Autopsy
4.7.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
|
Inherits SwingWorker< Object, Void >.
Protected Member Functions | |
Object | doInBackground () throws Exception |
Private Member Functions | |
QueryResults | filterResults (QueryResults queryResult) |
void | finalizeSearcher () |
void | updateKeywords () |
Private Attributes | |
boolean | finalRun = false |
SearchJobInfo | job |
List< String > | keywordListNames |
List< KeywordList > | keywordLists |
List< Keyword > | keywords |
Map< Keyword, KeywordList > | keywordToList |
final Logger | logger = Logger.getLogger(IngestSearchRunner.Searcher.class.getName()) |
AggregateProgressHandle | progressGroup |
Searcher responsible for searching the current index and writing results to blackboard and the inbox. Also, posts results to listeners as Ingest data events. Searches entire index, and keeps track of only new results to report and save. Runs as a background thread.
Definition at line 445 of file IngestSearchRunner.java.
|
protected |
Definition at line 475 of file IngestSearchRunner.java.
References org.sleuthkit.autopsy.coreutils.MessageNotifyUtil.Notify.error(), org.sleuthkit.autopsy.ingest.IngestJobContext.fileIngestIsCancelled(), org.sleuthkit.autopsy.keywordsearch.IngestSearchRunner.Searcher.filterResults(), org.sleuthkit.autopsy.keywordsearch.IngestSearchRunner.Searcher.finalizeSearcher(), org.sleuthkit.autopsy.keywordsearch.IngestSearchRunner.SearchJobInfo.getDataSourceId(), org.sleuthkit.autopsy.keywordsearch.IngestSearchRunner.SearchJobInfo.getJobContext(), org.sleuthkit.autopsy.keywordsearch.IngestSearchRunner.SearchJobInfo.searchNotify(), org.sleuthkit.autopsy.coreutils.StopWatch.start(), org.sleuthkit.autopsy.coreutils.StopWatch.stop(), and org.sleuthkit.autopsy.keywordsearch.IngestSearchRunner.Searcher.updateKeywords().
|
private |
This method filters out all of the hits found in earlier periodic searches and returns only the results found by the most recent search.
This method will only return hits for objects for which we haven't previously seen a hit for the keyword.
queryResult | The results returned by a keyword search. |
Definition at line 643 of file IngestSearchRunner.java.
References org.sleuthkit.autopsy.keywordsearch.IngestSearchRunner.SearchJobInfo.addKeywordResults(), and org.sleuthkit.autopsy.keywordsearch.IngestSearchRunner.SearchJobInfo.currentKeywordResults().
Referenced by org.sleuthkit.autopsy.keywordsearch.IngestSearchRunner.Searcher.doInBackground().
|
private |
Performs the cleanup that needs to be done right AFTER doInBackground() returns without relying on done() method that is not guaranteed to run.
Definition at line 619 of file IngestSearchRunner.java.
Referenced by org.sleuthkit.autopsy.keywordsearch.IngestSearchRunner.Searcher.doInBackground().
|
private |
Sync-up the updated keywords from the currently used lists in the XML
Definition at line 597 of file IngestSearchRunner.java.
Referenced by org.sleuthkit.autopsy.keywordsearch.IngestSearchRunner.Searcher.doInBackground().
|
private |
Definition at line 457 of file IngestSearchRunner.java.
|
private |
Searcher has private copies/snapshots of the lists and keywords
Definition at line 450 of file IngestSearchRunner.java.
|
private |
Definition at line 452 of file IngestSearchRunner.java.
|
private |
Definition at line 453 of file IngestSearchRunner.java.
|
private |
Definition at line 451 of file IngestSearchRunner.java.
|
private |
Definition at line 454 of file IngestSearchRunner.java.
|
private |
Definition at line 456 of file IngestSearchRunner.java.
|
private |
Definition at line 455 of file IngestSearchRunner.java.
Copyright © 2012-2016 Basis Technology. Generated on: Mon Jun 18 2018
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.