|
Autopsy
4.19.3
Graphical digital forensics platform for The Sleuth Kit and other tools.
|
Classes | |
| interface | ParseExceptionFunction |
| class | TsvColumn |
Public Member Functions | |
| LeappFileProcessor (String xmlFile, String moduleName, String leapModule, IngestJobContext context) throws IOException, IngestModuleException, NoCurrentCaseException | |
| ProcessResult | processFiles (Content dataSource, Path moduleOutputPath, AbstractFile LeappFile, DataSourceIngestModuleProgress progress) |
| ProcessResult | processFileSystem (Content dataSource, Path moduleOutputPath, DataSourceIngestModuleProgress progress) |
Private Member Functions | |
| boolean | checkCancelled () |
| void | configExtractor () throws IOException |
| BlackboardArtifact | createArtifactWithAttributes (BlackboardArtifact.Type artType, Content dataSource, Collection< BlackboardAttribute > bbattributes) |
| void | createCalllogRelationship (Collection< BlackboardAttribute > bbattributes, Content dataSource, String fileName) throws IngestModuleException |
| void | createContactRelationship (Collection< BlackboardAttribute > bbattributes, Content dataSource, String fileName) throws IngestModuleException |
| void | createCustomArtifacts (Blackboard blkBoard) |
| void | createCustomAttributesArtifacts (Blackboard blkBoard, String atType, String atName, String atDescription, String attrType) |
| void | createMessageRelationship (Collection< BlackboardAttribute > bbattributes, Content dataSource, String fileName) throws IngestModuleException |
| void | createRoute (Collection< BlackboardAttribute > bbattributes, Content dataSource, String fileName) throws IngestModuleException |
| AbstractFile | createTrackpoint (Collection< BlackboardAttribute > bbattributes, Content dataSource, String fileName, String trackpointSegmentName, GeoTrackPoints pointList) throws IngestModuleException |
| AbstractFile | findAbstractFile (Content dataSource, String fileNamePath) |
| List< String > | findTsvFiles (Path LeappOutputDir) throws IngestModuleException |
| String | formatValueBasedOnAttrType (TsvColumn colAttr, String value) |
| Account.Type | getAccountType (String AccountTypeName) |
| void | getArtifactNode (Document xmlinput) |
| BlackboardAttribute | getAttribute (BlackboardAttribute.Type attrType, String value, String fileName) |
| void | getAttributeNodes (Document xmlinput) |
| void | getFileNode (Document xmlinput) |
| String | getXmlAttrIdentifier (String fileName, String attributeName) |
| String | getXmlFileIdentifier (String fileName) |
| void | loadConfigFile () throws IngestModuleException |
| void | loadCustomArtifactsAttributes (Blackboard blkBoard, String leapModule) |
| void | loadIndividualConfigFile (String path) throws IngestModuleException |
| BlackboardAttribute | parseAttrValue (String value, BlackboardAttribute.Type attrType, String fileName, boolean blankIsNull, boolean zeroIsNull, ParseExceptionFunction valueConverter) |
| void | processFile (File LeappFile, List< TsvColumn > attrList, String fileName, BlackboardArtifact.Type artifactType, Content dataSource) throws FileNotFoundException, IOException, IngestModuleException, TskCoreException |
| void | processLeappFiles (List< String > LeappFilesToProcess, Content dataSource, DataSourceIngestModuleProgress progress) throws IngestModuleException |
| Collection< BlackboardAttribute > | processReadLine (List< String > lineValues, Map< String, Integer > columnIndexes, List< TsvColumn > attrList, String fileName, int lineNum) throws IngestModuleException |
Static Private Member Functions | |
| static String | normalizeKey (String origKey) |
Private Attributes | |
| final String | ARTIFACT_ATTRIBUTE_REFERENCE_USER = "artifact-attribute-reference-user.xml" |
| final Blackboard | blkBoard |
| final IngestJobContext | context |
| final String | CUSTOM_ARTIFACTS_ATTRIBUTES_FILE = "custom-artifact-attribute-list.csv" |
| final String | leapModule |
| final String | moduleName |
| final Map< String, String > | tsvFileArtifactComments |
| final Map< String, BlackboardArtifact.Type > | tsvFileArtifacts |
| final Map< String, List< TsvColumn > > | tsvFileAttributes |
| final Map< String, String > | tsvFiles |
| final String | xmlFile |
Static Private Attributes | |
| static final Map< String, String > | ACCOUNT_RELATIONSHIPS |
| static final Set< String > | ALLOWED_EXTENSIONS = new HashSet<>(Arrays.asList("zip", "tar", "tgz")) |
| static final Map< String, String > | CUSTOM_ARTIFACT_MAP |
| static final Logger | logger = Logger.getLogger(LeappFileProcessor.class.getName()) |
| static final DateFormat | TIMESTAMP_FORMAT = new SimpleDateFormat("yyyy-MM-d HH:mm:ss", US) |
Find and process output from Leapp program and bring into Autopsy
Definition at line 99 of file LeappFileProcessor.java.
| org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.LeappFileProcessor | ( | String | xmlFile, |
| String | moduleName, | ||
| String | leapModule, | ||
| IngestJobContext | context | ||
| ) | throws IOException, IngestModuleException, NoCurrentCaseException |
Definition at line 205 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.configExtractor(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.context, org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createCustomArtifacts(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCaseThrows(), org.sleuthkit.autopsy.casemodule.Case.getSleuthkitCase(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.leapModule, org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.loadConfigFile(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.loadCustomArtifactsAttributes(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.moduleName, org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.tsvFileArtifacts, and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.xmlFile.
|
private |
Definition at line 307 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.ingest.IngestJobContext.dataSourceIngestIsCancelled().
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFiles(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFileSystem(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processLeappFiles().
|
private |
Extract the Leapp config xml file to the user directory to process
Definition at line 1299 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.extractResourceToUserConfigDir().
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.LeappFileProcessor().
|
private |
Generic method for creating a blackboard artifact with attributes
| artType | The artifact type. |
| dataSource | is the Content object that needs to have the artifact added for it |
| bbattributes | is the collection of blackboard attributes that need to be added to the artifact after the artifact has been created |
Definition at line 1259 of file LeappFileProcessor.java.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFile().
|
private |
Definition at line 750 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.findAbstractFile(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getAccountType(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCaseThrows(), org.sleuthkit.autopsy.ingest.IngestJobContext.getJobId(), org.sleuthkit.autopsy.casemodule.Case.getSleuthkitCase(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.moduleName.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFile().
|
private |
Definition at line 680 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.findAbstractFile(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getAccountType(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCaseThrows(), org.sleuthkit.autopsy.ingest.IngestJobContext.getJobId(), org.sleuthkit.autopsy.casemodule.Case.getSleuthkitCase(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.moduleName.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFile().
|
private |
Create custom artifacts that are defined in the xLeapp xml file(s).
Definition at line 1449 of file LeappFileProcessor.java.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.LeappFileProcessor().
|
private |
Create custom attributes that are defined in the xLeapp xml file(s).
Definition at line 1383 of file LeappFileProcessor.java.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.loadCustomArtifactsAttributes().
|
private |
Definition at line 577 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.findAbstractFile(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getAccountType(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCaseThrows(), org.sleuthkit.autopsy.ingest.IngestJobContext.getJobId(), org.sleuthkit.autopsy.casemodule.Case.getSleuthkitCase(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.moduleName.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFile().
|
private |
Definition at line 444 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.findAbstractFile(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCaseThrows(), org.sleuthkit.autopsy.ingest.IngestJobContext.getJobId(), org.sleuthkit.autopsy.casemodule.Case.getSleuthkitCase(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.moduleName.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFile().
|
private |
Definition at line 512 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.findAbstractFile(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCaseThrows(), org.sleuthkit.autopsy.ingest.IngestJobContext.getJobId(), org.sleuthkit.autopsy.casemodule.Case.getSleuthkitCase(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.moduleName.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFile().
|
private |
Definition at line 1464 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.casemodule.services.FileManager.findFiles(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCase(), org.sleuthkit.autopsy.casemodule.services.Services.getFileManager(), and org.sleuthkit.autopsy.casemodule.Case.getServices().
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createCalllogRelationship(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createContactRelationship(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createMessageRelationship(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createRoute(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createTrackpoint().
|
private |
Find the tsv files in the Leapp output directory and match them to files we know we want to process and return the list to process those files.
Definition at line 284 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.normalizeKey().
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFiles(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFileSystem().
|
private |
Check type of attribute and possibly format string based on it.
| colAttr | Column Attribute information |
| value | string to be formatted |
Definition at line 976 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.coreutils.NetworkUtils.extractDomain().
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processReadLine().
|
private |
Definition at line 827 of file LeappFileProcessor.java.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createCalllogRelationship(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createContactRelationship(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createMessageRelationship().
|
private |
Definition at line 1147 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.casemodule.Case.getCurrentCase(), org.sleuthkit.autopsy.casemodule.Case.getSleuthkitCase(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getXmlFileIdentifier(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.normalizeKey(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.tsvFileArtifacts.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.loadIndividualConfigFile().
|
private |
Gets an appropriate attribute based on the attribute type and string value.
| attrType | The attribute type. |
| value | The string value to be converted to the appropriate data type for the attribute type. |
| fileName | The file name that the value comes from. |
Definition at line 1000 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.parseAttrValue().
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processReadLine().
|
private |
Definition at line 1189 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.casemodule.Case.getCurrentCase(), org.sleuthkit.autopsy.casemodule.Case.getSleuthkitCase(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getXmlAttrIdentifier(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.normalizeKey().
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.loadIndividualConfigFile().
|
private |
Definition at line 1135 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.normalizeKey().
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.loadIndividualConfigFile().
|
private |
Definition at line 1183 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getXmlFileIdentifier().
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getAttributeNodes().
|
private |
Definition at line 1177 of file LeappFileProcessor.java.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getArtifactNode(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getXmlAttrIdentifier().
|
private |
Read the XML config file and load the mappings into maps
Definition at line 1094 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.ARTIFACT_ATTRIBUTE_REFERENCE_USER, org.sleuthkit.autopsy.coreutils.PlatformUtil.getUserConfigDirectory(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.loadIndividualConfigFile(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.xmlFile.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.LeappFileProcessor().
|
private |
Create custom artifacts that are defined in the xLeapp xml file(s).
Definition at line 1344 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createCustomAttributesArtifacts(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.CUSTOM_ARTIFACTS_ATTRIBUTES_FILE, and org.sleuthkit.autopsy.coreutils.PlatformUtil.getUserConfigDirectory().
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.LeappFileProcessor().
|
private |
Read the XML config file and load the mappings into maps
Definition at line 1113 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getArtifactNode(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getAttributeNodes(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getFileNode().
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.loadConfigFile().
|
staticprivate |
Generates a key trimmed and case-insensitive that can be used for a case-insensitive lookup in a map.
| origKey | The original key. |
Definition at line 231 of file LeappFileProcessor.java.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.findTsvFiles(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getArtifactNode(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getAttributeNodes(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getFileNode(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processLeappFiles(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processReadLine().
|
private |
Runs parsing function on string value to convert to right data type and generates a blackboard attribute for that converted data type.
| value | The string value. |
| attrType | The blackboard attribute type. |
| fileName | The name of the file from which the value comes. |
| blankIsNull | If string is blank return null attribute. |
| zeroIsNull | If string is some version of 0, return null attribute. |
| valueConverter | The means of converting the string value to an appropriate blackboard attribute. |
Definition at line 1070 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.ParseExceptionFunction.apply().
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getAttribute().
|
private |
Definition at line 358 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createArtifactWithAttributes(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createCalllogRelationship(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createContactRelationship(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createMessageRelationship(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createRoute(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createTrackpoint(), org.sleuthkit.autopsy.casemodule.Case.getCurrentCaseThrows(), org.sleuthkit.autopsy.ingest.IngestJobContext.getJobId(), org.sleuthkit.autopsy.casemodule.Case.getSleuthkitCase(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.moduleName, and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processReadLine().
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processLeappFiles().
| ProcessResult org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFiles | ( | Content | dataSource, |
| Path | moduleOutputPath, | ||
| AbstractFile | LeappFile, | ||
| DataSourceIngestModuleProgress | progress | ||
| ) |
Definition at line 246 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.checkCancelled(), org.sleuthkit.autopsy.ingest.IngestModule.ProcessResult.ERROR, org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.findTsvFiles(), org.sleuthkit.autopsy.ingest.IngestModule.ProcessResult.OK, org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processLeappFiles(), org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProgress.progress(), and org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProgress.switchToIndeterminate().
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.ALeappAnalyzerIngestModule.processALeappFile(), and org.sleuthkit.autopsy.modules.leappanalyzers.ILeappAnalyzerIngestModule.processILeappFile().
| ProcessResult org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFileSystem | ( | Content | dataSource, |
| Path | moduleOutputPath, | ||
| DataSourceIngestModuleProgress | progress | ||
| ) |
Definition at line 263 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.checkCancelled(), org.sleuthkit.autopsy.ingest.IngestModule.ProcessResult.ERROR, org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.findTsvFiles(), org.sleuthkit.autopsy.ingest.IngestModule.ProcessResult.OK, org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processLeappFiles(), org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProgress.progress(), and org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProgress.switchToIndeterminate().
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.ALeappAnalyzerIngestModule.processALeappFs(), and org.sleuthkit.autopsy.modules.leappanalyzers.ILeappAnalyzerIngestModule.processILeappFs().
|
private |
Process the Leapp files that were found that match the xml mapping file
| LeappFilesToProcess | List of files to process. |
| dataSource | The data source. |
| progress | Means of updating progress in UI. |
| FileNotFoundException | |
| IOException |
Definition at line 330 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.checkCancelled(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.normalizeKey(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFile(), org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProgress.progress(), org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProgress.switchToDeterminate(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.tsvFileArtifacts.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFiles(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFileSystem().
|
private |
Process the line read and create the necessary attributes for it.
| lineValues | List of column values. |
| columnIndexes | Mapping of column headers (trimmed; to lower case) to column index. All header columns and only all header columns should be present. |
| attrList | The list of attributes as specified for the schema of this file. |
| fileName | The name of the file being processed. |
| lineNum | The line number in the file. |
| IngestModuleException |
Definition at line 913 of file LeappFileProcessor.java.
References org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.formatValueBasedOnAttrType(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getAttribute(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.normalizeKey().
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFile().
|
staticprivate |
Definition at line 165 of file LeappFileProcessor.java.
|
staticprivate |
Definition at line 1304 of file LeappFileProcessor.java.
|
private |
Definition at line 149 of file LeappFileProcessor.java.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.loadConfigFile().
|
private |
Definition at line 203 of file LeappFileProcessor.java.
|
private |
Definition at line 154 of file LeappFileProcessor.java.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.LeappFileProcessor().
|
staticprivate |
Definition at line 161 of file LeappFileProcessor.java.
|
private |
Definition at line 148 of file LeappFileProcessor.java.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.loadCustomArtifactsAttributes().
|
private |
Definition at line 152 of file LeappFileProcessor.java.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.LeappFileProcessor().
|
staticprivate |
Definition at line 147 of file LeappFileProcessor.java.
|
private |
Definition at line 153 of file LeappFileProcessor.java.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createCalllogRelationship(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createContactRelationship(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createMessageRelationship(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createRoute(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.createTrackpoint(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.LeappFileProcessor(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processFile().
|
staticprivate |
The format of time stamps in tsv.
Definition at line 987 of file LeappFileProcessor.java.
|
private |
Definition at line 158 of file LeappFileProcessor.java.
|
private |
Definition at line 157 of file LeappFileProcessor.java.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.getArtifactNode(), org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.LeappFileProcessor(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.processLeappFiles().
|
private |
Definition at line 159 of file LeappFileProcessor.java.
|
private |
Definition at line 156 of file LeappFileProcessor.java.
|
private |
Definition at line 151 of file LeappFileProcessor.java.
Referenced by org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.LeappFileProcessor(), and org.sleuthkit.autopsy.modules.leappanalyzers.LeappFileProcessor.loadConfigFile().
Copyright © 2012-2022 Basis Technology. Generated on: Tue Jun 27 2023
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.