Autopsy
4.16.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
|
Inherits Runnable.
Classes | |
class | AnalysisStartupException |
class | DoNothingDSPProgressMonitor |
class | IngestJobEventListener |
Public Member Functions | |
void | run () |
Private Member Functions | |
JobProcessingTask () | |
void | analyze (AutoIngestDataSource dataSource, String ingestProfileName) throws AnalysisStartupException, InterruptedException |
Path | createCaseFolderPath (Path caseFoldersPath, String caseName) |
Path | findCaseDirectory (Path folderToSearch, String caseName) |
String | getOutputDirPath (Case caseForJob) |
FilesSet | getSelectedFilter (String filterName) |
IngestProfiles.IngestProfile | getSelectedProfile (String ingestProfileName) |
void | logDataSourceProcessorResult (AutoIngestDataSource dataSource) |
void | openCase (String baseCaseName, String rootOutputDirectory, CaseType caseType) throws CaseActionException |
void | runDataSourceProcessor (Case caseForJob, AutoIngestDataSource dataSource) throws InterruptedException, AutoIngestDataSourceProcessor.AutoIngestDataSourceProcessorException |
Private Attributes | |
final Object | ingestLock |
Definition at line 103 of file CommandLineIngestManager.java.
|
private |
Definition at line 107 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.core.RuntimeProperties.setRunningWithGUI().
|
private |
Analyzes the data source content returned by the data source processor using the configured set of data source level and file level analysis modules. If an ingest profile is specified, load that profile (profile = ingest context + ingest filter) for ingest. Otherwise use baseline configuration.
dataSource | The data source to analyze. |
ingestProfileName | Name of ingest profile to use (optional) |
AnalysisStartupException | if there is an error analyzing the data source. |
InterruptedException | if the thread running the job processing task is interrupted while blocked, i.e., if auto ingest is shutting down. |
Definition at line 498 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.ingest.IngestManager.addIngestJobEventListener(), org.sleuthkit.autopsy.ingest.IngestManager.beginIngestJob(), org.sleuthkit.autopsy.commandlineingest.UserPreferences.getCommandLineModeIngestModuleContextString(), org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getContent(), org.sleuthkit.autopsy.ingest.IngestManager.getInstance(), org.sleuthkit.autopsy.ingest.IngestJobStartResult.getJob(), org.sleuthkit.autopsy.ingest.IngestJobStartResult.getModuleErrors(), org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getPath(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.getSelectedFilter(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.getSelectedProfile(), org.sleuthkit.autopsy.ingest.IngestJob.getSnapshot(), org.sleuthkit.autopsy.ingest.IngestJobStartResult.getStartupException(), org.sleuthkit.autopsy.ingest.IngestJobSettings.getWarnings(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.INGEST_JOB_EVENTS_OF_INTEREST, org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.ingestLock, org.sleuthkit.autopsy.ingest.IngestJob.CancellationReason.NOT_CANCELLED, org.sleuthkit.autopsy.ingest.IngestManager.removeIngestJobEventListener(), org.sleuthkit.autopsy.ingest.IngestJobSettings.setFileFilter(), and org.sleuthkit.autopsy.ingest.IngestJob.CancellationReason.USER_CANCELLED.
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.run().
|
private |
Creates a case folder path. Does not create the folder described by the path.
caseFoldersPath | The root case folders path. |
caseName | The name of the case. |
Definition at line 645 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.coreutils.TimeStampUtils.createTimeStamp().
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.openCase().
|
private |
Searches a given folder for the most recently modified case folder for a case.
folderToSearch | The folder to be searched. |
caseName | The name of the case for which a case folder is to be found. |
Definition at line 660 of file CommandLineIngestManager.java.
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.openCase().
|
private |
Returns full path to directory where command outputs should be saved.
caseForJob | Case object |
Definition at line 685 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.casemodule.Case.getCaseDirectory(), and org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.LOG_DIR_NAME.
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.run().
|
private |
Gets the specified file filter from the list of all existing file filters (custom and standard).
filterName | Name of the file filter |
Definition at line 622 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.modules.interestingitems.FilesSetsManager.getCustomFileIngestFilters(), org.sleuthkit.autopsy.modules.interestingitems.FilesSetsManager.getInstance(), and org.sleuthkit.autopsy.modules.interestingitems.FilesSetsManager.getStandardFileIngestFilters().
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.analyze().
|
private |
Gets the specified ingest profile from the list of all existing ingest profiles.
ingestProfileName | Ingest profile name |
Definition at line 600 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.ingest.IngestProfiles.getIngestProfiles().
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.analyze().
|
private |
Logs the results of running a data source processor on the data source for the current job.
dataSource | The data source. |
Definition at line 447 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getContent(), org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getDataSourceProcessorErrorMessages(), org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getPath(), and org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getResultDataSourceProcessorResultCode().
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.runDataSourceProcessor().
|
private |
Creates a new case using arguments passed in from command line CREATE_CASE command.
baseCaseName | Case name |
rootOutputDirectory | Full path to directory in which case output folder will be created |
caseType | Type of case being created |
CaseActionException |
Definition at line 354 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.casemodule.Case.createAsCurrentCase(), org.sleuthkit.autopsy.casemodule.Case.createCaseDirectory(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.createCaseFolderPath(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.findCaseDirectory(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCase(), org.sleuthkit.autopsy.casemodule.Case.getName(), and org.sleuthkit.autopsy.casemodule.Case.CaseType.SINGLE_USER_CASE.
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.run().
void org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.run | ( | ) |
Requests the list of command line commands from command line options processor and executes the commands one by one.
Definition at line 122 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.analyze(), org.sleuthkit.autopsy.casemodule.Case.closeCurrentCase(), org.sleuthkit.autopsy.report.infrastructure.ReportGenerator.generateReports(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCaseThrows(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestSettingsPanel.getDefaultReportingConfigName(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.getOutputDirPath(), org.sleuthkit.autopsy.casemodule.Case.getSleuthkitCase(), org.sleuthkit.autopsy.casemodule.Case.CaseType.MULTI_USER_CASE, org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.openCase(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.runDataSourceProcessor(), org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.setDataSourceProcessorOutput(), org.sleuthkit.autopsy.casemodule.Case.CaseType.SINGLE_USER_CASE, and org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.stop().
|
private |
Passes the data source for the current job through a data source processor that adds it to the case database.
caseForJob | The case |
dataSource | The data source. |
AutoIngestDataSourceProcessorException | if there was a DSP processing error. |
InterruptedException | running the job processing task while blocking, i.e., if auto ingest is shutting down. |
Definition at line 389 of file CommandLineIngestManager.java.
References org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getContent(), org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getDeviceId(), org.sleuthkit.autopsy.datasourceprocessors.DataSourceProcessorUtility.getOrderedListOfDataSourceProcessors(), org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getPath(), org.sleuthkit.autopsy.datasourceprocessors.AutoIngestDataSource.getResultDataSourceProcessorResultCode(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.ingestLock, org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.logDataSourceProcessorResult(), and org.sleuthkit.autopsy.casemodule.Case.notifyAddingDataSource().
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.run().
|
private |
Definition at line 105 of file CommandLineIngestManager.java.
Referenced by org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.analyze(), org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.IngestJobEventListener.propertyChange(), and org.sleuthkit.autopsy.commandlineingest.CommandLineIngestManager.JobProcessingTask.runDataSourceProcessor().
Copyright © 2012-2020 Basis Technology. Generated on: Tue Sep 22 2020
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.