Autopsy
4.10.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
|
Inherits org.sleuthkit.autopsy.ingest.FileIngestModule.
Classes | |
class | Indexer |
enum | IngestStatus |
enum | StringsExtractOptions |
enum | UpdateFrequency |
Public Member Functions | |
ProcessResult | process (AbstractFile abstractFile) |
void | shutDown () |
void | startUp (IngestJobContext context) throws IngestModuleException |
Private Member Functions | |
void | cleanup () |
void | postIndexSummary () |
Static Private Member Functions | |
static void | putIngestStatus (long ingestJobId, long fileId, IngestStatus status) |
Private Attributes | |
IngestJobContext | context |
FileTypeDetector | fileTypeDetector |
Indexer | indexer |
Ingester | ingester = null |
boolean | initialized = false |
int | instanceNum = 0 |
long | jobId |
final IngestServices | services = IngestServices.getInstance() |
final KeywordSearchJobSettings | settings |
boolean | startedSearching = false |
Lookup | stringsExtractionContext |
Static Private Attributes | |
static final List< String > | ARCHIVE_MIME_TYPES |
static final Map< Long, Map< Long, IngestStatus > > | ingestStatus = new HashMap<>() |
static final AtomicInteger | instanceCount = new AtomicInteger(0) |
static final Logger | logger = Logger.getLogger(KeywordSearchIngestModule.class.getName()) |
static final IngestModuleReferenceCounter | refCounter = new IngestModuleReferenceCounter() |
An ingest module on a file level Performs indexing of allocated and Solr supported files, string extraction and indexing of unallocated and not Solr supported files Index commit is done periodically (determined by user set ingest update interval) Runs a periodic keyword / regular expression search on currently configured lists for ingest and writes results to blackboard Reports interesting events to Inbox and to viewers
Definition at line 72 of file KeywordSearchIngestModule.java.
|
private |
Common cleanup code when module stops or final searcher completes
Definition at line 392 of file KeywordSearchIngestModule.java.
|
private |
Posts inbox message with summary of text_ingested files
Definition at line 400 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.ingest.IngestMessage.createMessage(), org.sleuthkit.autopsy.coreutils.MessageNotifyUtil.Notify.error(), org.sleuthkit.autopsy.ingest.IngestMessage.MessageType.INFO, org.sleuthkit.autopsy.ingest.IngestServices.postMessage(), and org.sleuthkit.autopsy.coreutils.MessageNotifyUtil.Notify.warn().
ProcessResult org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.process | ( | AbstractFile | file | ) |
Processes a file. Called between calls to startUp() and shutDown(). Will be called for each file in a data source.
file | The file to analyze. |
Implements org.sleuthkit.autopsy.ingest.FileIngestModule.
Definition at line 307 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.ingest.IngestJobContext.fileIngestIsCancelled(), org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.Indexer.indexFile(), org.sleuthkit.autopsy.ingest.IngestModule.ProcessResult.OK, and org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.IngestStatus.SKIPPED_ERROR_INDEXING.
|
staticprivate |
Records the ingest status for a given file for a given ingest job. Used for final statistics at the end of the job.
ingestJobId | id of ingest job |
fileId | id of file |
status | ingest status of the file |
Definition at line 176 of file KeywordSearchIngestModule.java.
void org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.shutDown | ( | ) |
After all files are ingested, execute final index commit and final search Cleanup resources, threads, timers
Implements org.sleuthkit.autopsy.ingest.FileIngestModule.
Definition at line 353 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.ingest.IngestModuleReferenceCounter.decrementAndGet(), org.sleuthkit.autopsy.ingest.IngestJobContext.fileIngestIsCancelled(), org.sleuthkit.autopsy.keywordsearch.KeywordSearch.getServer(), org.sleuthkit.autopsy.keywordsearch.Server.queryNumIndexedChunks(), and org.sleuthkit.autopsy.keywordsearch.Server.queryNumIndexedFiles().
void org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.startUp | ( | IngestJobContext | context | ) | throws IngestModuleException |
Initializes the module for new ingest run Sets up threads, timers, retrieves settings, keyword lists to run on
Implements org.sleuthkit.autopsy.ingest.IngestModule.
Definition at line 205 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.ingest.IngestMessage.createWarningMessage(), org.sleuthkit.autopsy.casemodule.Case.getCaseDirectory(), org.sleuthkit.autopsy.casemodule.Case.getCaseType(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCaseThrows(), org.sleuthkit.autopsy.ingest.IngestJobContext.getJobId(), org.sleuthkit.autopsy.keywordsearch.Server.getMultiUserServerProperties(), org.sleuthkit.autopsy.keywordsearch.KeywordSearch.getServer(), org.sleuthkit.autopsy.ingest.IngestModuleReferenceCounter.incrementAndGet(), org.sleuthkit.autopsy.casemodule.Case.CaseType.MULTI_USER_CASE, org.sleuthkit.autopsy.ingest.IngestServices.postMessage(), org.sleuthkit.autopsy.keywordsearch.Server.queryNumIndexedDocuments(), org.sleuthkit.autopsy.textextractors.configs.StringsConfig.setExtractUTF16(), org.sleuthkit.autopsy.textextractors.configs.StringsConfig.setExtractUTF8(), org.sleuthkit.autopsy.textextractors.configs.StringsConfig.setLanguageScripts(), and org.sleuthkit.autopsy.keywordsearchservice.KeywordSearchService.tryConnect().
|
staticprivate |
generally text extractors should ignore archives and let unpacking modules take care of them
Definition at line 79 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 155 of file KeywordSearchIngestModule.java.
Referenced by org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.Indexer.extractStringsAndIndex().
|
private |
Definition at line 143 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 142 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 141 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 166 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 150 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 152 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 153 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 151 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 139 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 154 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 140 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 149 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 147 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 148 of file KeywordSearchIngestModule.java.
Copyright © 2012-2018 Basis Technology. Generated on: Fri Mar 22 2019
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.