|
Autopsy
4.17.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
|
Inherits org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultArtifactUpdateGovernor.
Classes | |
| class | LastAccessedArtifact |
| class | TopAccountResult |
| class | TopDeviceAttachedResult |
| class | TopDomainsResult |
| class | TopProgramsResult |
| class | TopWebSearchResult |
Public Member Functions | |
| UserActivitySummary () | |
| UserActivitySummary (SleuthkitCaseProvider provider, TextTranslationService translationService, java.util.logging.Logger logger) | |
| Set< Integer > | getArtifactTypeIdsForRefresh () |
| default Set< Case.Events > | getCaseEventUpdates () |
| default Set< IngestJobEvent > | getIngestJobEventUpdates () |
| List< TopWebSearchResult > | getMostRecentWebSearches (DataSource dataSource, int count) throws SleuthkitCaseProviderException, TskCoreException |
| List< TopAccountResult > | getRecentAccounts (DataSource dataSource, int count) throws SleuthkitCaseProviderException, TskCoreException |
| List< TopDeviceAttachedResult > | getRecentDevices (DataSource dataSource, int count) throws SleuthkitCaseProviderException, TskCoreException |
| List< TopDomainsResult > | getRecentDomains (DataSource dataSource, int count) throws TskCoreException, SleuthkitCaseProviderException |
| String | getShortFolderName (String strPath, String applicationName) |
| List< TopProgramsResult > | getTopPrograms (DataSource dataSource, int count) throws SleuthkitCaseProviderException, TskCoreException |
| default boolean | isRefreshRequired (ModuleDataEvent evt) |
| default boolean | isRefreshRequired (ModuleContentEvent evt) |
| default boolean | isRefreshRequired (IngestManager.IngestJobEvent evt) |
| default boolean | isRefreshRequired (AbstractFile evt) |
| boolean | isRefreshRequired (IngestJobEvent evt) |
| default boolean | isRefreshRequiredForCaseEvent (PropertyChangeEvent evt) |
Public Attributes | |
| Set< IngestJobEvent > | INGEST_JOB_EVENTS |
Private Member Functions | |
| void | assertValidCount (int count) |
| Pair< Long, Map< String, List< Pair< BlackboardArtifact, Long > > > > | getDomainGroupsAndMostRecent (DataSource dataSource) throws TskCoreException, SleuthkitCaseProviderException |
| TopDomainsResult | getDomainsResult (String domain, List< Pair< BlackboardArtifact, Long >> visits, long mostRecentMs) |
| TopDeviceAttachedResult | getMostRecentDevice (TopDeviceAttachedResult r1, TopDeviceAttachedResult r2) |
| TopProgramsResult | getTopProgramsResult (BlackboardArtifact artifact) |
| String | getTranslationOrNull (String original) |
Static Private Member Functions | |
| static TopAccountResult | getAccountResult (BlackboardArtifact artifact, String messageType, BlackboardAttribute.Type...dateAttrs) |
| static Long | getMax (Long num1, Long num2) |
| static Date | getMax (Date date1, Date date2) |
| static TopAccountResult | getMessageAccountResult (BlackboardArtifact artifact) |
| static TopWebSearchResult | getWebSearchResult (BlackboardArtifact artifact) |
| static boolean | isPositiveNum (Long longNum) |
| static int | nullableCompare (Long long1, Long long2) |
Private Attributes | |
| final SleuthkitCaseProvider | caseProvider |
| final java.util.logging.Logger | logger |
| final TextTranslationService | translationService |
Static Private Attributes | |
| static final Set< Integer > | ARTIFACT_UPDATE_TYPE_IDS |
| static final Set< String > | DEVICE_EXCLUDE_LIST = new HashSet<>(Arrays.asList("ROOT_HUB", "ROOT_HUB20")) |
| static final Set< String > | DOMAIN_EXCLUDE_LIST = new HashSet<>(Arrays.asList("127.0.0.1", "LOCALHOST")) |
| static final long | DOMAIN_WINDOW_DAYS = 30 |
| static final long | DOMAIN_WINDOW_MS = DOMAIN_WINDOW_DAYS * MS_PER_DAY |
| static final long | MS_PER_DAY = 1000 * 60 * 60 * 24 |
| static final String | NTOS_BOOT_IDENTIFIER = "NTOSBOOT" |
| static final List< Function< List< String >, String > > | SHORT_FOLDER_MATCHERS |
| static final Comparator< TopAccountResult > | TOP_ACCOUNT_RESULT_DATE_COMPARE = (a, b) -> a.getLastAccessed().compareTo(b.getLastAccessed()) |
| static final Comparator< TopProgramsResult > | TOP_PROGRAMS_RESULT_COMPARE |
| static final Comparator< TopWebSearchResult > | TOP_WEBSEARCH_RESULT_DATE_COMPARE = (a, b) -> a.getLastAccessed().compareTo(b.getLastAccessed()) |
| static final BlackboardAttribute.Type | TYPE_COUNT = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_COUNT) |
| static final BlackboardAttribute.Type | TYPE_DATETIME = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DATETIME) |
| static final BlackboardAttribute.Type | TYPE_DATETIME_ACCESSED = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED) |
| static final BlackboardAttribute.Type | TYPE_DATETIME_END = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DATETIME_END) |
| static final BlackboardAttribute.Type | TYPE_DATETIME_RCVD = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DATETIME_RCVD) |
| static final BlackboardAttribute.Type | TYPE_DATETIME_SENT = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DATETIME_SENT) |
| static final BlackboardAttribute.Type | TYPE_DATETIME_START = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DATETIME_START) |
| static final BlackboardArtifact.Type | TYPE_DEVICE_ATTACHED = new BlackboardArtifact.Type(ARTIFACT_TYPE.TSK_DEVICE_ATTACHED) |
| static final BlackboardAttribute.Type | TYPE_DEVICE_ID = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DEVICE_ID) |
| static final BlackboardAttribute.Type | TYPE_DEVICE_MAKE = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DEVICE_MAKE) |
| static final BlackboardAttribute.Type | TYPE_DEVICE_MODEL = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DEVICE_MODEL) |
| static final BlackboardAttribute.Type | TYPE_DOMAIN = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DOMAIN) |
| static final BlackboardAttribute.Type | TYPE_MESSAGE_TYPE = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_MESSAGE_TYPE) |
| static final BlackboardAttribute.Type | TYPE_PATH = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_PATH) |
| static final BlackboardAttribute.Type | TYPE_PROG_NAME = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_PROG_NAME) |
| static final BlackboardAttribute.Type | TYPE_TEXT = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_TEXT) |
| static final BlackboardArtifact.Type | TYPE_WEB_HISTORY = new BlackboardArtifact.Type(ARTIFACT_TYPE.TSK_WEB_HISTORY) |
| static final String | WINDOWS_PREFIX = "/WINDOWS" |
Provides summary information about user activity in a datasource. At this time, the data being provided for domains is fictitious and is done as a placeholder.
Definition at line 57 of file UserActivitySummary.java.
| org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.UserActivitySummary | ( | ) |
Main constructor.
Definition at line 165 of file UserActivitySummary.java.
References org.sleuthkit.autopsy.datasourcesummary.datamodel.SleuthkitCaseProvider.DEFAULT, org.sleuthkit.autopsy.texttranslation.TextTranslationService.getInstance(), and org.sleuthkit.autopsy.coreutils.Logger.getLogger().
| org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.UserActivitySummary | ( | SleuthkitCaseProvider | provider, |
| TextTranslationService | translationService, | ||
| java.util.logging.Logger | logger | ||
| ) |
Main constructor with external dependencies specified. This constructor is designed with unit testing in mind since mocked dependencies can be utilized.
| provider | The object providing the current SleuthkitCase. |
| translationService | The translation service. |
| logger | The logger to use. |
Definition at line 179 of file UserActivitySummary.java.
References org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.logger, and org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.translationService.
|
private |
Throws an IllegalArgumentException if count <= 0.
| count | The count being checked. |
Definition at line 199 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getMostRecentWebSearches(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentAccounts(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentDevices(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentDomains(), and org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getTopPrograms().
|
staticprivate |
Obtains a TopAccountResult from a blackboard artifact. The date is maximum of any found dates for attribute types provided.
| artifact | The artifact. |
| messageType | The type of message this is. |
| dateAttrs | The date attribute types. |
Definition at line 552 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentAccounts().
| Set<Integer> org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getArtifactTypeIdsForRefresh | ( | ) |
Implements org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultArtifactUpdateGovernor.
Definition at line 190 of file UserActivitySummary.java.
References org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.ARTIFACT_UPDATE_TYPE_IDS.
|
inherited |
Implements org.sleuthkit.autopsy.datasourcesummary.uiutils.UpdateGovernor.
Definition at line 57 of file DefaultUpdateGovernor.java.
|
private |
Queries TSK_WEB_HISTORY artifacts and returning the latest web history date accessed and a mapping of domains to all of their visits.
| dataSource | The datasource. |
| TskCoreException | |
| SleuthkitCaseProviderException |
Definition at line 298 of file UserActivitySummary.java.
References org.sleuthkit.autopsy.datasourcesummary.datamodel.SleuthkitCaseProvider.get(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getMax(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_DATETIME_ACCESSED, org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_DOMAIN, and org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_WEB_HISTORY.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentDomains().
|
private |
Creates a TopDomainsResult from data or null if no visit date exists within DOMAIN_WINDOW_MS of mostRecentMs.
| domain | The domain. |
| visits | The list of the artifact and its associated time in milliseconds. |
| mostRecentMs | The most recent visit of any domain. |
Definition at line 253 of file UserActivitySummary.java.
References org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getMax().
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentDomains().
|
inherited |
Implements org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultUpdateGovernor.
Definition at line 52 of file DefaultArtifactUpdateGovernor.java.
References org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultArtifactUpdateGovernor.INGEST_JOB_EVENTS.
|
staticprivate |
Returns the maximum value given two longs handling possible null values.
| num1 | The first number. |
| num2 | The second number. |
Definition at line 344 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getDomainGroupsAndMostRecent(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getDomainsResult(), and org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getTopPrograms().
|
staticprivate |
Retrieves the maximum date given two (possibly null) dates.
| date1 | First date. |
| date2 | Second date. |
Definition at line 716 of file UserActivitySummary.java.
|
staticprivate |
Obtains a TopAccountResult from a TSK_MESSAGE blackboard artifact.
| artifact | The artifact. |
Definition at line 533 of file UserActivitySummary.java.
References org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_DATETIME, and org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_MESSAGE_TYPE.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentAccounts().
|
private |
Gives the most recent TopDeviceAttachedResult. If one is null, the other is returned.
| r1 | A result. |
| r2 | Another result. |
Definition at line 467 of file UserActivitySummary.java.
References org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.LastAccessedArtifact.getLastAccessed().
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentDevices().
| List<TopWebSearchResult> org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getMostRecentWebSearches | ( | DataSource | dataSource, |
| int | count | ||
| ) | throws SleuthkitCaseProviderException, TskCoreException |
Retrieves most recent web searches by most recent date grouped by search term.
| dataSource | The data source. |
| count | The maximum number of records to be shown (must be > 0). |
| org.sleuthkit.autopsy.datasourcesummary.datamodel.SleuthkitCaseProvider.SleuthkitCaseProviderException | |
| TskCoreException |
Definition at line 384 of file UserActivitySummary.java.
References org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.assertValidCount(), org.sleuthkit.autopsy.datasourcesummary.datamodel.SleuthkitCaseProvider.get(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getTranslationOrNull(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getWebSearchResult(), and org.sleuthkit.autopsy.texttranslation.TextTranslationService.hasProvider().
Referenced by org.sleuthkit.autopsy.datasourcesummary.ui.UserActivityPanel.UserActivityPanel().
| List<TopAccountResult> org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentAccounts | ( | DataSource | dataSource, |
| int | count | ||
| ) | throws SleuthkitCaseProviderException, TskCoreException |
Retrieves most recent account used by most recent date for a message sent.
| dataSource | The data source. |
| count | The maximum number of records to be shown (must be > 0). |
| org.sleuthkit.autopsy.datasourcesummary.datamodel.SleuthkitCaseProvider.SleuthkitCaseProviderException | |
| TskCoreException |
Definition at line 586 of file UserActivitySummary.java.
References org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.assertValidCount(), org.sleuthkit.autopsy.datasourcesummary.datamodel.SleuthkitCaseProvider.get(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getAccountResult(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getMessageAccountResult(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_DATETIME_END, org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_DATETIME_RCVD, org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_DATETIME_SENT, and org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_DATETIME_START.
Referenced by org.sleuthkit.autopsy.datasourcesummary.ui.UserActivityPanel.UserActivityPanel().
| List<TopDeviceAttachedResult> org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentDevices | ( | DataSource | dataSource, |
| int | count | ||
| ) | throws SleuthkitCaseProviderException, TskCoreException |
Retrieves most recent devices used by most recent date attached.
| dataSource | The data source. |
| count | The maximum number of records to be shown (must be > 0). |
| org.sleuthkit.autopsy.datasourcesummary.datamodel.SleuthkitCaseProvider.SleuthkitCaseProviderException | |
| TskCoreException |
Definition at line 492 of file UserActivitySummary.java.
References org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.assertValidCount(), org.sleuthkit.autopsy.datasourcesummary.datamodel.SleuthkitCaseProvider.get(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getMostRecentDevice(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_DATETIME, org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_DEVICE_ATTACHED, org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_DEVICE_ID, org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_DEVICE_MAKE, and org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_DEVICE_MODEL.
Referenced by org.sleuthkit.autopsy.datasourcesummary.ui.UserActivityPanel.UserActivityPanel().
| List<TopDomainsResult> org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentDomains | ( | DataSource | dataSource, |
| int | count | ||
| ) | throws TskCoreException, SleuthkitCaseProviderException |
Gets a list of recent domains based on the datasource.
| dataSource | The datasource to query for recent domains. |
| count | The max count of items to return. |
| InterruptedException |
Definition at line 215 of file UserActivitySummary.java.
References org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.assertValidCount(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getDomainGroupsAndMostRecent(), and org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getDomainsResult().
Referenced by org.sleuthkit.autopsy.datasourcesummary.ui.UserActivityPanel.UserActivityPanel().
| String org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getShortFolderName | ( | String | strPath, |
| String | applicationName | ||
| ) |
Determines a short folder name if any. Otherwise, returns empty string.
| strPath | The string path. |
| applicationName | The application name. |
Definition at line 649 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.ui.UserActivityPanel.getShortFolderName().
| List<TopProgramsResult> org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getTopPrograms | ( | DataSource | dataSource, |
| int | count | ||
| ) | throws SleuthkitCaseProviderException, TskCoreException |
Retrieves the top programs results for the given data source limited to the count provided as a parameter. The highest run times are at the top of the list. If that information isn't available the last run date is used. If both, the last run date and the number of run times are unavailable, the programs will be sorted alphabetically, the count will be ignored and all items will be returned.
| dataSource | The datasource. If the datasource is null, an empty list will be returned. |
| count | The number of results to return. This value must be > 0 or an IllegalArgumentException will be thrown. |
| SleuthkitCaseProviderException | |
| TskCoreException |
Definition at line 777 of file UserActivitySummary.java.
References org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.assertValidCount(), org.sleuthkit.autopsy.datasourcesummary.datamodel.SleuthkitCaseProvider.get(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.LastAccessedArtifact.getLastAccessed(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getMax(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TopProgramsResult.getRunTimes(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getTopProgramsResult(), and org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.isPositiveNum().
Referenced by org.sleuthkit.autopsy.datasourcesummary.ui.UserActivityPanel.UserActivityPanel().
|
private |
Creates a TopProgramsResult from a TSK_PROG_RUN blackboard artifact.
| artifact | The TSK_PROG_RUN blackboard artifact. |
Definition at line 681 of file UserActivitySummary.java.
References org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_COUNT, org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_DATETIME, org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_PATH, and org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_PROG_NAME.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getTopPrograms().
|
private |
Return the translation of the original text if possible and differs from the original. Otherwise, return null.
| original | The original text. |
Definition at line 437 of file UserActivitySummary.java.
References org.sleuthkit.autopsy.texttranslation.TextTranslationService.hasProvider(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.logger, and org.sleuthkit.autopsy.texttranslation.TextTranslationService.translate().
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getMostRecentWebSearches().
|
staticprivate |
Attempts to obtain a web search result record from a blackboard artifact.
| artifact | The artifact. |
Definition at line 362 of file UserActivitySummary.java.
References org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_DATETIME_ACCESSED, and org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.TYPE_TEXT.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getMostRecentWebSearches().
|
staticprivate |
Returns true if number is non-null and higher than 0.
| longNum | The number. |
Definition at line 754 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getTopPrograms().
|
inherited |
Given a module data event, whether or not an update should occur.
| evt | The ModuleDataEvent that is occurring. |
Implements org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultUpdateGovernor.
Definition at line 38 of file DefaultArtifactUpdateGovernor.java.
References org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultArtifactUpdateGovernor.getArtifactTypeIdsForRefresh(), and org.sleuthkit.autopsy.ingest.ModuleDataEvent.getBlackboardArtifactType().
|
inherited |
Given a module content event, whether or not an update should occur.
| evt | The ModuleContentEvent. |
Implements org.sleuthkit.autopsy.datasourcesummary.uiutils.UpdateGovernor.
Implemented in org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary, org.sleuthkit.autopsy.datasourcesummary.datamodel.ContainerSummary, org.sleuthkit.autopsy.datasourcesummary.datamodel.MimeTypeSummary, and org.sleuthkit.autopsy.datasourcesummary.datamodel.TypesSummary.
Definition at line 42 of file DefaultUpdateGovernor.java.
|
inherited |
Implements org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultUpdateGovernor.
Definition at line 47 of file DefaultArtifactUpdateGovernor.java.
|
inherited |
Whether or not a newly added AbstractFile should trigger an update.
| evt | The AbstractFile. |
Implements org.sleuthkit.autopsy.datasourcesummary.uiutils.UpdateGovernor.
Implemented in org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary, org.sleuthkit.autopsy.datasourcesummary.datamodel.ContainerSummary, org.sleuthkit.autopsy.datasourcesummary.datamodel.MimeTypeSummary, and org.sleuthkit.autopsy.datasourcesummary.datamodel.TypesSummary.
Definition at line 67 of file DefaultUpdateGovernor.java.
|
inherited |
Given an ingest job event, determines whether or not an update should occur.
| evt | The event. |
Implemented in org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary, org.sleuthkit.autopsy.datasourcesummary.datamodel.MimeTypeSummary, and org.sleuthkit.autopsy.datasourcesummary.datamodel.TypesSummary.
|
inherited |
Given a case event, whether or not an update should occur.
| evt | The event. |
Implements org.sleuthkit.autopsy.datasourcesummary.uiutils.UpdateGovernor.
Definition at line 37 of file DefaultUpdateGovernor.java.
|
staticprivate |
Returns the compare value favoring the higher non-null number.
| long1 | First possibly null long. |
| long2 | Second possibly null long. |
Definition at line 735 of file UserActivitySummary.java.
|
staticprivate |
Definition at line 141 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getArtifactTypeIdsForRefresh().
|
private |
Definition at line 158 of file UserActivitySummary.java.
|
staticprivate |
Definition at line 151 of file UserActivitySummary.java.
|
staticprivate |
Definition at line 152 of file UserActivitySummary.java.
|
staticprivate |
Definition at line 155 of file UserActivitySummary.java.
|
staticprivate |
Definition at line 156 of file UserActivitySummary.java.
|
inherited |
Definition at line 34 of file DefaultArtifactUpdateGovernor.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultArtifactUpdateGovernor.getIngestJobEventUpdates().
|
private |
|
staticprivate |
Definition at line 154 of file UserActivitySummary.java.
|
staticprivate |
Definition at line 108 of file UserActivitySummary.java.
|
staticprivate |
Functions that determine the folder name of a list of path elements. If not matched, function returns null.
Definition at line 63 of file UserActivitySummary.java.
|
staticprivate |
Definition at line 111 of file UserActivitySummary.java.
|
staticprivate |
Sorts TopProgramsResults pushing highest run time count then most recent run and then the program name that comes earliest in the alphabet.
Definition at line 118 of file UserActivitySummary.java.
|
staticprivate |
Definition at line 112 of file UserActivitySummary.java.
|
private |
Definition at line 159 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.UserActivitySummary().
|
staticprivate |
Definition at line 106 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getTopProgramsResult().
|
staticprivate |
Definition at line 92 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getMessageAccountResult(), org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentDevices(), and org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getTopProgramsResult().
|
staticprivate |
|
staticprivate |
Definition at line 102 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentAccounts().
|
staticprivate |
Definition at line 99 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentAccounts().
|
staticprivate |
Definition at line 100 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentAccounts().
|
staticprivate |
Definition at line 101 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentAccounts().
|
staticprivate |
Definition at line 89 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentDevices().
|
staticprivate |
Definition at line 94 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentDevices().
|
staticprivate |
Definition at line 95 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentDevices().
|
staticprivate |
Definition at line 96 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getRecentDevices().
|
staticprivate |
Definition at line 103 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getDomainGroupsAndMostRecent().
|
staticprivate |
Definition at line 97 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getMessageAccountResult().
|
staticprivate |
Definition at line 105 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getTopProgramsResult().
|
staticprivate |
Definition at line 104 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getTopProgramsResult().
|
staticprivate |
Definition at line 98 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getWebSearchResult().
|
staticprivate |
Definition at line 90 of file UserActivitySummary.java.
Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.UserActivitySummary.getDomainGroupsAndMostRecent().
|
staticprivate |
Definition at line 109 of file UserActivitySummary.java.
Copyright © 2012-2021 Basis Technology. Generated on: Tue Jan 19 2021
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.