Autopsy
4.1
Graphical digital forensics platform for The Sleuth Kit and other tools.
|
Inherits SwingWorker< Object, Void >.
Protected Member Functions | |
Object | doInBackground () throws Exception |
void | done () |
Private Member Functions | |
QueryResults | filterResults (QueryResults queryResult) |
void | finalizeSearcher () |
void | updateKeywords () |
Private Attributes | |
boolean | finalRun = false |
SearchJobInfo | job |
List< String > | keywordListNames |
List< KeywordList > | keywordLists |
List< Keyword > | keywords |
Map< Keyword, KeywordList > | keywordToList |
final Logger | logger = Logger.getLogger(SearchRunner.Searcher.class.getName()) |
AggregateProgressHandle | progressGroup |
Searcher responsible for searching the current index and writing results to blackboard and the inbox. Also, posts results to listeners as Ingest data events. Searches entire index, and keeps track of only new results to report and save. Runs as a background thread.
Definition at line 364 of file SearchRunner.java.
|
protected |
Definition at line 394 of file SearchRunner.java.
References org.sleuthkit.autopsy.coreutils.MessageNotifyUtil.Notify.error(), org.sleuthkit.autopsy.keywordsearch.SearchRunner.Searcher.filterResults(), org.sleuthkit.autopsy.keywordsearch.SearchRunner.Searcher.finalizeSearcher(), org.sleuthkit.autopsy.keywordsearch.SearchRunner.SearchJobInfo.getDataSourceId(), org.sleuthkit.autopsy.coreutils.StopWatch.getElapsedTimeSecs(), org.sleuthkit.autopsy.keywordsearch.SearchRunner.SearchJobInfo.searchNotify(), org.sleuthkit.autopsy.coreutils.StopWatch.start(), org.sleuthkit.autopsy.coreutils.StopWatch.stop(), and org.sleuthkit.autopsy.keywordsearch.SearchRunner.Searcher.updateKeywords().
|
protected |
Definition at line 518 of file SearchRunner.java.
References org.sleuthkit.autopsy.ingest.IngestMessage.createErrorMessage(), and org.sleuthkit.autopsy.ingest.IngestServices.postMessage().
|
private |
This method filters out all of the hits found in earlier periodic searches and returns only the results found by the most recent search.
This method will only return hits for objects for which we haven't previously seen a hit for the keyword.
queryResult | The results returned by a keyword search. |
Definition at line 580 of file SearchRunner.java.
References org.sleuthkit.autopsy.keywordsearch.SearchRunner.SearchJobInfo.addKeywordResults(), and org.sleuthkit.autopsy.keywordsearch.SearchRunner.SearchJobInfo.currentKeywordResults().
Referenced by org.sleuthkit.autopsy.keywordsearch.SearchRunner.Searcher.doInBackground().
|
private |
Performs the cleanup that needs to be done right AFTER doInBackground() returns without relying on done() method that is not guaranteed to run.
Definition at line 557 of file SearchRunner.java.
Referenced by org.sleuthkit.autopsy.keywordsearch.SearchRunner.Searcher.doInBackground().
|
private |
Sync-up the updated keywords from the currently used lists in the XML
Definition at line 535 of file SearchRunner.java.
Referenced by org.sleuthkit.autopsy.keywordsearch.SearchRunner.Searcher.doInBackground().
|
private |
Definition at line 376 of file SearchRunner.java.
|
private |
Searcher has private copies/snapshots of the lists and keywords
Definition at line 369 of file SearchRunner.java.
|
private |
Definition at line 371 of file SearchRunner.java.
|
private |
Definition at line 372 of file SearchRunner.java.
|
private |
Definition at line 370 of file SearchRunner.java.
|
private |
Definition at line 373 of file SearchRunner.java.
|
private |
Definition at line 375 of file SearchRunner.java.
|
private |
Definition at line 374 of file SearchRunner.java.
Copyright © 2012-2016 Basis Technology. Generated on: Mon Apr 24 2017
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.