.visit(this);

         }


         public SleuthkitCase getSleuthkitCase() {

                 return sleuthkitCase;

         }


         @Override

         public boolean equals(Object obj) {

                 if (obj == null) {

                         return false;

                 }

                 if (getClass() != obj.getClass()) {

                         return false;

                 }

                 final BlackboardArtifact other = (BlackboardArtifact) obj;

                 if (this.artifactID != other.artifactID) {

                         return false;

                 }

                 return true;

         }


         @Override

         public int hashCode() {

                 int hash = 7;

                 hash = 41 * hash + (int) (this.artifactID ^ (this.artifactID >>> 32));

                 return hash;

         }


         @Override

         public String toString() {

                 return "BlackboardArtifact{" + "artifactID=" + artifactID + ", objID=" + objID + ", artifactTypeID=" + artifactTypeID + ", artifactTypeName=" + artifactTypeName + ", displayName=" + displayName + ", Case=" + sleuthkitCase + '}'; //NON-NLS

         }

 }

org.sleuthkit.datamodel.BlackboardArtifact.sleuthkitCase
final SleuthkitCase sleuthkitCase
Definition: BlackboardArtifact.java:209

org.sleuthkit.datamodel.BlackboardArtifact.artifactID
final long artifactID
Definition: BlackboardArtifact.java:204

org.sleuthkit.datamodel.SleuthkitCase.getBlackboardAttributes
ArrayList< BlackboardAttribute > getBlackboardAttributes(final BlackboardArtifact artifact)
Definition: SleuthkitCase.java:1671

org.sleuthkit.datamodel.BlackboardArtifact.bundle
static final ResourceBundle bundle
Definition: BlackboardArtifact.java:34

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.fromLabel
static ARTIFACT_TYPE fromLabel(String label)
Definition: BlackboardArtifact.java:166

org.sleuthkit.datamodel.BlackboardArtifact.getDisplayName
String getDisplayName()
Definition: BlackboardArtifact.java:300

org.sleuthkit.datamodel.BlackboardArtifact.objID
final long objID
Definition: BlackboardArtifact.java:205

org.sleuthkit.datamodel.SleuthkitCase.addBlackboardAttributes
void addBlackboardAttributes(Collection< BlackboardAttribute > attributes, int artifactTypeId)
Definition: SleuthkitCase.java:1354

org.sleuthkit.datamodel.BlackboardArtifact.hashCode
int hashCode()
Definition: BlackboardArtifact.java:419

org.sleuthkit.datamodel.BlackboardAttribute
Definition: BlackboardAttribute.java:30

org.sleuthkit.datamodel.SleuthkitItemVisitor
Definition: SleuthkitItemVisitor.java:35

org.sleuthkit.datamodel.BlackboardArtifact.getArtifactTypeName
String getArtifactTypeName()
Definition: BlackboardArtifact.java:291

org.sleuthkit.datamodel.BlackboardArtifact.addAttributes
void addAttributes(Collection< BlackboardAttribute > attributes)
Definition: BlackboardArtifact.java:326

org.sleuthkit.datamodel.BlackboardArtifact.getObjectID
long getObjectID()
Definition: BlackboardArtifact.java:273

org.sleuthkit.datamodel.SleuthkitCase.addBlackboardAttribute
void addBlackboardAttribute(BlackboardAttribute attr, int artifactTypeId)
Definition: SleuthkitCase.java:1334

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.accept
public< T > T accept(SleuthkitItemVisitor< T > v)
Definition: BlackboardArtifact.java:200

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.fromID
static ARTIFACT_TYPE fromID(int ID)
Definition: BlackboardArtifact.java:181

org.sleuthkit.datamodel.BlackboardArtifact.getAttributes
List< BlackboardAttribute > getAttributes(final BlackboardAttribute.ATTRIBUTE_TYPE attributeType)
Definition: BlackboardArtifact.java:365

org.sleuthkit.datamodel.BlackboardArtifact.equals
boolean equals(Object obj)
Definition: BlackboardArtifact.java:404

org.sleuthkit.datamodel.BlackboardArtifact.toString
String toString()
Definition: BlackboardArtifact.java:426

org.sleuthkit.datamodel.BlackboardArtifact.getSleuthkitCase
SleuthkitCase getSleuthkitCase()
Definition: BlackboardArtifact.java:399

org.sleuthkit.datamodel.BlackboardArtifact
Definition: BlackboardArtifact.java:32

org.sleuthkit.datamodel.SleuthkitVisitableItem
Definition: SleuthkitVisitableItem.java:24

org.sleuthkit.datamodel.BlackboardArtifact.artifactTypeID
final int artifactTypeID
Definition: BlackboardArtifact.java:206

org.sleuthkit.datamodel.BlackboardArtifact.addAttribute
void addAttribute(BlackboardAttribute attr)
Definition: BlackboardArtifact.java:311

org.sleuthkit.datamodel.TskCoreException
Definition: TskCoreException.java:25

org.sleuthkit.datamodel.BlackboardArtifact.getArtifactTypeID
int getArtifactTypeID()
Definition: BlackboardArtifact.java:282

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.displayName
final String displayName
Definition: BlackboardArtifact.java:134

org.sleuthkit.datamodel.BlackboardArtifact.BlackboardArtifact
BlackboardArtifact(SleuthkitCase sleuthkitCase, long artifactID, long objID, int artifactTypeID, String artifactTypeName, String displayName)
Definition: BlackboardArtifact.java:224

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.getDisplayName
String getDisplayName()
Definition: BlackboardArtifact.java:195

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.getLabel
String getLabel()
Definition: BlackboardArtifact.java:147

org.sleuthkit.datamodel.BlackboardArtifact.artifactTypeName
final String artifactTypeName
Definition: BlackboardArtifact.java:207

org.sleuthkit.datamodel.SleuthkitCase
Definition: SleuthkitCase.java:67

org.sleuthkit.datamodel.BlackboardArtifact.attrsCache
final List< BlackboardAttribute > attrsCache
Definition: BlackboardArtifact.java:210

org.sleuthkit.datamodel.BlackboardArtifact.getAttributes
List< BlackboardAttribute > getAttributes()
Definition: BlackboardArtifact.java:346

org.sleuthkit.datamodel.BlackboardArtifact.loadedCacheFromDb
boolean loadedCacheFromDb
Definition: BlackboardArtifact.java:211

org.sleuthkit.datamodel.BlackboardArtifact.getArtifactID
long getArtifactID()
Definition: BlackboardArtifact.java:264

org.sleuthkit.datamodel.BlackboardArtifact.displayName
final String displayName
Definition: BlackboardArtifact.java:208

org.sleuthkit.datamodel.SleuthkitItemVisitor.visit
T visit(Directory d)

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.getTypeID
int getTypeID()
Definition: BlackboardArtifact.java:156

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE
Definition: BlackboardAttribute.java:100

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.ARTIFACT_TYPE
ARTIFACT_TYPE(int typeID, String label, String displayName)
Definition: BlackboardArtifact.java:136

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.label
final String label
Definition: BlackboardArtifact.java:132

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE
Definition: BlackboardArtifact.java:46

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.typeID
final int typeID
Definition: BlackboardArtifact.java:133