Autopsy  4.15.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
CaseUcoReportModule.java
Go to the documentation of this file.
1 /*
2  *
3  * Autopsy Forensic Browser
4  *
5  * Copyright 2018-2020 Basis Technology Corp.
6  * Project Contact/Architect: carrier <at> sleuthkit <dot> org
7  *
8  * Licensed under the Apache License, Version 2.0 (the "License");
9  * you may not use this file except in compliance with the License.
10  * You may obtain a copy of the License at
11  *
12  * http://www.apache.org/licenses/LICENSE-2.0
13  *
14  * Unless required by applicable law or agreed to in writing, software
15  * distributed under the License is distributed on an "AS IS" BASIS,
16  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17  * See the License for the specific language governing permissions and
18  * limitations under the License.
19  */
20 package org.sleuthkit.autopsy.report.modules.caseuco;
21 
22 import java.io.IOException;
23 import java.nio.file.Files;
24 import java.nio.file.Path;
25 import java.nio.file.Paths;
26 import java.util.ArrayDeque;
27 import java.util.Deque;
28 import java.util.HashSet;
29 import java.util.List;
30 import java.util.Set;
31 import java.util.logging.Level;
32 import java.util.stream.Collectors;
33 import javax.swing.JPanel;
34 import org.openide.util.NbBundle;
35 import org.sleuthkit.autopsy.casemodule.Case;
36 import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;
37 import org.sleuthkit.autopsy.coreutils.Logger;
38 import org.sleuthkit.autopsy.ingest.IngestManager;
39 import org.sleuthkit.autopsy.report.GeneralReportModule;
40 import org.sleuthkit.autopsy.report.GeneralReportSettings;
41 import org.sleuthkit.autopsy.report.ReportProgressPanel;
42 import org.sleuthkit.datamodel.AbstractFile;
43 import org.sleuthkit.datamodel.Content;
44 import org.sleuthkit.datamodel.TskCoreException;
45 import org.sleuthkit.datamodel.TskData;
46 
51 public final class CaseUcoReportModule implements GeneralReportModule {
52 
53  private static final Logger logger = Logger.getLogger(CaseUcoReportModule.class.getName());
54  private static final CaseUcoReportModule SINGLE_INSTANCE = new CaseUcoReportModule();
55 
56  //Supported types of TSK_FS_FILES
57  private static final Set<Short> SUPPORTED_TYPES = new HashSet<Short>() {{
58  add(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_UNDEF.getValue());
59  add(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_REG.getValue());
60  add(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_VIRT.getValue());
61  }};
62 
63  private static final String REPORT_FILE_NAME = "CASE_UCO_output";
64  private static final String EXTENSION = "json-ld";
65 
66  // Hidden constructor for the report
67  private CaseUcoReportModule() {
68  }
69 
70  // Get the default implementation of this report
71  public static synchronized CaseUcoReportModule getDefault() {
72  return SINGLE_INSTANCE;
73  }
74 
75  @Override
76  public String getName() {
77  return NbBundle.getMessage(this.getClass(), "CaseUcoReportModule.getName.text");
78  }
79 
80  @Override
81  public JPanel getConfigurationPanel() {
82  return null; // No configuration panel
83  }
84 
85  @Override
86  public String getRelativeFilePath() {
87  return REPORT_FILE_NAME + "." + EXTENSION;
88  }
89 
90  @Override
91  public String getDescription() {
92  return NbBundle.getMessage(this.getClass(), "CaseUcoReportModule.getDesc.text");
93  }
94 
100  public static String getReportFileName() {
101  return REPORT_FILE_NAME;
102  }
103 
104  @Override
105  public boolean supportsDataSourceSelection() {
106  return true;
107  }
108 
115  @NbBundle.Messages({
116  "CaseUcoReportModule.notInitialized=CASE-UCO settings panel has not been initialized",
117  "CaseUcoReportModule.noDataSourceSelected=No data source selected for CASE-UCO report",
118  "CaseUcoReportModule.ioError=I/O error encountered while generating report",
119  "CaseUcoReportModule.noCaseOpen=No case is currently open",
120  "CaseUcoReportModule.tskCoreException=TskCoreException [%s] encountered while generating the report. Please reference the log for more details.",
121  "CaseUcoReportModule.processingDataSource=Processing datasource: %s",
122  "CaseUcoReportModule.ingestWarning=Warning, this report will be created before ingest services completed",
123  "CaseUcoReportModule.unableToCreateDirectories=Unable to create directory for CASE-UCO report",
124  "CaseUcoReportModule.srcModuleName=CASE-UCO Report"
125  })
126  @Override
127  public void generateReport(GeneralReportSettings settings, ReportProgressPanel progressPanel) {
128  try {
129  // Check if ingest has finished
130  warnIngest(progressPanel);
131 
132  //Create report paths if they don't already exist.
133  Path reportDirectory = Paths.get(settings.getReportDirectoryPath());
134  try {
135  Files.createDirectories(reportDirectory);
136  } catch (IOException ex) {
137  logger.log(Level.WARNING, "Unable to create directory for CASE-UCO report.", ex);
138  progressPanel.complete(ReportProgressPanel.ReportStatus.ERROR,
139  Bundle.CaseUcoReportModule_unableToCreateDirectories());
140  return;
141  }
142 
143  CaseUcoReportGenerator generator =
144  new CaseUcoReportGenerator(reportDirectory, REPORT_FILE_NAME);
145 
146  //First write the Case to the report file.
147  Case caseObj = Case.getCurrentCaseThrows();
148  generator.addCase(caseObj);
149 
150  List<Content> dataSources = caseObj.getDataSources().stream()
151  .filter((dataSource) -> {
152  if(settings.getSelectedDataSources() == null) {
153  // Assume all data sources if list is null.
154  return true;
155  }
156  return settings.getSelectedDataSources().contains(dataSource.getId());
157  })
158  .collect(Collectors.toList());
159 
160  progressPanel.setIndeterminate(false);
161  progressPanel.setMaximumProgress(dataSources.size());
162  progressPanel.start();
163 
164  //Then search each data source for file content.
165  for(int i = 0; i < dataSources.size(); i++) {
166  Content dataSource = dataSources.get(i);
167  progressPanel.updateStatusLabel(String.format(
168  Bundle.CaseUcoReportModule_processingDataSource(),
169  dataSource.getName()));
170  //Add the data source and then all children.
171  generator.addDataSource(dataSource, caseObj);
172  performDepthFirstSearch(dataSource, generator);
173  progressPanel.setProgress(i+1);
174  }
175 
176  //Complete the report.
177  Path reportPath = generator.generateReport();
178  caseObj.addReport(reportPath.toString(),
179  Bundle.CaseUcoReportModule_srcModuleName(),
180  REPORT_FILE_NAME);
181  progressPanel.complete(ReportProgressPanel.ReportStatus.COMPLETE);
182  } catch (IOException ex) {
183  logger.log(Level.WARNING, "I/O error encountered while generating the report.", ex);
184  progressPanel.complete(ReportProgressPanel.ReportStatus.ERROR,
185  Bundle.CaseUcoReportModule_ioError());
186  } catch (NoCurrentCaseException ex) {
187  logger.log(Level.WARNING, "No case open.", ex);
188  progressPanel.complete(ReportProgressPanel.ReportStatus.ERROR,
189  Bundle.CaseUcoReportModule_noCaseOpen());
190  } catch (TskCoreException ex) {
191  logger.log(Level.WARNING, "TskCoreException encounted while generating the report.", ex);
192  progressPanel.complete(ReportProgressPanel.ReportStatus.ERROR,
193  String.format(Bundle.CaseUcoReportModule_tskCoreException(), ex.toString()));
194  }
195 
196  progressPanel.complete(ReportProgressPanel.ReportStatus.COMPLETE);
197  }
198 
202  private void warnIngest(ReportProgressPanel progressPanel) {
203  if (IngestManager.getInstance().isIngestRunning()) {
204  progressPanel.updateStatusLabel(Bundle.CaseUcoReportModule_ingestWarning());
205  }
206  }
207 
212  private void performDepthFirstSearch(Content dataSource,
213  CaseUcoReportGenerator generator) throws IOException, TskCoreException {
214 
215  Deque<Content> stack = new ArrayDeque<>();
216  stack.addAll(dataSource.getChildren());
217 
218  //Depth First Search the data source tree.
219  while(!stack.isEmpty()) {
220  Content current = stack.pop();
221  if(current instanceof AbstractFile) {
222  AbstractFile f = (AbstractFile) (current);
223  if(SUPPORTED_TYPES.contains(f.getMetaType().getValue())) {
224  generator.addFile(f, dataSource);
225  }
226  }
227 
228  for(Content child : current.getChildren()) {
229  stack.push(child);
230  }
231  }
232  }
233 }
org.sleuthkit.autopsy.casemodule.Case.getDataSources
List< Content > getDataSources()
Definition: Case.java:1443
org.sleuthkit.autopsy.ingest.IngestManager.getInstance
static synchronized IngestManager getInstance()
Definition: IngestManager.java:146
org.sleuthkit.autopsy.casemodule.Case.addReport
void addReport(String localPath, String srcModuleName, String reportName)
Definition: Case.java:1661
org.sleuthkit.autopsy.report.modules.caseuco.CaseUcoReportModule.performDepthFirstSearch
void performDepthFirstSearch(Content dataSource, CaseUcoReportGenerator generator)
Definition: CaseUcoReportModule.java:212
org.sleuthkit.autopsy.report.modules.caseuco.CaseUcoReportModule.generateReport
void generateReport(GeneralReportSettings settings, ReportProgressPanel progressPanel)
Definition: CaseUcoReportModule.java:127
org.sleuthkit.autopsy.coreutils.Logger.getLogger
synchronized static Logger getLogger(String name)
Definition: Logger.java:124

Copyright © 2012-2020 Basis Technology. Generated on: Mon Jul 6 2020
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.