|
Autopsy
4.17.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
|
Inherits org.sleuthkit.autopsy.ingest.FileIngestModule.
Classes | |
| class | Indexer |
| enum | IngestStatus |
| enum | StringsExtractOptions |
| enum | UpdateFrequency |
Public Member Functions | |
| ProcessResult | process (AbstractFile abstractFile) |
| void | shutDown () |
| void | startUp (IngestJobContext context) throws IngestModuleException |
Private Member Functions | |
| void | cleanup () |
| void | postIndexSummary () |
Static Private Member Functions | |
| static void | putIngestStatus (long ingestJobId, long fileId, IngestStatus status) |
Private Attributes | |
| IngestJobContext | context |
| FileTypeDetector | fileTypeDetector |
| Indexer | indexer |
| Ingester | ingester = null |
| boolean | initialized = false |
| int | instanceNum = 0 |
| long | jobId |
| final IngestServices | services = IngestServices.getInstance() |
| final KeywordSearchJobSettings | settings |
| boolean | startedSearching = false |
| Lookup | stringsExtractionContext |
Static Private Attributes | |
| static final List< String > | ARCHIVE_MIME_TYPES |
| static final Map< Long, Map< Long, IngestStatus > > | ingestStatus = new HashMap<>() |
| static final AtomicInteger | instanceCount = new AtomicInteger(0) |
| static final Logger | logger = Logger.getLogger(KeywordSearchIngestModule.class.getName()) |
| static final List< String > | METADATA_DATE_TYPES |
| static final Map< String, BlackboardAttribute.ATTRIBUTE_TYPE > | METADATA_TYPES_MAP |
| static final IngestModuleReferenceCounter | refCounter = new IngestModuleReferenceCounter() |
An ingest module on a file level Performs indexing of allocated and Solr supported files, string extraction and indexing of unallocated and not Solr supported files Index commit is done periodically (determined by user set ingest update interval) Runs a periodic keyword / regular expression search on currently configured lists for ingest and writes results to blackboard Reports interesting events to Inbox and to viewers
Definition at line 88 of file KeywordSearchIngestModule.java.
|
private |
Common cleanup code when module stops or final searcher completes
Definition at line 425 of file KeywordSearchIngestModule.java.
|
private |
Posts inbox message with summary of text_ingested files
Definition at line 433 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.ingest.IngestMessage.createMessage(), org.sleuthkit.autopsy.coreutils.MessageNotifyUtil.Notify.error(), org.sleuthkit.autopsy.ingest.IngestMessage.MessageType.INFO, org.sleuthkit.autopsy.ingest.IngestServices.postMessage(), and org.sleuthkit.autopsy.coreutils.MessageNotifyUtil.Notify.warn().
| ProcessResult org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.process | ( | AbstractFile | file | ) |
Processes a file. Called between calls to startUp() and shutDown(). Will be called for each file in a data source.
| file | The file to analyze. |
Implements org.sleuthkit.autopsy.ingest.FileIngestModule.
Definition at line 340 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.ingest.IngestJobContext.fileIngestIsCancelled(), org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.Indexer.indexFile(), org.sleuthkit.autopsy.ingest.IngestModule.ProcessResult.OK, and org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.IngestStatus.SKIPPED_ERROR_INDEXING.
|
staticprivate |
Records the ingest status for a given file for a given ingest job. Used for final statistics at the end of the job.
| ingestJobId | id of ingest job |
| fileId | id of file |
| status | ingest status of the file |
Definition at line 212 of file KeywordSearchIngestModule.java.
| void org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.shutDown | ( | ) |
After all files are ingested, execute final index commit and final search Cleanup resources, threads, timers
Implements org.sleuthkit.autopsy.ingest.FileIngestModule.
Definition at line 386 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.ingest.IngestModuleReferenceCounter.decrementAndGet(), org.sleuthkit.autopsy.ingest.IngestJobContext.fileIngestIsCancelled(), org.sleuthkit.autopsy.keywordsearch.KeywordSearch.getServer(), org.sleuthkit.autopsy.keywordsearch.Server.queryNumIndexedChunks(), and org.sleuthkit.autopsy.keywordsearch.Server.queryNumIndexedFiles().
| void org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.startUp | ( | IngestJobContext | context | ) | throws IngestModuleException |
Initializes the module for new ingest run Sets up threads, timers, retrieves settings, keyword lists to run on
Implements org.sleuthkit.autopsy.ingest.IngestModule.
Definition at line 241 of file KeywordSearchIngestModule.java.
References org.sleuthkit.autopsy.ingest.IngestMessage.createWarningMessage(), org.sleuthkit.autopsy.casemodule.Case.getCaseDirectory(), org.sleuthkit.autopsy.casemodule.Case.getCaseType(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCaseThrows(), org.sleuthkit.autopsy.ingest.IngestJobContext.getJobId(), org.sleuthkit.autopsy.keywordsearch.Server.getMultiUserServerProperties(), org.sleuthkit.autopsy.keywordsearch.KeywordSearch.getServer(), org.sleuthkit.autopsy.ingest.IngestModuleReferenceCounter.incrementAndGet(), org.sleuthkit.autopsy.casemodule.Case.CaseType.MULTI_USER_CASE, org.sleuthkit.autopsy.ingest.IngestServices.postMessage(), org.sleuthkit.autopsy.keywordsearch.Server.queryNumIndexedDocuments(), org.sleuthkit.autopsy.textextractors.configs.StringsConfig.setExtractUTF16(), org.sleuthkit.autopsy.textextractors.configs.StringsConfig.setExtractUTF8(), org.sleuthkit.autopsy.textextractors.configs.StringsConfig.setLanguageScripts(), and org.sleuthkit.autopsy.keywordsearchservice.KeywordSearchService.tryConnect().
|
staticprivate |
generally text extractors should ignore archives and let unpacking modules take care of them
Definition at line 95 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 191 of file KeywordSearchIngestModule.java.
Referenced by org.sleuthkit.autopsy.keywordsearch.KeywordSearchIngestModule.Indexer.extractStringsAndIndex().
|
private |
Definition at line 179 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 178 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 177 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 202 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 186 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 188 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 189 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 187 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 175 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 130 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 135 of file KeywordSearchIngestModule.java.
|
staticprivate |
Definition at line 190 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 176 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 185 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 183 of file KeywordSearchIngestModule.java.
|
private |
Definition at line 184 of file KeywordSearchIngestModule.java.
Copyright © 2012-2021 Basis Technology. Generated on: Tue Jan 19 2021
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.