Autopsy
4.12.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
|
Inherits org.sleuthkit.autopsy.ingest.FileIngestModule.
Classes | |
class | Indexer |
enum | IngestStatus |
enum | StringsExtractOptions |
enum | UpdateFrequency |
Public Member Functions | |
ProcessResult | process (AbstractFile abstractFile) |
void | shutDown () |
void | startUp (IngestJobContext context) throws IngestModuleException |
Private Member Functions | |
void | cleanup () |
void | postIndexSummary () |
Static Private Member Functions | |
static void | putIngestStatus (long ingestJobId, long fileId, IngestStatus status) |
Private Attributes | |
IngestJobContext | context |
FileTypeDetector | fileTypeDetector |
Indexer | indexer |
Ingester | ingester = null |
boolean | initialized = false |
int | instanceNum = 0 |
long | jobId |
final IngestServices | services = IngestServices.getInstance() |
final KeywordSearchJobSettings | settings |
boolean | startedSearching = false |
Lookup | stringsExtractionContext |
Static Private Attributes | |
static final List< String > | ARCHIVE_MIME_TYPES |
static final Map< Long, Map< Long, IngestStatus > > | ingestStatus = new HashMap<>() |
static final AtomicInteger | instanceCount = new AtomicInteger(0) |
static final Logger | logger = Logger.getLogger(KeywordSearchIngestModule.class.getName()) |
static final IngestModuleReferenceCounter | refCounter = new IngestModuleReferenceCounter() |
An ingest module on a file level Performs indexing of allocated and Solr supported files, string extraction and indexing of unallocated and not Solr supported files Index commit is done periodically (determined by user set ingest update interval) Runs a periodic keyword / regular expression search on currently configured lists for ingest and writes results to blackboard Reports interesting events to Inbox and to viewers
Definition at line 75 of file KeywordSearchIngestModule.java.
|
private |
Common cleanup code when module stops or final searcher completes
Definition at line 395 of file KeywordSearchIngestModule.java.
|
private |
Posts inbox message with summary of text_ingested files
Definition at line 403 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.ingest.IngestMessage.createMessage(), org.sleuthkit.autopsy.coreutils.MessageNotifyUtil.Notify.error(), org.sleuthkit.autopsy.ingest.IngestMessage.MessageType.INFO, org.sleuthkit.autopsy.ingest.IngestServices.postMessage(), and org.sleuthkit.autopsy.coreutils.MessageNotifyUtil.Notify.warn().
ProcessResult org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.process | ( | AbstractFile | file | ) |
Processes a file. Called between calls to startUp() and shutDown(). Will be called for each file in a data source.
file | The file to analyze. |
Implements org.sleuthkit.autopsy.ingest.FileIngestModule.
Definition at line 310 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.ingest.IngestJobContext.fileIngestIsCancelled(), org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.Indexer.indexFile(), org.sleuthkit.autopsy.ingest.IngestModule.ProcessResult.OK, and org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.IngestStatus.SKIPPED_ERROR_INDEXING.
|
staticprivate |
Records the ingest status for a given file for a given ingest job. Used for final statistics at the end of the job.
ingestJobId | id of ingest job |
fileId | id of file |
status | ingest status of the file |
Definition at line 179 of file KeywordSearchIngestModule.java.
void org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.shutDown | ( | ) |
After all files are ingested, execute final index commit and final search Cleanup resources, threads, timers
Implements org.sleuthkit.autopsy.ingest.FileIngestModule.
Definition at line 356 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.ingest.IngestModuleReferenceCounter.decrementAndGet(), org.sleuthkit.autopsy.ingest.IngestJobContext.fileIngestIsCancelled(), org.sleuthkit.autopsy.keywordsearch.KeywordSearch.getServer(), org.sleuthkit.autopsy.keywordsearch.Server.queryNumIndexedChunks(), and org.sleuthkit.autopsy.keywordsearch.Server.queryNumIndexedFiles().
void org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.startUp | ( | IngestJobContext | context | ) | throws IngestModuleException |
Initializes the module for new ingest run Sets up threads, timers, retrieves settings, keyword lists to run on
Implements org.sleuthkit.autopsy.ingest.IngestModule.
Definition at line 208 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.ingest.IngestMessage.createWarningMessage(), org.sleuthkit.autopsy.casemodule.Case.getCaseDirectory(), org.sleuthkit.autopsy.casemodule.Case.getCaseType(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCaseThrows(), org.sleuthkit.autopsy.ingest.IngestJobContext.getJobId(), org.sleuthkit.autopsy.keywordsearch.Server.getMultiUserServerProperties(), org.sleuthkit.autopsy.keywordsearch.KeywordSearch.getServer(), org.sleuthkit.autopsy.ingest.IngestModuleReferenceCounter.incrementAndGet(), org.sleuthkit.autopsy.casemodule.Case.CaseType.MULTI_USER_CASE, org.sleuthkit.autopsy.ingest.IngestServices.postMessage(), org.sleuthkit.autopsy.keywordsearch.Server.queryNumIndexedDocuments(), org.sleuthkit.autopsy.textextractors.configs.StringsConfig.setExtractUTF16(), org.sleuthkit.autopsy.textextractors.configs.StringsConfig.setExtractUTF8(), org.sleuthkit.autopsy.textextractors.configs.StringsConfig.setLanguageScripts(), and org.sleuthkit.autopsy.keywordsearchservice.KeywordSearchService.tryConnect().
|
staticprivate |
generally text extractors should ignore archives and let unpacking modules take care of them
Definition at line 82 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 158 of file KeywordSearchIngestModule.java.
Referenced by org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.Indexer.extractStringsAndIndex().
|
private |
Definition at line 146 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 145 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 144 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 169 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 153 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 155 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 156 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 154 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 142 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 157 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 143 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 152 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 150 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 151 of file KeywordSearchIngestModule.java.
Copyright © 2012-2018 Basis Technology. Generated on: Wed Sep 18 2019
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.