Autopsy  4.19.3
Graphical digital forensics platform for The Sleuth Kit and other tools.
Public Member Functions | Private Member Functions | Private Attributes | Static Private Attributes | List of all members
org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary Class Reference

Public Member Functions

 AnalysisSummary ()
 
 AnalysisSummary (SleuthkitCaseProvider provider)
 
List< Pair< String, Long > > getHashsetCounts (DataSource dataSource) throws SleuthkitCaseProviderException, TskCoreException
 
List< Pair< String, Long > > getInterestingItemCounts (DataSource dataSource) throws SleuthkitCaseProviderException, TskCoreException
 
List< Pair< String, Long > > getKeywordCounts (DataSource dataSource) throws SleuthkitCaseProviderException, TskCoreException
 

Private Member Functions

List< Pair< String, Long > > getCountsData (DataSource dataSource, BlackboardAttribute.Type keyType, ARTIFACT_TYPE...artifactTypes) throws SleuthkitCaseProviderException, TskCoreException
 

Private Attributes

final SleuthkitCaseProvider provider
 

Static Private Attributes

static final Set< String > EXCLUDED_KEYWORD_SEARCH_ITEMS = new HashSet<>()
 
static final BlackboardAttribute.Type TYPE_SET_NAME = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_SET_NAME)
 

Detailed Description

Helper class for getting hash set hits, keyword hits, and interesting item hits within a datasource.

Definition at line 44 of file AnalysisSummary.java.

Constructor & Destructor Documentation

org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.AnalysisSummary ( )

Main constructor.

Definition at line 54 of file AnalysisSummary.java.

References org.sleuthkit.autopsy.datasourcesummary.datamodel.SleuthkitCaseProvider.DEFAULT.

org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.AnalysisSummary ( SleuthkitCaseProvider  provider)

Main constructor.

Parameters
providerThe means of obtaining a sleuthkit case.

Definition at line 63 of file AnalysisSummary.java.

References org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.provider.

Member Function Documentation

List<Pair<String, Long> > org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.getCountsData ( DataSource  dataSource,
BlackboardAttribute.Type  keyType,
ARTIFACT_TYPE...  artifactTypes 
) throws SleuthkitCaseProviderException, TskCoreException
private

Get counts for the artifact of the specified type.

Parameters
dataSourceThe datasource.
keyTypeThe attribute to use as the key type.
artifactTypesThe types of artifacts for which to query.
Returns
A list of key value pairs where the key is the attribute type value and the value is the count of items found. This list is sorted by the count descending max to min.
Exceptions
SleuthkitCaseProviderException
TskCoreException

Definition at line 132 of file AnalysisSummary.java.

References org.sleuthkit.autopsy.datasourcesummary.datamodel.SleuthkitCaseProvider.get(), and org.sleuthkit.autopsy.datasourcesummary.datamodel.DataSourceInfoUtilities.getStringOrNull().

Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.getHashsetCounts(), org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.getInterestingItemCounts(), and org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.getKeywordCounts().

List<Pair<String, Long> > org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.getHashsetCounts ( DataSource  dataSource) throws SleuthkitCaseProviderException, TskCoreException

Gets counts for hashset hits.

Parameters
dataSourceThe datasource for which to identify hashset hits.
Returns
The hashset set name with the number of hits in descending order.
Exceptions
SleuthkitCaseProviderException
TskCoreException

Definition at line 77 of file AnalysisSummary.java.

References org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.getCountsData(), and org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.TYPE_SET_NAME.

Referenced by org.sleuthkit.autopsy.datasourcesummary.ui.AnalysisSummaryGetter.getHashsetCounts().

List<Pair<String, Long> > org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.getInterestingItemCounts ( DataSource  dataSource) throws SleuthkitCaseProviderException, TskCoreException

Gets counts for interesting item hits.

Parameters
dataSourceThe datasource for which to identify interesting item hits.
Returns
The interesting item set name with the number of hits in descending order.
Exceptions
SleuthkitCaseProviderException
TskCoreException("deprecation") - we need to support already existing interesting file and artifact hits.

Definition at line 114 of file AnalysisSummary.java.

References org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.getCountsData(), and org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.TYPE_SET_NAME.

Referenced by org.sleuthkit.autopsy.datasourcesummary.ui.AnalysisSummaryGetter.getInterestingItemCounts().

List<Pair<String, Long> > org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.getKeywordCounts ( DataSource  dataSource) throws SleuthkitCaseProviderException, TskCoreException

Gets counts for keyword hits.

Parameters
dataSourceThe datasource for which to identify keyword hits.
Returns
The keyword set name with the number of hits in descending order.
Exceptions
SleuthkitCaseProviderException
TskCoreException

Definition at line 91 of file AnalysisSummary.java.

References org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.getCountsData(), and org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.TYPE_SET_NAME.

Referenced by org.sleuthkit.autopsy.datasourcesummary.ui.AnalysisSummaryGetter.getKeywordCounts().

Member Data Documentation

final Set<String> org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.EXCLUDED_KEYWORD_SEARCH_ITEMS = new HashSet<>()
staticprivate

Definition at line 47 of file AnalysisSummary.java.

final SleuthkitCaseProvider org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.provider
private

Definition at line 49 of file AnalysisSummary.java.

Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.AnalysisSummary().

final BlackboardAttribute.Type org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.TYPE_SET_NAME = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_SET_NAME)
staticprivate

Definition at line 46 of file AnalysisSummary.java.

Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.getHashsetCounts(), org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.getInterestingItemCounts(), and org.sleuthkit.autopsy.datasourcesummary.datamodel.AnalysisSummary.getKeywordCounts().

The documentation for this class was generated from the following file:

Copyright © 2012-2022 Basis Technology. Generated on: Sun Apr 2 2023
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.