Autopsy  4.12.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
Classes | Public Member Functions | Static Public Member Functions | Static Private Member Functions | Private Attributes | Static Private Attributes | List of all members
org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener Class Reference

Classes

class  AnalysisCompleteTask
 
class  DataAddedTask
 
class  IngestJobEventListener
 
class  IngestModuleEventListener
 

Public Member Functions

void installListeners ()
 
void uninstallListeners ()
 

Static Public Member Functions

static synchronized void decrementCorrelationEngineModuleCount ()
 
static synchronized int getCeModuleInstanceCount ()
 
static synchronized void incrementCorrelationEngineModuleCount ()
 
static synchronized boolean isFlagNotableItems ()
 
static synchronized boolean isFlagSeenDevices ()
 
static synchronized void setCreateCrProperties (boolean value)
 
static synchronized void setFlagNotableItems (boolean value)
 
static synchronized void setFlagSeenDevices (boolean value)
 
static synchronized boolean shouldCreateCrProperties ()
 

Static Private Member Functions

static void makeAndPostInterestingArtifact (BlackboardArtifact originalArtifact, Collection< BlackboardAttribute > attributesForNewArtifact)
 
static void makeAndPostPreviousNotableArtifact (BlackboardArtifact originalArtifact, List< String > caseDisplayNames)
 
static void makeAndPostPreviousSeenArtifact (BlackboardArtifact originalArtifact)
 

Private Attributes

final ExecutorService jobProcessingExecutor
 
final PropertyChangeListener pcl1 = new IngestModuleEventListener()
 
final PropertyChangeListener pcl2 = new IngestJobEventListener()
 

Static Private Attributes

static int correlationModuleInstanceCount
 
static boolean createCrProperties
 
static boolean flagNotableItems
 
static boolean flagSeenDevices
 
static final String INGEST_EVENT_THREAD_NAME = "Ingest-Event-Listener-%d"
 
static final Set< IngestManager.IngestJobEvent > INGEST_JOB_EVENTS_OF_INTEREST = EnumSet.of(IngestManager.IngestJobEvent.DATA_SOURCE_ANALYSIS_COMPLETED)
 
static final Set< IngestManager.IngestModuleEvent > INGEST_MODULE_EVENTS_OF_INTEREST = EnumSet.of(DATA_ADDED)
 
static final Logger LOGGER = Logger.getLogger(CorrelationAttributeInstance.class.getName())
 
static final String MODULE_NAME = Bundle.IngestEventsListener_ingestmodule_name()
 

Detailed Description

Listen for ingest events and update entries in the Central Repository database accordingly

Definition at line 71 of file IngestEventsListener.java.

Member Function Documentation

static synchronized void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.decrementCorrelationEngineModuleCount ( )
static

Decrease the number of IngestEventsListeners adding contents to the Correlation Engine.

Definition at line 123 of file IngestEventsListener.java.

static synchronized int org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.getCeModuleInstanceCount ( )
static

Whether or not the Correlation Engine Module is enabled for any of the currently running ingest jobs.

Returns
boolean True for Correlation Engine enabled, False for disabled

Definition at line 143 of file IngestEventsListener.java.

static synchronized void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.incrementCorrelationEngineModuleCount ( )
static

Increase the number of IngestEventsListeners adding contents to the Correlation Engine.

Definition at line 115 of file IngestEventsListener.java.

void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.installListeners ( )
static synchronized boolean org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.isFlagNotableItems ( )
static

Are notable items being flagged?

Returns
True if flagging notable items; otherwise false.

Definition at line 152 of file IngestEventsListener.java.

static synchronized boolean org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.isFlagSeenDevices ( )
static

Are previously seen devices being flagged?

Returns
True if flagging seen devices; otherwise false.

Definition at line 161 of file IngestEventsListener.java.

static void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.makeAndPostInterestingArtifact ( BlackboardArtifact  originalArtifact,
Collection< BlackboardAttribute >  attributesForNewArtifact 
)
staticprivate

Make an interesting item artifact to flag the passed in artifact.

Parameters
originalArtifactArtifact in current case we want to flag
attributesForNewArtifactAttributes to assign to the new Interesting items artifact

Definition at line 247 of file IngestEventsListener.java.

static void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.makeAndPostPreviousNotableArtifact ( BlackboardArtifact  originalArtifact,
List< String >  caseDisplayNames 
)
staticprivate

Make an Interesting Item artifact based on a new artifact being previously seen.

Parameters
originalArtifactOriginal artifact that we want to flag
caseDisplayNamesList of case names artifact was previously seen in

Definition at line 208 of file IngestEventsListener.java.

static void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.makeAndPostPreviousSeenArtifact ( BlackboardArtifact  originalArtifact)
staticprivate

Create an Interesting Artifact hit for a device which was previously seen in the central repository.

Parameters
originalArtifactthe artifact to create the interesting item for

Definition at line 232 of file IngestEventsListener.java.

static synchronized void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.setCreateCrProperties ( boolean  value)
static

Configure the listener to create correlation properties

Parameters
valueTrue to create properties; otherwise false.

Definition at line 197 of file IngestEventsListener.java.

static synchronized void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.setFlagNotableItems ( boolean  value)
static

Configure the listener to flag notable items or not.

Parameters
valueTrue to flag notable items; otherwise false.

Definition at line 179 of file IngestEventsListener.java.

static synchronized void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.setFlagSeenDevices ( boolean  value)
static

Configure the listener to flag previously seen devices or not.

Parameters
valueTrue to flag seen devices; otherwise false.

Definition at line 188 of file IngestEventsListener.java.

static synchronized boolean org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.shouldCreateCrProperties ( )
static

Are correlation properties being created

Returns
True if creating correlation properties; otherwise false.

Definition at line 170 of file IngestEventsListener.java.

void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.uninstallListeners ( )

Member Data Documentation

int org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.correlationModuleInstanceCount
staticprivate

Definition at line 77 of file IngestEventsListener.java.

boolean org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.createCrProperties
staticprivate

Definition at line 80 of file IngestEventsListener.java.

boolean org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.flagNotableItems
staticprivate

Definition at line 78 of file IngestEventsListener.java.

boolean org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.flagSeenDevices
staticprivate

Definition at line 79 of file IngestEventsListener.java.

final String org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.INGEST_EVENT_THREAD_NAME = "Ingest-Event-Listener-%d"
staticprivate

Definition at line 81 of file IngestEventsListener.java.

final Set<IngestManager.IngestJobEvent> org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.INGEST_JOB_EVENTS_OF_INTEREST = EnumSet.of(IngestManager.IngestJobEvent.DATA_SOURCE_ANALYSIS_COMPLETED)
staticprivate

Definition at line 74 of file IngestEventsListener.java.

final Set<IngestManager.IngestModuleEvent> org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.INGEST_MODULE_EVENTS_OF_INTEREST = EnumSet.of(DATA_ADDED)
staticprivate

Definition at line 75 of file IngestEventsListener.java.

final ExecutorService org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.jobProcessingExecutor
private

Definition at line 82 of file IngestEventsListener.java.

final Logger org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.LOGGER = Logger.getLogger(CorrelationAttributeInstance.class.getName())
staticprivate

Definition at line 73 of file IngestEventsListener.java.

final String org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.MODULE_NAME = Bundle.IngestEventsListener_ingestmodule_name()
staticprivate

Definition at line 76 of file IngestEventsListener.java.

final PropertyChangeListener org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.pcl1 = new IngestModuleEventListener()
private

Definition at line 83 of file IngestEventsListener.java.

final PropertyChangeListener org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.pcl2 = new IngestJobEventListener()
private

Definition at line 84 of file IngestEventsListener.java.


The documentation for this class was generated from the following file:

Copyright © 2012-2018 Basis Technology. Generated on: Wed Sep 18 2019
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.