Autopsy  4.16.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
Classes | Public Member Functions | Static Public Member Functions | Static Private Member Functions | Private Attributes | Static Private Attributes | List of all members
org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener Class Reference

Classes

class  AnalysisCompleteTask
 
class  DataAddedTask
 
class  IngestJobEventListener
 
class  IngestModuleEventListener
 

Public Member Functions

void installListeners ()
 
void uninstallListeners ()
 

Static Public Member Functions

static synchronized void decrementCorrelationEngineModuleCount ()
 
static synchronized int getCeModuleInstanceCount ()
 
static synchronized void incrementCorrelationEngineModuleCount ()
 
static synchronized boolean isFlagNotableItems ()
 
static synchronized boolean isFlagSeenDevices ()
 
static synchronized void setCreateCrProperties (boolean value)
 
static synchronized void setFlagNotableItems (boolean value)
 
static synchronized void setFlagSeenDevices (boolean value)
 
static synchronized boolean shouldCreateCrProperties ()
 

Static Private Member Functions

static void makeAndPostInterestingArtifact (BlackboardArtifact originalArtifact, Collection< BlackboardAttribute > attributesForNewArtifact)
 
static void makeAndPostPreviousNotableArtifact (BlackboardArtifact originalArtifact, List< String > caseDisplayNames)
 
static void makeAndPostPreviousSeenArtifact (BlackboardArtifact originalArtifact, List< String > caseDisplayNames)
 

Private Attributes

final ExecutorService jobProcessingExecutor
 
final PropertyChangeListener pcl1 = new IngestModuleEventListener()
 
final PropertyChangeListener pcl2 = new IngestJobEventListener()
 

Static Private Attributes

static int correlationModuleInstanceCount
 
static boolean createCrProperties
 
static boolean flagNotableItems
 
static boolean flagSeenDevices
 
static final String INGEST_EVENT_THREAD_NAME = "Ingest-Event-Listener-%d"
 
static final Set< IngestManager.IngestJobEvent > INGEST_JOB_EVENTS_OF_INTEREST = EnumSet.of(IngestManager.IngestJobEvent.DATA_SOURCE_ANALYSIS_COMPLETED)
 
static final Set< IngestManager.IngestModuleEvent > INGEST_MODULE_EVENTS_OF_INTEREST = EnumSet.of(DATA_ADDED)
 
static final Logger LOGGER = Logger.getLogger(CorrelationAttributeInstance.class.getName())
 
static final String MODULE_NAME = Bundle.IngestEventsListener_ingestmodule_name()
 

Detailed Description

Listen for ingest events and update entries in the Central Repository database accordingly

Definition at line 77 of file IngestEventsListener.java.

Member Function Documentation

static synchronized void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.decrementCorrelationEngineModuleCount ( )
static

Decrease the number of IngestEventsListeners adding contents to the Central Repository.

Definition at line 129 of file IngestEventsListener.java.

static synchronized int org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.getCeModuleInstanceCount ( )
static

Whether or not the Central Repository Module is enabled for any of the currently running ingest jobs.

Returns
boolean True for Central Repository enabled, False for disabled

Definition at line 149 of file IngestEventsListener.java.

static synchronized void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.incrementCorrelationEngineModuleCount ( )
static

Increase the number of IngestEventsListeners adding contents to the Central Repository.

Definition at line 121 of file IngestEventsListener.java.

void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.installListeners ( )

Definition at line 104 of file IngestEventsListener.java.

References org.sleuthkit.autopsy.ingest.IngestManager.addIngestJobEventListener(), org.sleuthkit.autopsy.ingest.IngestManager.addIngestModuleEventListener(), and org.sleuthkit.autopsy.ingest.IngestManager.getInstance().

Referenced by org.sleuthkit.autopsy.centralrepository.eventlisteners.Installer.addApplicationEventListeners().

static synchronized boolean org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.isFlagNotableItems ( )
static

Are notable items being flagged?

Returns
True if flagging notable items; otherwise false.

Definition at line 158 of file IngestEventsListener.java.

static synchronized boolean org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.isFlagSeenDevices ( )
static

Are previously seen devices being flagged?

Returns
True if flagging seen devices; otherwise false.

Definition at line 167 of file IngestEventsListener.java.

static void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.makeAndPostInterestingArtifact ( BlackboardArtifact  originalArtifact,
Collection< BlackboardAttribute >  attributesForNewArtifact 
)
staticprivate

Make an interesting item artifact to flag the passed in artifact.

Parameters
originalArtifactArtifact in current case we want to flag
attributesForNewArtifactAttributes to assign to the new Interesting items artifact

Definition at line 257 of file IngestEventsListener.java.

static void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.makeAndPostPreviousNotableArtifact ( BlackboardArtifact  originalArtifact,
List< String >  caseDisplayNames 
)
staticprivate

Make an Interesting Item artifact based on a new artifact being previously seen.

Parameters
originalArtifactOriginal artifact that we want to flag
caseDisplayNamesList of case names artifact was previously seen in

Definition at line 214 of file IngestEventsListener.java.

static void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.makeAndPostPreviousSeenArtifact ( BlackboardArtifact  originalArtifact,
List< String >  caseDisplayNames 
)
staticprivate

Create an Interesting Artifact hit for a device which was previously seen in the central repository.

Parameters
originalArtifactthe artifact to create the interesting item for
caseDisplayNamesthe case names the artifact was previously seen in

Definition at line 239 of file IngestEventsListener.java.

static synchronized void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.setCreateCrProperties ( boolean  value)
static

Configure the listener to create correlation properties

Parameters
valueTrue to create properties; otherwise false.

Definition at line 203 of file IngestEventsListener.java.

static synchronized void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.setFlagNotableItems ( boolean  value)
static

Configure the listener to flag notable items or not.

Parameters
valueTrue to flag notable items; otherwise false.

Definition at line 185 of file IngestEventsListener.java.

static synchronized void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.setFlagSeenDevices ( boolean  value)
static

Configure the listener to flag previously seen devices or not.

Parameters
valueTrue to flag seen devices; otherwise false.

Definition at line 194 of file IngestEventsListener.java.

static synchronized boolean org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.shouldCreateCrProperties ( )
static

Are correlation properties being created

Returns
True if creating correlation properties; otherwise false.

Definition at line 176 of file IngestEventsListener.java.

void org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.uninstallListeners ( )

Definition at line 112 of file IngestEventsListener.java.

References org.sleuthkit.autopsy.ingest.IngestManager.getInstance(), org.sleuthkit.autopsy.ingest.IngestManager.removeIngestJobEventListener(), and org.sleuthkit.autopsy.ingest.IngestManager.removeIngestModuleEventListener().

Referenced by org.sleuthkit.autopsy.centralrepository.eventlisteners.Installer.uninstalled().

Member Data Documentation

int org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.correlationModuleInstanceCount
staticprivate

Definition at line 83 of file IngestEventsListener.java.

boolean org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.createCrProperties
staticprivate

Definition at line 86 of file IngestEventsListener.java.

boolean org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.flagNotableItems
staticprivate

Definition at line 84 of file IngestEventsListener.java.

boolean org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.flagSeenDevices
staticprivate

Definition at line 85 of file IngestEventsListener.java.

final String org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.INGEST_EVENT_THREAD_NAME = "Ingest-Event-Listener-%d"
staticprivate

Definition at line 87 of file IngestEventsListener.java.

final Set<IngestManager.IngestJobEvent> org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.INGEST_JOB_EVENTS_OF_INTEREST = EnumSet.of(IngestManager.IngestJobEvent.DATA_SOURCE_ANALYSIS_COMPLETED)
staticprivate

Definition at line 80 of file IngestEventsListener.java.

final Set<IngestManager.IngestModuleEvent> org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.INGEST_MODULE_EVENTS_OF_INTEREST = EnumSet.of(DATA_ADDED)
staticprivate

Definition at line 81 of file IngestEventsListener.java.

final ExecutorService org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.jobProcessingExecutor
private

Definition at line 88 of file IngestEventsListener.java.

final Logger org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.LOGGER = Logger.getLogger(CorrelationAttributeInstance.class.getName())
staticprivate

Definition at line 79 of file IngestEventsListener.java.

final String org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.MODULE_NAME = Bundle.IngestEventsListener_ingestmodule_name()
staticprivate

Definition at line 82 of file IngestEventsListener.java.

final PropertyChangeListener org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.pcl1 = new IngestModuleEventListener()
private

Definition at line 89 of file IngestEventsListener.java.

final PropertyChangeListener org.sleuthkit.autopsy.centralrepository.eventlisteners.IngestEventsListener.pcl2 = new IngestJobEventListener()
private

Definition at line 90 of file IngestEventsListener.java.

The documentation for this class was generated from the following file:

Copyright © 2012-2020 Basis Technology. Generated on: Tue Sep 22 2020
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.