Autopsy
4.7.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
|
Static Public Member Functions | |
static< T > boolean | extractResourceToUserConfigDir (final Class< T > resourceClass, final String resourceFileName, boolean overWrite) throws IOException |
static String | getAllMemUsageInfo () |
static String | getDefaultPlatformCharset () |
static String | getDefaultPlatformFileEncoding () |
static String | getInstallModulesPath () |
static String | getInstallPath () |
static synchronized String | getJavaPath () |
static synchronized long | getJavaPID (String sigarSubQuery) |
static synchronized long[] | getJavaPIDs (String sigarSubQuery) |
static String | getJvmMemInfo () |
static String | getLogDirectory () |
static String | getLogFileEncoding () |
static String | getObjectDetectionClassifierPath () |
static String | getOSArch () |
static String | getOSFilePath (String origFilePath) |
static String | getOSName () |
static String | getOSVersion () |
static List< LocalDisk > | getPartitions () |
static List< LocalDisk > | getPhysicalDrives () |
static String | getPhysicalMemInfo () |
static synchronized long | getPID () |
static synchronized long | getProcessVirtualMemoryUsed () |
static List< String > | getProjectsDirs () |
static String | getUserConfigDirectory () |
static File | getUserDirectory () |
static String | getUserModulesPath () |
static String | getUserPythonModulesPath () |
static boolean | is64BitJVM () |
static boolean | is64BitOS () |
static boolean | isWindowsOS () |
static synchronized void | killProcess (long pid) |
Static Public Attributes | |
static final String | OS_ARCH_UNKNOWN = NbBundle.getMessage(PlatformUtil.class, "PlatformUtil.archUnknown") |
static final String | OS_NAME_UNKNOWN = NbBundle.getMessage(PlatformUtil.class, "PlatformUtil.nameUnknown") |
static final String | OS_VERSION_UNKNOWN = NbBundle.getMessage(PlatformUtil.class, "PlatformUtil.verUnknown") |
Static Private Member Functions | |
static boolean | canReadDrive (String diskPath) |
Static Private Attributes | |
static final String | CLASSIFIERS_SUBDIRECTORY = "object_detection_classifiers" |
static String | javaPath = null |
static volatile MemoryMXBean | memoryManager = null |
static volatile long | pid = -1 |
static final String | PYTHON_MODULES_SUBDIRECTORY = "python_modules" |
static volatile Sigar | sigar = null |
Platform utilities
Definition at line 51 of file PlatformUtil.java.
|
staticprivate |
Are we able to read this drive? Usually related to admin permissions.
For all drives and partitions, we are using Java's ability to read the first byte of a drive to determine if TSK would be able to read the drive during the add image process. This returns whether the drive is readable or not far faster than validating if TSK can open the drive. We are assuming the results are almost exactly the same.
diskPath | path to the disk we want to read |
IOException | if we fail to read |
Definition at line 438 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getPartitions(), and org.sleuthkit.autopsy.coreutils.PlatformUtil.getPhysicalDrives().
|
static |
Utility to extract a resource file to a user configuration directory, if it does not exist - useful for setting up default configurations.
resourceClass | class in the same package as the resourceFile to extract |
resourceFileName | Name of the resource file to extract |
overWrite | true to overwrite an existing resource |
IOException | exception thrown if extract the file failed for IO reasons |
Definition at line 234 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.getUserConfigDirectory().
Referenced by org.sleuthkit.autopsy.report.ReportBranding.extractDefaultGeneratorLogo(), org.sleuthkit.autopsy.coreutils.XMLUtil.validateDocument(), and org.sleuthkit.autopsy.coreutils.XMLUtil.xmlIsValid().
|
static |
Return formatted string with all memory usage (jvm, physical, native)
Definition at line 633 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.getJvmMemInfo(), org.sleuthkit.autopsy.coreutils.PlatformUtil.getPhysicalMemInfo(), and org.sleuthkit.autopsy.coreutils.PlatformUtil.getProcessVirtualMemoryUsed().
Referenced by org.sleuthkit.autopsy.ingest.IngestMonitor.MonitorTimerAction.logMemoryUsage().
|
static |
Definition at line 212 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.Installer.restored(), and org.sleuthkit.autopsy.keywordsearch.Server.InputStreamPrinterThread.run().
|
static |
Definition at line 208 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.Installer.restored().
|
static |
Get root path where the application modules are installed
Definition at line 80 of file PlatformUtil.java.
|
static |
Get root path where the application is installed
Definition at line 68 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getJavaPath(), and org.sleuthkit.autopsy.livetriage.CreateLiveTriageDriveAction.performAction().
|
static |
get file path to the java executable binary use embedded java if available, otherwise use system java in PATH no validation is done if java exists in PATH
Definition at line 136 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.getInstallPath(), and org.sleuthkit.autopsy.coreutils.PlatformUtil.javaPath.
|
static |
Query and get PID of another java process
sigarSubQuery | a sigar subquery to identify a unique java process among other java processes, for example, by class name, use: Args.*.eq=org.jboss.Main more examples here: http://support.hyperic.com/display/SIGAR/PTQL |
Definition at line 494 of file PlatformUtil.java.
References org.sleuthkit.autopsy.corelibs.SigarLoader.getSigar().
|
static |
Query and get PIDs of another java processes matching a query
sigarSubQuery | a sigar subquery to identify a java processes among other java processes, for example, by class name, use: Args.*.eq=org.jboss.Main more examples here: http://support.hyperic.com/display/SIGAR/PTQL |
Definition at line 526 of file PlatformUtil.java.
References org.sleuthkit.autopsy.corelibs.SigarLoader.getSigar().
|
static |
Return formatted string with Jvm heap and non-heap memory usage
Definition at line 599 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getAllMemUsageInfo().
|
static |
Get log directory path
Definition at line 203 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.casemodule.Case.close().
|
static |
Definition at line 216 of file PlatformUtil.java.
|
static |
Get root path where the user's object detection classifiers are stored.
Definition at line 125 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.CLASSIFIERS_SUBDIRECTORY, and org.sleuthkit.autopsy.coreutils.PlatformUtil.getUserDirectory().
Referenced by org.sleuthkit.autopsy.core.Installer.ensureClassifierFolderExists().
|
static |
Get OS arch details, or OS_ARCH_UNKNOWN
Definition at line 281 of file PlatformUtil.java.
|
static |
Convert file path (quote) for OS specific
origFilePath |
Definition at line 301 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.isWindowsOS().
|
static |
Get operating system name, or OS_NAME_UNKNOWN
Definition at line 263 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.isWindowsOS().
|
static |
Get operating system version, or OS_VERSION_UNKNOWN
Definition at line 272 of file PlatformUtil.java.
|
static |
Get a list all all the local drives and partitions on the client's machine.
Definition at line 391 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.canReadDrive(), and org.sleuthkit.autopsy.coreutils.PlatformUtil.isWindowsOS().
|
static |
Get a list of all physical drives attached to the client's machine. Error threshold of 4 non-existent physical drives before giving up.
Definition at line 340 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.canReadDrive(), and org.sleuthkit.autopsy.coreutils.PlatformUtil.isWindowsOS().
|
static |
Return formatted string with physical memory usage
Definition at line 618 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getAllMemUsageInfo().
|
static |
Query and get PID of this process
Definition at line 462 of file PlatformUtil.java.
References org.sleuthkit.autopsy.corelibs.SigarLoader.getSigar(), and org.sleuthkit.autopsy.coreutils.PlatformUtil.pid.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getProcessVirtualMemoryUsed(), and org.sleuthkit.autopsy.coreutils.Installer.restored().
|
static |
Query and return virtual memory used by the process
Definition at line 574 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.getPID(), and org.sleuthkit.autopsy.corelibs.SigarLoader.getSigar().
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getAllMemUsageInfo(), and org.sleuthkit.autopsy.coreutils.Installer.restored().
|
static |
|
static |
Get user config directory path
Definition at line 194 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.report.ReportBranding.extractDefaultGeneratorLogo(), org.sleuthkit.autopsy.coreutils.PlatformUtil.extractResourceToUserConfigDir(), org.sleuthkit.autopsy.ingest.IngestProfiles.getIngestProfiles(), org.sleuthkit.autopsy.report.ReportBranding.ReportBranding(), org.sleuthkit.autopsy.coreutils.XMLUtil.validateDocument(), and org.sleuthkit.autopsy.coreutils.XMLUtil.xmlIsValid().
|
static |
Get user directory where application wide user settings, cache, temp files are stored
Definition at line 165 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getObjectDetectionClassifierPath(), org.sleuthkit.autopsy.coreutils.PlatformUtil.getUserModulesPath(), org.sleuthkit.autopsy.coreutils.PlatformUtil.getUserPythonModulesPath(), and org.sleuthkit.autopsy.corecomponents.AboutWindowPanel.startVerboseLogging().
|
static |
Get root path where the user modules are installed
Definition at line 107 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.getUserDirectory().
|
static |
Get root path where the user Python modules are installed.
Definition at line 116 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.getUserDirectory(), and org.sleuthkit.autopsy.coreutils.PlatformUtil.PYTHON_MODULES_SUBDIRECTORY.
Referenced by org.sleuthkit.autopsy.actions.OpenPythonModulesFolderAction.actionPerformed(), org.sleuthkit.autopsy.core.Installer.ensurePythonModulesFolderExists(), and org.sleuthkit.autopsy.python.JythonModuleLoader.getInterfaceImplementations().
|
static |
Attempts to determine whether the JVM is 64-bit or 32-bit. May not be completely reliable for non-Windows operating systems.
Definition at line 330 of file PlatformUtil.java.
|
static |
Attempts to determine whether the operating system is a 64-bit operating system. May not be completely reliable for non-Windows operating systems.
Definition at line 316 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.casemodule.LocalFilesDSProcessor.locateEwfexportExecutable().
|
static |
Check if running on Windows OS
Definition at line 290 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.getOSName().
Referenced by org.sleuthkit.autopsy.coreutils.UNCPathUtilities.getMappedDrives(), org.sleuthkit.autopsy.coreutils.PlatformUtil.getOSFilePath(), org.sleuthkit.autopsy.coreutils.PlatformUtil.getPartitions(), org.sleuthkit.autopsy.coreutils.PlatformUtil.getPhysicalDrives(), org.sleuthkit.autopsy.core.Installer.loadDynLibraries(), and org.sleuthkit.autopsy.casemodule.LocalFilesDSProcessor.locateEwfexportExecutable().
|
static |
Kill a process by PID by sending signal to it using Sigar
pid | pid of the process to kill |
Definition at line 552 of file PlatformUtil.java.
References org.sleuthkit.autopsy.corelibs.SigarLoader.getSigar().
|
staticprivate |
Definition at line 54 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getObjectDetectionClassifierPath().
|
staticprivate |
Definition at line 55 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getJavaPath().
|
staticprivate |
Definition at line 61 of file PlatformUtil.java.
|
static |
Definition at line 58 of file PlatformUtil.java.
|
static |
Definition at line 56 of file PlatformUtil.java.
|
static |
Definition at line 57 of file PlatformUtil.java.
|
staticprivate |
Definition at line 59 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getPID().
|
staticprivate |
Definition at line 53 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getUserPythonModulesPath().
|
staticprivate |
Definition at line 60 of file PlatformUtil.java.
Copyright © 2012-2016 Basis Technology. Generated on: Mon Jun 18 2018
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.