Autopsy  4.22.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
Public Member Functions | Private Attributes | List of all members
org.sleuthkit.autopsy.discovery.search.SearchFiltering.InterestingFileSetFilter Class Reference

Inherits org.sleuthkit.autopsy.discovery.search.AbstractFilter.

Public Member Functions

 InterestingFileSetFilter (List< String > setNames)
 
List< ResultapplyAlternateFilter (List< Result > currentResults, SleuthkitCase caseDb, CentralRepository centralRepoDb, SearchContext context) throws DiscoveryException, SearchCancellationException
 
String getDesc ()
 
String getWhereClause ()
 
boolean useAlternateFilter ()
 

Private Attributes

final List< String > setNames
 

Detailed Description

A filter for specifying interesting file set names. A file must match one of the given sets to pass.

Definition at line 860 of file SearchFiltering.java.

Constructor & Destructor Documentation

org.sleuthkit.autopsy.discovery.search.SearchFiltering.InterestingFileSetFilter.InterestingFileSetFilter ( List< String >  setNames)

Create the InterestingFileSetFilter.

Parameters
setNamesThe interesting file set names for this filter.

Definition at line 869 of file SearchFiltering.java.

References org.sleuthkit.autopsy.discovery.search.SearchFiltering.InterestingFileSetFilter.setNames.

Member Function Documentation

List<Result> org.sleuthkit.autopsy.discovery.search.AbstractFilter.applyAlternateFilter ( List< Result currentResults,
SleuthkitCase  caseDb,
CentralRepository  centralRepoDb,
SearchContext  context 
) throws DiscoveryException, SearchCancellationException
inherited

Run a secondary filter that does not operate on table.

Parameters
currentResultsThe current list of matching results; empty if no filters have yet been run.
caseDbThe case database
centralRepoDbThe central repo database. Can be null if the filter does not require it.
contextThe SearchContext the search which is applying this filter is being performed from.
Returns
The list of results that match this filter (and any that came before it)
Exceptions
DiscoveryException
SearchCancellationExceptionThrown when the user has cancelled the search.

Definition at line 67 of file AbstractFilter.java.

String org.sleuthkit.autopsy.discovery.search.SearchFiltering.InterestingFileSetFilter.getDesc ( )

Definition at line 895 of file SearchFiltering.java.

References org.sleuthkit.autopsy.discovery.search.SearchFiltering.concatenateSetNamesForDisplay().

String org.sleuthkit.autopsy.discovery.search.SearchFiltering.InterestingFileSetFilter.getWhereClause ( )

("deprecation") - we need to support already existing interesting file and artifact hits.

Definition at line 879 of file SearchFiltering.java.

References org.sleuthkit.autopsy.discovery.search.SearchFiltering.concatenateNamesForSQL(), org::sleuthkit::datamodel::BlackboardArtifact::ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT, org::sleuthkit::datamodel::BlackboardArtifact::ARTIFACT_TYPE.TSK_INTERESTING_ITEM, and org::sleuthkit::datamodel::BlackboardAttribute::ATTRIBUTE_TYPE.TSK_SET_NAME.

boolean org.sleuthkit.autopsy.discovery.search.AbstractFilter.useAlternateFilter ( )
inherited

Indicates whether this filter needs to use the secondary, non-SQL method applyAlternateFilter().

Returns
false by default

Definition at line 45 of file AbstractFilter.java.

Member Data Documentation

final List<String> org.sleuthkit.autopsy.discovery.search.SearchFiltering.InterestingFileSetFilter.setNames
private

Definition at line 862 of file SearchFiltering.java.

Referenced by org.sleuthkit.autopsy.discovery.search.SearchFiltering.InterestingFileSetFilter.InterestingFileSetFilter().

The documentation for this class was generated from the following file:

Copyright © 2012-2024 Sleuth Kit Labs. Generated on: Mon Mar 17 2025
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.