Autopsy
4.12.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
|
Static Public Member Functions | |
static void | export (List< TagName > tagTypes, List< String > interestingItemSets, File caseReportFolder, ReportProgressPanel progressPanel) throws IOException, SQLException, NoCurrentCaseException, TskCoreException |
static void | generateReport (Long selectedDataSourceId, String reportOutputPath, ReportProgressPanel progressPanel) |
Private Member Functions | |
CaseUcoFormatExporter () | |
Static Private Member Functions | |
static JsonGenerator | createJsonGenerator (File reportFile) throws IOException |
static void | finilizeJsonOutputFile (JsonGenerator catalog) throws IOException |
static void | initializeJsonOutputFile (JsonGenerator catalog) throws IOException |
static String | saveCaseInfo (SleuthkitCase skCase, JsonGenerator catalog) throws TskCoreException, SQLException, IOException, NoCurrentCaseException |
static String | saveDataSourceInCaseUcoFormat (JsonGenerator catalog, String imageName, Long imageSize, Long selectedDataSourceId, String caseTraceId) throws IOException |
static String | saveDataSourceInfo (Long selectedDataSourceId, String caseTraceId, SleuthkitCase skCase, JsonGenerator jsonGenerator) throws TskCoreException, SQLException, IOException |
static void | saveFileInCaseUcoFormat (Long objectId, String fileName, String parent_path, String md5Hash, String mime_type, long size, String ctime, String atime, String mtime, String extension, JsonGenerator catalog, String dataSourceTraceId) throws IOException |
static void | saveUniqueFilesToCaseUcoFormat (Content content, Path tmpDir, JsonGenerator jsonGenerator, TimeZone timeZone, String dataSourceTraceId) throws IOException |
Static Private Attributes | |
static final BlackboardArtifact.ARTIFACT_TYPE | INTERESTING_ARTIFACT_HIT = BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT |
static final BlackboardArtifact.ARTIFACT_TYPE | INTERESTING_FILE_HIT = BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT |
static final Logger | logger = Logger.getLogger(CaseUcoFormatExporter.class.getName()) |
static final BlackboardAttribute.Type | SET_NAME = new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME) |
static final String | TEMP_DIR_NAME = "case_uco_tmp" |
Generates CASE-UCO report file for a data source
Definition at line 63 of file CaseUcoFormatExporter.java.
|
private |
Definition at line 72 of file CaseUcoFormatExporter.java.
|
staticprivate |
Definition at line 322 of file CaseUcoFormatExporter.java.
Referenced by org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.export().
|
static |
Exports files that are tagged w/ the following TagNames and that belong to the following interesting file sets (set name attributes of TSK_INTERSTING_FILE_HIT and TSK_INTERESTING_ARTIFACT_HIT). Artifacts that are tagged with the following TagNames also have their associated source files included.
Duplicate files are excluded.
tagTypes | Collection of TagNames to match |
interestingItemSets | Collection of SET_NAMEs to match on in TSK_INTERESTING_FILE_HITs and TSK_INTERESTING_ARTIFACT_HITs. |
outputFilePath | Path to the folder that the CASE-UCO report should be written into |
progressPanel | UI Component to be updated with current processing status |
Definition at line 219 of file CaseUcoFormatExporter.java.
References org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.createJsonGenerator(), org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.finilizeJsonOutputFile(), org.sleuthkit.autopsy.casemodule.services.TagsManager.getBlackboardArtifactTagsByTagName(), org.sleuthkit.autopsy.casemodule.services.TagsManager.getContentTagsByTagName(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCaseThrows(), org.sleuthkit.autopsy.report.caseuco.ReportCaseUco.getReportFileName(), org.sleuthkit.autopsy.casemodule.Case.getServices(), org.sleuthkit.autopsy.casemodule.Case.getSleuthkitCase(), org.sleuthkit.autopsy.casemodule.services.Services.getTagsManager(), org.sleuthkit.autopsy.casemodule.Case.getTempDirectory(), org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.initializeJsonOutputFile(), org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.INTERESTING_ARTIFACT_HIT, org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.INTERESTING_FILE_HIT, org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.saveCaseInfo(), org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.saveDataSourceInfo(), org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.saveUniqueFilesToCaseUcoFormat(), org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.SET_NAME, and org.sleuthkit.autopsy.report.ReportProgressPanel.updateStatusLabel().
|
staticprivate |
Definition at line 336 of file CaseUcoFormatExporter.java.
Referenced by org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.export(), and org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.generateReport().
|
static |
Generates CASE-UCO report for the selected data source.
selectedDataSourceId | Object ID of the data source |
reportOutputPath | Full path to directory where to save CASE-UCO report file |
progressPanel | ReportProgressPanel to update progress |
Definition at line 93 of file CaseUcoFormatExporter.java.
References org.sleuthkit.autopsy.casemodule.Case.addReport(), org.sleuthkit.autopsy.report.ReportProgressPanel.ReportStatus.CANCELED, org.sleuthkit.autopsy.report.ReportProgressPanel.ReportStatus.COMPLETE, org.sleuthkit.autopsy.report.ReportProgressPanel.complete(), org.sleuthkit.autopsy.report.ReportProgressPanel.ReportStatus.ERROR, org.sleuthkit.autopsy.coreutils.MessageNotifyUtil.Message.error(), org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.finilizeJsonOutputFile(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCaseThrows(), org.sleuthkit.autopsy.ingest.IngestManager.getInstance(), org.sleuthkit.autopsy.casemodule.Case.getSleuthkitCase(), org.sleuthkit.autopsy.report.ReportProgressPanel.getStatus(), org.sleuthkit.autopsy.datamodel.ContentUtils.getStringTimeISO8601(), org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.initializeJsonOutputFile(), org.sleuthkit.autopsy.ingest.IngestManager.isIngestRunning(), org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.saveCaseInfo(), org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.saveDataSourceInfo(), org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.saveFileInCaseUcoFormat(), org.sleuthkit.autopsy.report.ReportProgressPanel.setIndeterminate(), org.sleuthkit.autopsy.report.ReportProgressPanel.start(), org.sleuthkit.autopsy.report.ReportProgressPanel.updateStatusLabel(), and org.sleuthkit.autopsy.coreutils.MessageNotifyUtil.Message.warn().
Referenced by org.sleuthkit.autopsy.report.caseuco.ReportCaseUco.generateReport(), and org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.run().
|
staticprivate |
Definition at line 330 of file CaseUcoFormatExporter.java.
Referenced by org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.export(), and org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.generateReport().
|
staticprivate |
Save info about the Autopsy case in CASE-UCo format
skCase | SleuthkitCase object |
catalog | JsonGenerator object |
TskCoreException | |
SQLException | |
IOException | |
NoCurrentCaseException |
Definition at line 352 of file CaseUcoFormatExporter.java.
References org.sleuthkit.autopsy.casemodule.Case.getCurrentCaseThrows(), and org.sleuthkit.autopsy.casemodule.Case.getName().
Referenced by org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.export(), and org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.generateReport().
|
staticprivate |
Definition at line 449 of file CaseUcoFormatExporter.java.
Referenced by org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.saveDataSourceInfo().
|
staticprivate |
Save info about the data source in CASE-UCo format
selectedDataSourceId | Object ID of the data source |
caseTraceId | CASE-UCO trace ID object for the Autopsy case entry |
skCase | SleuthkitCase object |
jsonGenerator | JsonGenerator object |
TskCoreException | |
SQLException | |
IOException |
Definition at line 407 of file CaseUcoFormatExporter.java.
References org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.saveDataSourceInCaseUcoFormat().
Referenced by org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.export(), and org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.generateReport().
|
staticprivate |
Definition at line 501 of file CaseUcoFormatExporter.java.
Referenced by org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.generateReport(), and org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.saveUniqueFilesToCaseUcoFormat().
|
staticprivate |
Saves only unique abstract files to the report. Uniqueness is determined by object id. The tmpDir Path is used to stored object ids that have already been visited.
content | Abstractfile isntance |
tmpDir | Directory to write object ids |
jsonGenerator | Report generator |
timeZone | Time zore for ctime, atime, and mtime formatting |
dataSourceTraceId | TraceID number for the parent data source |
IOException |
Definition at line 297 of file CaseUcoFormatExporter.java.
References org.sleuthkit.autopsy.datamodel.ContentUtils.getStringTimeISO8601(), and org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.saveFileInCaseUcoFormat().
Referenced by org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.export().
|
staticprivate |
Definition at line 69 of file CaseUcoFormatExporter.java.
Referenced by org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.export().
|
staticprivate |
Definition at line 68 of file CaseUcoFormatExporter.java.
Referenced by org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.export().
|
staticprivate |
Definition at line 65 of file CaseUcoFormatExporter.java.
|
staticprivate |
Definition at line 67 of file CaseUcoFormatExporter.java.
Referenced by org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter.export().
|
staticprivate |
Definition at line 70 of file CaseUcoFormatExporter.java.
Copyright © 2012-2018 Basis Technology. Generated on: Wed Sep 18 2019
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.