jni-docs/4.11.0/_blackboard_artifact_8java_source.html

 /*

  * Sleuth Kit Data Model

  *

  * Copyright 2011-2021 Basis Technology Corp.

  * Contact: carrier <at> sleuthkit <dot> org

  *

  * Licensed under the Apache License, Version 2.0 (the "License");

  * you may not use this file except in compliance with the License.

  * You may obtain a copy of the License at

  *

  *       http://www.apache.org/licenses/LICENSE-2.0

  *

  * Unless required by applicable law or agreed to in writing, software

  * distributed under the License is distributed on an "AS IS" BASIS,

  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  * See the License for the specific language governing permissions and

  * limitations under the License.

  */

 package org.sleuthkit.datamodel;


 import java.io.Serializable;

 import java.io.UnsupportedEncodingException;

 import java.sql.SQLException;

 import java.text.MessageFormat;

 import java.util.ArrayList;

 import java.util.Collection;

 import java.util.Collections;

 import java.util.HashMap;

 import java.util.HashSet;

 import java.util.List;

 import java.util.Map;

 import java.util.Objects;

 import java.util.ResourceBundle;

 import java.util.Set;

 import java.util.stream.Collectors;

 import java.util.stream.Stream;

 import org.sleuthkit.datamodel.Blackboard.BlackboardException;

 import org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE;

 import org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE;

 import org.sleuthkit.datamodel.SleuthkitCase.CaseDbTransaction;


 public abstract class BlackboardArtifact implements Content {


         private static final ResourceBundle bundle = ResourceBundle.getBundle("org.sleuthkit.datamodel.Bundle");

         private final long artifactId;

         private final long sourceObjId;                         // refers to objID of parent/source object

         private final long artifactObjId;                       // objId of the artifact in tsk_objects. TBD: replace artifactID with this

         private final Long dataSourceObjId;                     // objId of the data source in tsk_objects.

         private final int artifactTypeId;

         private final String artifactTypeName;

         private final String displayName;

         private ReviewStatus reviewStatus;

         private final SleuthkitCase sleuthkitCase;

         private final List<BlackboardAttribute> attrsCache = new ArrayList<BlackboardAttribute>();

         private boolean loadedCacheFromDb = false;

         private volatile Content parent;

         private volatile String uniquePath;


         private byte[] contentBytes = null;


         private volatile boolean checkedHasChildren;

         private volatile boolean hasChildren;

         private volatile int childrenCount;


         BlackboardArtifact(SleuthkitCase sleuthkitCase, long artifactID, long sourceObjId, long artifactObjId, Long dataSourceObjId, int artifactTypeID, String artifactTypeName, String displayName, ReviewStatus reviewStatus) {


                 this.sleuthkitCase = sleuthkitCase;

                 this.artifactId = artifactID;

                 this.sourceObjId = sourceObjId;

                 this.artifactObjId = artifactObjId;

                 this.artifactTypeId = artifactTypeID;

                 this.dataSourceObjId = dataSourceObjId;

                 this.artifactTypeName = artifactTypeName;

                 this.displayName = displayName;

                 this.reviewStatus = reviewStatus;


                 this.checkedHasChildren = false;

                 this.hasChildren = false;

                 this.childrenCount = -1;


         }


         BlackboardArtifact(SleuthkitCase sleuthkitCase, long artifactID, long sourceObjId, long artifactObjID, Long dataSourceObjID, int artifactTypeID, String artifactTypeName, String displayName, ReviewStatus reviewStatus, boolean isNew) {

                 this(sleuthkitCase, artifactID, sourceObjId, artifactObjID, dataSourceObjID, artifactTypeID, artifactTypeName, displayName, reviewStatus);

                 if (isNew) {

                         /*

                          * If this object represents a newly created artifact, then its

                          * collection of attributes has already been populated and there is

                          * no need to fetch them form the case database.

                          */

                         this.loadedCacheFromDb = true;

                 }

         }


         public SleuthkitCase getSleuthkitCase() {

                 return sleuthkitCase;

         }


         public long getArtifactID() {

                 return this.artifactId;

         }


         public long getObjectID() {

                 return this.sourceObjId;

         }


         Long getDataSourceObjectID() {

                 return this.dataSourceObjId;

         }


         public int getArtifactTypeID() {

                 return this.artifactTypeId;

         }


         public BlackboardArtifact.Type getType() throws TskCoreException {

                 BlackboardArtifact.Type standardTypesValue = BlackboardArtifact.Type.STANDARD_TYPES.get(getArtifactTypeID());

                 if (standardTypesValue != null) {

                         return standardTypesValue;

                 } else {

                         return getSleuthkitCase().getArtifactType(getArtifactTypeID());

                 }

         }


         public String getArtifactTypeName() {

                 return this.artifactTypeName;

         }


         public String getDisplayName() {

                 return this.displayName;

         }


         public String getShortDescription() throws TskCoreException {

                 BlackboardAttribute attr = null;

                 StringBuilder shortDescription = new StringBuilder("");

                 if(BlackboardArtifact.Type.STANDARD_TYPES.get(artifactTypeId) != null) {

                         switch (ARTIFACT_TYPE.fromID(artifactTypeId)) {

                                 case TSK_WIFI_NETWORK_ADAPTER:

                                         attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_MAC_ADDRESS));

                                         break;

                                 case TSK_WIFI_NETWORK:

                                         attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_SSID));

                                         break;

                                 case TSK_REMOTE_DRIVE:

                                         attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_REMOTE_PATH));

                                         break;

                                 case TSK_SERVICE_ACCOUNT:

                                 case TSK_SCREEN_SHOTS:

                                 case TSK_DELETED_PROG:

                                 case TSK_METADATA:

                                 case TSK_OS_INFO:

                                 case TSK_PROG_NOTIFICATIONS:

                                 case TSK_PROG_RUN:

                                 case TSK_RECENT_OBJECT:

                                 case TSK_USER_DEVICE_EVENT:

                                 case TSK_WEB_SEARCH_QUERY:

                                         attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_PROG_NAME));

                                         break;

                                 case TSK_BLUETOOTH_PAIRING:

                                         attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DEVICE_NAME));

                                         break;

                                 case TSK_ACCOUNT:

                                         attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_ACCOUNT_TYPE));

                                         break;

                                 case TSK_WEB_CATEGORIZATION:

                                 case TSK_BLUETOOTH_ADAPTER:

                                 case TSK_GPS_AREA:

                                 case TSK_GPS_BOOKMARK:

                                 case TSK_GPS_LAST_KNOWN_LOCATION:

                                 case TSK_GPS_ROUTE:

                                 case TSK_GPS_SEARCH:

                                 case TSK_GPS_TRACK:

                                 case TSK_WEB_FORM_AUTOFILL:

                                         attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_NAME));

                                         break;

                                 case TSK_WEB_ACCOUNT_TYPE:

                                         attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_TEXT));

                                         break;

                                 case TSK_HASHSET_HIT:

                                 case TSK_INTERESTING_ARTIFACT_HIT:

                                 case TSK_INTERESTING_FILE_HIT:

                                 case TSK_YARA_HIT:

                                         attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_SET_NAME));

                                         break;

                                 case TSK_ENCRYPTION_DETECTED:

                                 case TSK_ENCRYPTION_SUSPECTED:

                                 case TSK_OBJECT_DETECTED:

                                 case TSK_USER_CONTENT_SUSPECTED:

                                 case TSK_VERIFICATION_FAILED:

                                         attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_COMMENT));

                                         break;

                                 case TSK_DATA_SOURCE_USAGE:

                                 case TSK_CALENDAR_ENTRY:

                                         attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DESCRIPTION));

                                         break;

                                 case TSK_WEB_BOOKMARK:  //web_bookmark, web_cookie, web_download, and web_history are the same attribute for now

                                 case TSK_WEB_COOKIE:

                                 case TSK_WEB_DOWNLOAD:

                                 case TSK_WEB_HISTORY:

                                 case TSK_WEB_CACHE:

                                         attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DOMAIN));

                                         break;

                                 case TSK_KEYWORD_HIT:

                                         attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_KEYWORD_PREVIEW));

                                         break;

                                 case TSK_DEVICE_ATTACHED:

                                         attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DEVICE_ID));

                                         break;

                                 case TSK_CONTACT: //contact, message, and calllog are the same attributes for now

                                 case TSK_MESSAGE:

                                 case TSK_CALLLOG:

                                 case TSK_SPEED_DIAL_ENTRY:

                                 case TSK_WEB_FORM_ADDRESS:

                                         //get the first of these attributes which exists and is non null

                                         final ATTRIBUTE_TYPE[] typesThatCanHaveName = {ATTRIBUTE_TYPE.TSK_NAME,

                                                 ATTRIBUTE_TYPE.TSK_PHONE_NUMBER,

                                                 ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_FROM,

                                                 ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_TO,

                                                 ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_HOME,

                                                 ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_MOBILE,

                                                 ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_OFFICE,

                                                 ATTRIBUTE_TYPE.TSK_EMAIL,

                                                 ATTRIBUTE_TYPE.TSK_EMAIL_FROM,

                                                 ATTRIBUTE_TYPE.TSK_EMAIL_TO,

                                                 ATTRIBUTE_TYPE.TSK_EMAIL_HOME,

                                                 ATTRIBUTE_TYPE.TSK_EMAIL_OFFICE,

                                                 ATTRIBUTE_TYPE.TSK_LOCATION}; //in the order we want to use them

                                         for (ATTRIBUTE_TYPE t : typesThatCanHaveName) {

                                                 attr = getAttribute(new BlackboardAttribute.Type(t));

                                                 if (attr != null && !attr.getDisplayString().isEmpty()) {

                                                         break;

                                                 }

                                         }

                                         break;

                                 default:

                                         break;

                         }

                 }

                 if (attr != null) {

                         shortDescription.append(attr.getAttributeType().getDisplayName()).append(": ").append(attr.getDisplayString());

                 } else {

                         shortDescription.append(getDisplayName());

                 }

                 //get the first of these date attributes which exists and is non null

                 final ATTRIBUTE_TYPE[] typesThatCanHaveDate = {ATTRIBUTE_TYPE.TSK_DATETIME,

                         ATTRIBUTE_TYPE.TSK_DATETIME_SENT,

                         ATTRIBUTE_TYPE.TSK_DATETIME_RCVD,

                         ATTRIBUTE_TYPE.TSK_DATETIME_CREATED,

                         ATTRIBUTE_TYPE.TSK_DATETIME_MODIFIED,

                         ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED,

                         ATTRIBUTE_TYPE.TSK_DATETIME_START,

                         ATTRIBUTE_TYPE.TSK_DATETIME_END};  //in the order we want to use them

                 BlackboardAttribute date;

                 for (ATTRIBUTE_TYPE t : typesThatCanHaveDate) {

                         date = getAttribute(new BlackboardAttribute.Type(t));

                         if (date != null && !date.getDisplayString().isEmpty()) {

                                 shortDescription.append(" ");

                                 shortDescription.append(MessageFormat.format(bundle.getString("BlackboardArtifact.shortDescriptionDate.text"), date.getDisplayString()));  //NON-NLS

                                 break;

                         }

                 }

                 return shortDescription.toString();

         }


         public ReviewStatus getReviewStatus() {

                 return reviewStatus;

         }


         public void setReviewStatus(ReviewStatus newStatus) throws TskCoreException {

                 getSleuthkitCase().setReviewStatus(this, newStatus);

                 reviewStatus = newStatus;

         }


         public void addAttribute(BlackboardAttribute attribute) throws TskCoreException {

                 attribute.setArtifactId(artifactId);

                 attribute.setCaseDatabase(getSleuthkitCase());

                 getSleuthkitCase().addBlackboardAttribute(attribute, this.artifactTypeId);

                 attrsCache.add(attribute);

         }


         public List<BlackboardAttribute> getAttributes() throws TskCoreException {

                 ArrayList<BlackboardAttribute> attributes;

                 if (false == loadedCacheFromDb) {

                         attributes = getSleuthkitCase().getBlackboardAttributes(this);

                         attrsCache.clear();

                         attrsCache.addAll(attributes);

                         loadedCacheFromDb = true;

                 } else {

                         attributes = new ArrayList<BlackboardAttribute>(attrsCache);

                 }

                 return attributes;

         }


         public BlackboardAttribute getAttribute(BlackboardAttribute.Type attributeType) throws TskCoreException {

                 List<BlackboardAttribute> attributes = this.getAttributes();

                 for (BlackboardAttribute attribute : attributes) {

                         if (attribute.getAttributeType().equals(attributeType)) {

                                 return attribute;

                         }

                 }

                 return null;

         }


         public void addAttributes(Collection<BlackboardAttribute> attributes) throws TskCoreException {

                 if (attributes.isEmpty()) {

                         return;

                 }

                 for (BlackboardAttribute attribute : attributes) {

                         attribute.setArtifactId(artifactId);

                         attribute.setCaseDatabase(getSleuthkitCase());

                 }

                 getSleuthkitCase().addBlackboardAttributes(attributes, artifactTypeId);

                 attrsCache.addAll(attributes);

         }


         public void addAttributes(Collection<BlackboardAttribute> attributes, final SleuthkitCase.CaseDbTransaction caseDbTransaction) throws TskCoreException {


                 if (Objects.isNull(attributes) || attributes.isEmpty()) {

                         throw new TskCoreException("Illegal argument passed to addAttributes: null or empty attributes passed to addAttributes");

                 }

                 if (Objects.isNull(caseDbTransaction)) {

                         throw new TskCoreException("Illegal argument passed to addAttributes: null caseDbTransaction passed to addAttributes");

                 }

                 try {

                         for (final BlackboardAttribute attribute : attributes) {

                                 attribute.setArtifactId(artifactId);

                                 attribute.setCaseDatabase(getSleuthkitCase());

                                 getSleuthkitCase().addBlackBoardAttribute(attribute, artifactTypeId, caseDbTransaction.getConnection());

                         }

                         attrsCache.addAll(attributes);

                 } catch (SQLException ex) {

                         throw new TskCoreException("Error adding blackboard attributes", ex);

                 }

         }


         @Override

         public String getUniquePath() throws TskCoreException {

                 // Return the path of the parent file

                 // It is possible that multiple threads could be doing this calculation

                 // simultaneously, but it's worth the potential extra processing to prevent deadlocks.

                 if (uniquePath == null) {

                         String tempUniquePath = "";

                         Content myParent = getParent();

                         if (myParent != null) {

                                 tempUniquePath = myParent.getUniquePath();

                         }


                         // Don't update uniquePath until it is complete.

                         uniquePath = tempUniquePath;

                 }

                 return uniquePath;

         }


         @Override

         public Content getParent() throws TskCoreException {

                 if (parent == null) {

                         parent = getSleuthkitCase().getContentById(sourceObjId);

                 }

                 return parent;

         }


         @Override

         public ArrayList<BlackboardArtifact> getAllArtifacts() throws TskCoreException {

                 // Currently we don't have any artifacts derived from an artifact.

                 return new ArrayList<BlackboardArtifact>();

         }


         @Override

         public List<AnalysisResult> getAllAnalysisResults() throws TskCoreException {

                 return sleuthkitCase.getBlackboard().getAnalysisResults(artifactObjId);

         }


         @Override

         public List<DataArtifact> getAllDataArtifacts() throws TskCoreException {

                 return sleuthkitCase.getBlackboard().getDataArtifactsBySource(artifactObjId);

         }


         @Override

         public Score getAggregateScore() throws TskCoreException {

                 return sleuthkitCase.getScoringManager().getAggregateScore(artifactObjId);


         }


         @Override

         public List<AnalysisResult> getAnalysisResults(BlackboardArtifact.Type artifactType) throws TskCoreException {

                 return sleuthkitCase.getBlackboard().getAnalysisResults(artifactObjId, artifactType.getTypeID()); //NON-NLS

         }


         @Override

         public ArrayList<BlackboardArtifact> getArtifacts(String artifactTypeName) throws TskCoreException {

                 // Currently we don't have any artifacts derived from an artifact.

                 return new ArrayList<BlackboardArtifact>();

         }


         @Override

         public ArrayList<BlackboardArtifact> getArtifacts(int artifactTypeID) throws TskCoreException {

                 // Currently we don't have any artifacts derived from an artifact.

                 return new ArrayList<BlackboardArtifact>();

         }


         @Override

         public ArrayList<BlackboardArtifact> getArtifacts(BlackboardArtifact.ARTIFACT_TYPE type) throws TskCoreException {

                 // Currently we don't have any artifacts derived from an artifact.

                 return new ArrayList<BlackboardArtifact>();

         }


         @Override

         public long getAllArtifactsCount() throws TskCoreException {

                 // Currently we don't have any artifacts derived from an artifact.

                 return 0;

         }


         @Override

         public long getArtifactsCount(String artifactTypeName) throws TskCoreException {

                 // Currently we don't have any artifacts derived from an artifact.

                 return 0;

         }


         @Override

         public long getArtifactsCount(int artifactTypeID) throws TskCoreException {

                 // Currently we don't have any artifacts derived from an artifact.

                 return 0;

         }


         @Override

         public long getArtifactsCount(BlackboardArtifact.ARTIFACT_TYPE type) throws TskCoreException {

                 // Currently we don't have any artifacts derived from an artifact.

                 return 0;

         }


         @Override

         public BlackboardArtifact getGenInfoArtifact() throws TskCoreException {

                 // Currently we don't have any artifacts derived from an artifact.

                 return null;

         }


         @Override

         public BlackboardArtifact getGenInfoArtifact(boolean create) throws TskCoreException {

                 // Currently we don't have any artifacts derived from an artifact.

                 if (create) {

                         throw new TskCoreException("Artifacts of artifacts are not supported.");

                 }


                 return null;

         }


         @Override

         public ArrayList<BlackboardAttribute> getGenInfoAttributes(BlackboardAttribute.ATTRIBUTE_TYPE attr_type) throws TskCoreException {

                 // Currently we don't have any artifacts derived from an artifact.

                 return new ArrayList<>();

         }


         @Override

         public Set<String> getHashSetNames() throws TskCoreException {

                 // Currently we don't have any artifacts derived from an artifact.

                 return new HashSet<String>();

         }


         @Deprecated

         @Override

         public BlackboardArtifact newArtifact(int artifactTypeID) throws TskCoreException {

                 throw new TskCoreException("Cannot create artifact of an artifact. Not supported.");

         }


         @Override

         public AnalysisResultAdded newAnalysisResult(BlackboardArtifact.Type artifactType, Score score, String conclusion, String configuration, String justification, Collection<BlackboardAttribute> attributesList) throws TskCoreException {

                 CaseDbTransaction trans = sleuthkitCase.beginTransaction();

                 try {

                         AnalysisResultAdded resultAdded = sleuthkitCase.getBlackboard().newAnalysisResult(artifactType, this.getId(), this.getDataSource().getId(), score, conclusion, configuration, justification, attributesList, trans);


                         trans.commit();

                         return resultAdded;

                 } catch (BlackboardException ex) {

                         trans.rollback();

                         throw new TskCoreException("Error adding analysis result.", ex);

                 }

         }


         @Override

         public AnalysisResultAdded newAnalysisResult(BlackboardArtifact.Type artifactType, Score score, String conclusion, String configuration, String justification, Collection<BlackboardAttribute> attributesList, long dataSourceId) throws TskCoreException {

                 CaseDbTransaction trans = sleuthkitCase.beginTransaction();

                 try {

                         AnalysisResultAdded resultAdded = sleuthkitCase.getBlackboard().newAnalysisResult(artifactType, this.getId(), dataSourceId, score, conclusion, configuration, justification, attributesList, trans);


                         trans.commit();

                         return resultAdded;

                 } catch (BlackboardException ex) {

                         trans.rollback();

                         throw new TskCoreException("Error adding analysis result.", ex);

                 }

         }


         @Override

         public DataArtifact newDataArtifact(BlackboardArtifact.Type artifactType, Collection<BlackboardAttribute> attributesList, Long osAccountId) throws TskCoreException {

                 throw new TskCoreException("Cannot create data artifact of an artifact. Not supported.");

         }


         @Override

         public DataArtifact newDataArtifact(BlackboardArtifact.Type artifactType, Collection<BlackboardAttribute> attributesList, Long osAccountId, long dataSourceId) throws TskCoreException {

                 throw new TskCoreException("Cannot create data artifact of an artifact. Not supported.");

         }


         @Override

         public DataArtifact newDataArtifact(BlackboardArtifact.Type artifactType, Collection<BlackboardAttribute> attributesList) throws TskCoreException {

                 return newDataArtifact(artifactType, attributesList, null);

         }


         @Deprecated

         @Override

         public BlackboardArtifact newArtifact(BlackboardArtifact.ARTIFACT_TYPE type) throws TskCoreException {

                 throw new TskCoreException("Cannot create artifact of an artifact. Not supported.");

         }


         @Override

         public <T> T accept(ContentVisitor<T> visitor) {

                 return visitor.visit(this);

         }


         @Override

         public boolean equals(Object object) {

                 if (object == null) {

                         return false;

                 }

                 if (getClass() != object.getClass()) {

                         return false;

                 }

                 final BlackboardArtifact other = (BlackboardArtifact) object;

                 return artifactId == other.getArtifactID();

         }


         @Override

         public int hashCode() {

                 int hash = 7;

                 hash = 41 * hash + (int) (this.artifactId ^ (this.artifactId >>> 32));

                 return hash;

         }


         @Override

         public String toString() {

                 return "BlackboardArtifact{" + "artifactID=" + artifactId + ", objID=" + getObjectID() + ", artifactObjID=" + artifactObjId + ", artifactTypeID=" + artifactTypeId + ", artifactTypeName=" + artifactTypeName + ", displayName=" + displayName + ", Case=" + getSleuthkitCase() + '}'; //NON-NLS

         }


         @Override

         public <T> T accept(SleuthkitItemVisitor<T> visitor) {

                 return visitor.visit(this);

         }


         @Override

         public long getSize() {


                 if (contentBytes == null) {

                         try {

                                 loadArtifactContent();

                         } catch (TskCoreException ex) {

                                 return 0;

                         }

                 }


                 return contentBytes.length;

         }


         @Override

         public void close() {

                 contentBytes = null;

         }


         @Override

         public final int read(byte[] buf, long offset, long len) throws TskCoreException {


                 if (contentBytes == null) {

                         loadArtifactContent();

                 }


                 if (0 == contentBytes.length) {

                         return 0;

                 }


                 // Copy bytes

                 long readLen = Math.min(contentBytes.length - offset, len);

                 System.arraycopy(contentBytes, 0, buf, 0, (int) readLen);


                 return (int) readLen;

         }


         @Override

         public String getName() {

                 return this.displayName + getArtifactID();

         }


         @Override

         public Content getDataSource() throws TskCoreException {

                 return dataSourceObjId != null ? getSleuthkitCase().getContentById(dataSourceObjId) : null;

         }


         private void loadArtifactContent() throws TskCoreException {

                 StringBuilder artifactContents = new StringBuilder();


                 Content dataSource = null;

                 try {

                         dataSource = getDataSource();

                 } catch (TskCoreException ex) {

                         throw new TskCoreException("Unable to get datasource for artifact: " + this.toString(), ex);

                 }

                 if (dataSource == null) {

                         throw new TskCoreException("Datasource was null for artifact: " + this.toString());

                 }


                 try {

                         for (BlackboardAttribute attribute : getAttributes()) {

                                 artifactContents.append(attribute.getAttributeType().getDisplayName());

                                 artifactContents.append(" : ");

                                 artifactContents.append(attribute.getDisplayString());

                                 artifactContents.append(System.lineSeparator());

                         }

                 } catch (TskCoreException ex) {

                         throw new TskCoreException("Unable to get attributes for artifact: " + this.toString(), ex);

                 }


                 try {

                         contentBytes = artifactContents.toString().getBytes("UTF-8");

                 } catch (UnsupportedEncodingException ex) {

                         throw new TskCoreException("Failed to convert artifact string to bytes for artifact: " + this.toString(), ex);

                 }


         }


         public static final class Type implements Serializable {


                 private static final long serialVersionUID = 1L;


                 public static final Type TSK_GEN_INFO = new BlackboardArtifact.Type(1, "TSK_GEN_INFO", bundle.getString("BlackboardArtifact.tskGenInfo.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_WEB_BOOKMARK = new BlackboardArtifact.Type(2, "TSK_WEB_BOOKMARK", bundle.getString("BlackboardArtifact.tskWebBookmark.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_WEB_COOKIE = new BlackboardArtifact.Type(3, "TSK_WEB_COOKIE", bundle.getString("BlackboardArtifact.tskWebCookie.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_WEB_HISTORY = new BlackboardArtifact.Type(4, "TSK_WEB_HISTORY", bundle.getString("BlackboardArtifact.tskWebHistory.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_WEB_DOWNLOAD = new BlackboardArtifact.Type(5, "TSK_WEB_DOWNLOAD", bundle.getString("BlackboardArtifact.tskWebDownload.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_RECENT_OBJECT = new BlackboardArtifact.Type(6, "TSK_RECENT_OBJ", bundle.getString("BlackboardArtifact.tsk.recentObject.text"), Category.DATA_ARTIFACT);


                 // 7 was used for deprecated TSK_GPS_TRACKPOINT.

                 public static final Type TSK_INSTALLED_PROG = new BlackboardArtifact.Type(8, "TSK_INSTALLED_PROG", bundle.getString("BlackboardArtifact.tskInstalledProg.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_KEYWORD_HIT = new BlackboardArtifact.Type(9, "TSK_KEYWORD_HIT", bundle.getString("BlackboardArtifact.tskKeywordHits.text"), Category.ANALYSIS_RESULT);


                 public static final Type TSK_HASHSET_HIT = new BlackboardArtifact.Type(10, "TSK_HASHSET_HIT", bundle.getString("BlackboardArtifact.tskHashsetHit.text"), Category.ANALYSIS_RESULT);


                 public static final Type TSK_DEVICE_ATTACHED = new BlackboardArtifact.Type(11, "TSK_DEVICE_ATTACHED", bundle.getString("BlackboardArtifact.tskDeviceAttached.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_INTERESTING_FILE_HIT = new BlackboardArtifact.Type(12, "TSK_INTERESTING_FILE_HIT", bundle.getString("BlackboardArtifact.tskInterestingFileHit.text"), Category.ANALYSIS_RESULT);


                 public static final Type TSK_EMAIL_MSG = new BlackboardArtifact.Type(13, "TSK_EMAIL_MSG", bundle.getString("BlackboardArtifact.tskEmailMsg.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_EXTRACTED_TEXT = new BlackboardArtifact.Type(14, "TSK_EXTRACTED_TEXT", bundle.getString("BlackboardArtifact.tskExtractedText.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_WEB_SEARCH_QUERY = new BlackboardArtifact.Type(15, "TSK_WEB_SEARCH_QUERY", bundle.getString("BlackboardArtifact.tskWebSearchQuery.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_METADATA_EXIF = new BlackboardArtifact.Type(16, "TSK_METADATA_EXIF", bundle.getString("BlackboardArtifact.tskMetadataExif.text"), Category.ANALYSIS_RESULT);


                 // 17 was used for deprecated TSK_TAG_FILE.

                 // 18 was used for deprecated TSK_TAG_ARTIFACT.

                 public static final Type TSK_OS_INFO = new BlackboardArtifact.Type(19, "TSK_OS_INFO", bundle.getString("BlackboardArtifact.tskOsInfo.text"), Category.DATA_ARTIFACT);


                 // 20 was used for deprecated TSK_OS_ACCOUNT.

                 public static final Type TSK_SERVICE_ACCOUNT = new BlackboardArtifact.Type(21, "TSK_SERVICE_ACCOUNT", bundle.getString("BlackboardArtifact.tskServiceAccount.text"), Category.DATA_ARTIFACT);


                 // 22 was used for deprecated TSK_TOOL_OUTPUT.

                 public static final Type TSK_CONTACT = new BlackboardArtifact.Type(23, "TSK_CONTACT", bundle.getString("BlackboardArtifact.tskContact.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_MESSAGE = new BlackboardArtifact.Type(24, "TSK_MESSAGE", bundle.getString("BlackboardArtifact.tskMessage.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_CALLLOG = new BlackboardArtifact.Type(25, "TSK_CALLLOG", bundle.getString("BlackboardArtifact.tskCalllog.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_CALENDAR_ENTRY = new BlackboardArtifact.Type(26, "TSK_CALENDAR_ENTRY", bundle.getString("BlackboardArtifact.tskCalendarEntry.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_SPEED_DIAL_ENTRY = new BlackboardArtifact.Type(27, "TSK_SPEED_DIAL_ENTRY", bundle.getString("BlackboardArtifact.tskSpeedDialEntry.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_BLUETOOTH_PAIRING = new BlackboardArtifact.Type(28, "TSK_BLUETOOTH_PAIRING", bundle.getString("BlackboardArtifact.tskBluetoothPairing.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_GPS_BOOKMARK = new BlackboardArtifact.Type(29, "TSK_GPS_BOOKMARK", bundle.getString("BlackboardArtifact.tskGpsBookmark.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_GPS_LAST_KNOWN_LOCATION = new BlackboardArtifact.Type(30, "TSK_GPS_LAST_KNOWN_LOCATION", bundle.getString("BlackboardArtifact.tskGpsLastKnownLocation.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_GPS_SEARCH = new BlackboardArtifact.Type(31, "TSK_GPS_SEARCH", bundle.getString("BlackboardArtifact.tskGpsSearch.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_PROG_RUN = new BlackboardArtifact.Type(32, "TSK_PROG_RUN", bundle.getString("BlackboardArtifact.tskProgRun.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_ENCRYPTION_DETECTED = new BlackboardArtifact.Type(33, "TSK_ENCRYPTION_DETECTED", bundle.getString("BlackboardArtifact.tskEncryptionDetected.text"), Category.ANALYSIS_RESULT);


                 public static final Type TSK_EXT_MISMATCH_DETECTED = new BlackboardArtifact.Type(34, "TSK_EXT_MISMATCH_DETECTED", bundle.getString("BlackboardArtifact.tskExtMismatchDetected.text"), Category.ANALYSIS_RESULT);


                 public static final Type TSK_INTERESTING_ARTIFACT_HIT = new BlackboardArtifact.Type(35, "TSK_INTERESTING_ARTIFACT_HIT", bundle.getString("BlackboardArtifact.tskInterestingArtifactHit.text"), Category.ANALYSIS_RESULT);


                 public static final Type TSK_GPS_ROUTE = new BlackboardArtifact.Type(36, "TSK_GPS_ROUTE", bundle.getString("BlackboardArtifact.tskGpsRoute.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_REMOTE_DRIVE = new BlackboardArtifact.Type(37, "TSK_REMOTE_DRIVE", bundle.getString("BlackboardArtifact.tskRemoteDrive.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_FACE_DETECTED = new BlackboardArtifact.Type(38, "TSK_FACE_DETECTED", bundle.getString("BlackboardArtifact.tskFaceDetected.text"), Category.ANALYSIS_RESULT);


                 public static final Type TSK_ACCOUNT = new BlackboardArtifact.Type(39, "TSK_ACCOUNT", bundle.getString("BlackboardArtifact.tskAccount.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_ENCRYPTION_SUSPECTED = new BlackboardArtifact.Type(40, "TSK_ENCRYPTION_SUSPECTED", bundle.getString("BlackboardArtifact.tskEncryptionSuspected.text"), Category.ANALYSIS_RESULT);


                 /*

                  * A classifier detected an object in a media file.

                  */

                 public static final Type TSK_OBJECT_DETECTED = new BlackboardArtifact.Type(41, "TSK_OBJECT_DETECTED", bundle.getString("BlackboardArtifact.tskObjectDetected.text"), Category.ANALYSIS_RESULT);


                 public static final Type TSK_WIFI_NETWORK = new BlackboardArtifact.Type(42, "TSK_WIFI_NETWORK", bundle.getString("BlackboardArtifact.tskWIFINetwork.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_DEVICE_INFO = new BlackboardArtifact.Type(43, "TSK_DEVICE_INFO", bundle.getString("BlackboardArtifact.tskDeviceInfo.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_SIM_ATTACHED = new BlackboardArtifact.Type(44, "TSK_SIM_ATTACHED", bundle.getString("BlackboardArtifact.tskSimAttached.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_BLUETOOTH_ADAPTER = new BlackboardArtifact.Type(45, "TSK_BLUETOOTH_ADAPTER", bundle.getString("BlackboardArtifact.tskBluetoothAdapter.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_WIFI_NETWORK_ADAPTER = new BlackboardArtifact.Type(46, "TSK_WIFI_NETWORK_ADAPTER", bundle.getString("BlackboardArtifact.tskWIFINetworkAdapter.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_VERIFICATION_FAILED = new BlackboardArtifact.Type(47, "TSK_VERIFICATION_FAILED", bundle.getString("BlackboardArtifact.tskVerificationFailed.text"), Category.ANALYSIS_RESULT);


                 public static final Type TSK_DATA_SOURCE_USAGE = new BlackboardArtifact.Type(48, "TSK_DATA_SOURCE_USAGE", bundle.getString("BlackboardArtifact.tskDataSourceUsage.text"), Category.ANALYSIS_RESULT);


                 public static final Type TSK_WEB_FORM_AUTOFILL = new BlackboardArtifact.Type(49, "TSK_WEB_FORM_AUTOFILL", bundle.getString("BlackboardArtifact.tskWebFormAutofill.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_WEB_FORM_ADDRESS = new BlackboardArtifact.Type(50, "TSK_WEB_FORM_ADDRESSES ", bundle.getString("BlackboardArtifact.tskWebFormAddresses.text"), Category.DATA_ARTIFACT);


                 // 51 was used for deprecated TSK_DOWNLOAD_SOURCE

                 public static final Type TSK_WEB_CACHE = new BlackboardArtifact.Type(52, "TSK_WEB_CACHE", bundle.getString("BlackboardArtifact.tskWebCache.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_TL_EVENT = new BlackboardArtifact.Type(53, "TSK_TL_EVENT", bundle.getString("BlackboardArtifact.tskTLEvent.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_CLIPBOARD_CONTENT = new BlackboardArtifact.Type(54, "TSK_CLIPBOARD_CONTENT", bundle.getString("BlackboardArtifact.tskClipboardContent.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_ASSOCIATED_OBJECT = new BlackboardArtifact.Type(55, "TSK_ASSOCIATED_OBJECT", bundle.getString("BlackboardArtifact.tskAssociatedObject.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_USER_CONTENT_SUSPECTED = new BlackboardArtifact.Type(56, "TSK_USER_CONTENT_SUSPECTED", bundle.getString("BlackboardArtifact.tskUserContentSuspected.text"), Category.ANALYSIS_RESULT);


                 public static final Type TSK_METADATA = new BlackboardArtifact.Type(57, "TSK_METADATA", bundle.getString("BlackboardArtifact.tskMetadata.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_GPS_TRACK = new BlackboardArtifact.Type(58, "TSK_GPS_TRACK", bundle.getString("BlackboardArtifact.tskTrack.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_WEB_ACCOUNT_TYPE = new BlackboardArtifact.Type(59, "TSK_WEB_ACCOUNT_TYPE", bundle.getString("BlackboardArtifact.tskWebAccountType.text"), Category.ANALYSIS_RESULT);


                 public static final Type TSK_SCREEN_SHOTS = new BlackboardArtifact.Type(60, "TSK_SCREEN_SHOTS", bundle.getString("BlackboardArtifact.tskScreenShots.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_PROG_NOTIFICATIONS = new BlackboardArtifact.Type(62, "TSK_PROG_NOTIFICATIONS", bundle.getString("BlackboardArtifact.tskProgNotifications.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_BACKUP_EVENT = new BlackboardArtifact.Type(63, "TSK_BACKUP_EVENT", bundle.getString("BlackboardArtifact.tskBackupEvent.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_DELETED_PROG = new BlackboardArtifact.Type(64, "TSK_DELETED_PROG", bundle.getString("BlackboardArtifact.tskDeletedProg.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_USER_DEVICE_EVENT = new BlackboardArtifact.Type(65, "TSK_USER_DEVICE_EVENT", bundle.getString("BlackboardArtifact.tskUserDeviceEvent.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_YARA_HIT = new BlackboardArtifact.Type(66, "TSK_YARA_HIT", bundle.getString("BlackboardArtifact.tskYaraHit.text"), Category.ANALYSIS_RESULT);


                 public static final Type TSK_GPS_AREA = new BlackboardArtifact.Type(67, "TSK_GPS_AREA", bundle.getString("BlackboardArtifact.tskGPSArea.text"), Category.DATA_ARTIFACT);


                 public static final Type TSK_WEB_CATEGORIZATION = new BlackboardArtifact.Type(68, "TSK_WEB_CATEGORIZATION", bundle.getString("BlackboardArtifact.tskWebCategorization.text"), Category.ANALYSIS_RESULT);


                 public static final Type TSK_PREVIOUSLY_SEEN = new BlackboardArtifact.Type(69, "TSK_PREVIOUSLY_SEEN", bundle.getString("BlackboardArtifact.tskPreviouslySeen.text"), Category.ANALYSIS_RESULT);


                 public static final Type TSK_PREVIOUSLY_UNSEEN = new BlackboardArtifact.Type(70, "TSK_PREVIOUSLY_UNSEEN", bundle.getString("BlackboardArtifact.tskPreviouslyUnseen.text"), Category.ANALYSIS_RESULT);


                 public static final Type TSK_PREVIOUSLY_NOTABLE = new BlackboardArtifact.Type(71, "TSK_PREVIOUSLY_NOTABLE", bundle.getString("BlackboardArtifact.tskPreviouslyNotable.text"), Category.ANALYSIS_RESULT);


                 // NOTE: When adding a new standard BlackboardArtifact.Type, add the instance and then add to the STANDARD_TYPES map.

                 static final Map<Integer, Type> STANDARD_TYPES = Collections.unmodifiableMap(Stream.of(

                                 TSK_GEN_INFO,

                                 TSK_WEB_BOOKMARK,

                                 TSK_WEB_COOKIE,

                                 TSK_WEB_HISTORY,

                                 TSK_WEB_DOWNLOAD,

                                 TSK_RECENT_OBJECT,

                                 TSK_INSTALLED_PROG,

                                 TSK_KEYWORD_HIT,

                                 TSK_HASHSET_HIT,

                                 TSK_DEVICE_ATTACHED,

                                 TSK_INTERESTING_FILE_HIT,

                                 TSK_EMAIL_MSG,

                                 TSK_EXTRACTED_TEXT,

                                 TSK_WEB_SEARCH_QUERY,

                                 TSK_METADATA_EXIF,

                                 TSK_OS_INFO,

                                 TSK_SERVICE_ACCOUNT,

                                 TSK_CONTACT,

                                 TSK_MESSAGE,

                                 TSK_CALLLOG,

                                 TSK_CALENDAR_ENTRY,

                                 TSK_SPEED_DIAL_ENTRY,

                                 TSK_BLUETOOTH_PAIRING,

                                 TSK_GPS_BOOKMARK,

                                 TSK_GPS_LAST_KNOWN_LOCATION,

                                 TSK_GPS_SEARCH,

                                 TSK_PROG_RUN,

                                 TSK_ENCRYPTION_DETECTED,

                                 TSK_EXT_MISMATCH_DETECTED,

                                 TSK_INTERESTING_ARTIFACT_HIT,

                                 TSK_GPS_ROUTE,

                                 TSK_REMOTE_DRIVE,

                                 TSK_FACE_DETECTED,

                                 TSK_ACCOUNT,

                                 TSK_ENCRYPTION_SUSPECTED,

                                 TSK_OBJECT_DETECTED,

                                 TSK_WIFI_NETWORK,

                                 TSK_DEVICE_INFO,

                                 TSK_SIM_ATTACHED,

                                 TSK_BLUETOOTH_ADAPTER,

                                 TSK_WIFI_NETWORK_ADAPTER,

                                 TSK_VERIFICATION_FAILED,

                                 TSK_DATA_SOURCE_USAGE,

                                 TSK_WEB_FORM_AUTOFILL,

                                 TSK_WEB_FORM_ADDRESS,

                                 TSK_WEB_CACHE,

                                 TSK_TL_EVENT,

                                 TSK_CLIPBOARD_CONTENT,

                                 TSK_ASSOCIATED_OBJECT,

                                 TSK_USER_CONTENT_SUSPECTED,

                                 TSK_METADATA,

                                 TSK_GPS_TRACK,

                                 TSK_WEB_ACCOUNT_TYPE,

                                 TSK_SCREEN_SHOTS,

                                 TSK_PROG_NOTIFICATIONS,

                                 TSK_BACKUP_EVENT,

                                 TSK_DELETED_PROG,

                                 TSK_USER_DEVICE_EVENT,

                                 TSK_YARA_HIT,

                                 TSK_GPS_AREA,

                                 TSK_WEB_CATEGORIZATION,

                                 TSK_PREVIOUSLY_SEEN,

                                 TSK_PREVIOUSLY_UNSEEN,

                                 TSK_PREVIOUSLY_NOTABLE

                 ).collect(Collectors.toMap(type -> type.getTypeID(), type -> type)));


                 private final String typeName;

                 private final int typeID;

                 private final String displayName;

                 private final Category category;


                 Type(int typeID, String typeName, String displayName, Category category) {

                         this.typeID = typeID;

                         this.typeName = typeName;

                         this.displayName = displayName;

                         this.category = category;

                 }


                 public Type(ARTIFACT_TYPE type) {

                         this(type.getTypeID(), type.getLabel(), type.getDisplayName(), type.getCategory());

                 }


                 public String getTypeName() {

                         return this.typeName;

                 }


                 public int getTypeID() {

                         return this.typeID;

                 }


                 public String getDisplayName() {

                         return this.displayName;

                 }


                 public Category getCategory() {

                         return category;

                 }


                 @Override

                 public boolean equals(Object that) {

                         if (this == that) {

                                 return true;

                         } else if (!(that instanceof Type)) {

                                 return false;

                         } else {

                                 return ((Type) that).sameType(this);

                         }

                 }


                 private boolean sameType(Type that) {

                         return this.typeName.equals(that.getTypeName())

                                         && this.displayName.equals(that.getDisplayName())

                                         && this.typeID == that.getTypeID();

                 }


                 @Override

                 public int hashCode() {

                         int hash = 11;

                         hash = 83 * hash + Objects.hashCode(this.typeID);

                         hash = 83 * hash + Objects.hashCode(this.displayName);

                         hash = 83 * hash + Objects.hashCode(this.typeName);

                         return hash;

                 }

         }


         public enum ARTIFACT_TYPE implements SleuthkitVisitableItem {


                 TSK_GEN_INFO(1, "TSK_GEN_INFO", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskGenInfo.text"), Category.DATA_ARTIFACT),

                 TSK_WEB_BOOKMARK(2, "TSK_WEB_BOOKMARK", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskWebBookmark.text"), Category.DATA_ARTIFACT),

                 TSK_WEB_COOKIE(3, "TSK_WEB_COOKIE",

                                 bundle.getString("BlackboardArtifact.tskWebCookie.text"), Category.DATA_ARTIFACT), //NON-NLS

                 TSK_WEB_HISTORY(4, "TSK_WEB_HISTORY", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskWebHistory.text"), Category.DATA_ARTIFACT),

                 TSK_WEB_DOWNLOAD(5, "TSK_WEB_DOWNLOAD", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskWebDownload.text"), Category.DATA_ARTIFACT),

                 TSK_RECENT_OBJECT(6, "TSK_RECENT_OBJ", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tsk.recentObject.text"), Category.DATA_ARTIFACT),

                 @Deprecated

                 TSK_GPS_TRACKPOINT(7, "TSK_GPS_TRACKPOINT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskGpsTrackpoint.text"), Category.DATA_ARTIFACT),

                 TSK_INSTALLED_PROG(8, "TSK_INSTALLED_PROG", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskInstalledProg.text"), Category.DATA_ARTIFACT),

                 TSK_KEYWORD_HIT(9, "TSK_KEYWORD_HIT",

                                 bundle.getString("BlackboardArtifact.tskKeywordHits.text"), Category.ANALYSIS_RESULT),

                 TSK_HASHSET_HIT(10, "TSK_HASHSET_HIT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskHashsetHit.text"), Category.ANALYSIS_RESULT),

                 TSK_DEVICE_ATTACHED(11, "TSK_DEVICE_ATTACHED", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskDeviceAttached.text"), Category.DATA_ARTIFACT),

                 TSK_INTERESTING_FILE_HIT(12, "TSK_INTERESTING_FILE_HIT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskInterestingFileHit.text"), Category.ANALYSIS_RESULT),


                 TSK_EMAIL_MSG(13, "TSK_EMAIL_MSG", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskEmailMsg.text"), Category.DATA_ARTIFACT),

                 TSK_EXTRACTED_TEXT(14, "TSK_EXTRACTED_TEXT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskExtractedText.text"), Category.DATA_ARTIFACT),

                 TSK_WEB_SEARCH_QUERY(15, "TSK_WEB_SEARCH_QUERY", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskWebSearchQuery.text"), Category.DATA_ARTIFACT),

                 TSK_METADATA_EXIF(16, "TSK_METADATA_EXIF", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskMetadataExif.text"), Category.ANALYSIS_RESULT),

                 @Deprecated

                 TSK_TAG_FILE(17, "TSK_TAG_FILE", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tagFile.text"), Category.ANALYSIS_RESULT),

                 @Deprecated

                 TSK_TAG_ARTIFACT(18, "TSK_TAG_ARTIFACT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskTagArtifact.text"), Category.ANALYSIS_RESULT),

                 TSK_OS_INFO(19, "TSK_OS_INFO", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskOsInfo.text"), Category.DATA_ARTIFACT),

                 @Deprecated

                 TSK_OS_ACCOUNT(20, "TSK_OS_ACCOUNT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskOsAccount.text"), Category.DATA_ARTIFACT),

                 TSK_SERVICE_ACCOUNT(21, "TSK_SERVICE_ACCOUNT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskServiceAccount.text"), Category.DATA_ARTIFACT),

                 @Deprecated

                 TSK_TOOL_OUTPUT(22, "TSK_TOOL_OUTPUT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskToolOutput.text"), Category.DATA_ARTIFACT),

                 TSK_CONTACT(23, "TSK_CONTACT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskContact.text"), Category.DATA_ARTIFACT),

                 TSK_MESSAGE(24, "TSK_MESSAGE", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskMessage.text"), Category.DATA_ARTIFACT),

                 TSK_CALLLOG(25, "TSK_CALLLOG", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskCalllog.text"), Category.DATA_ARTIFACT),

                 TSK_CALENDAR_ENTRY(26, "TSK_CALENDAR_ENTRY", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskCalendarEntry.text"), Category.DATA_ARTIFACT),

                 TSK_SPEED_DIAL_ENTRY(27, "TSK_SPEED_DIAL_ENTRY", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskSpeedDialEntry.text"), Category.DATA_ARTIFACT),

                 TSK_BLUETOOTH_PAIRING(28, "TSK_BLUETOOTH_PAIRING", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskBluetoothPairing.text"), Category.DATA_ARTIFACT),

                 TSK_GPS_BOOKMARK(29, "TSK_GPS_BOOKMARK", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskGpsBookmark.text"), Category.DATA_ARTIFACT),

                 TSK_GPS_LAST_KNOWN_LOCATION(30, "TSK_GPS_LAST_KNOWN_LOCATION", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskGpsLastKnownLocation.text"), Category.DATA_ARTIFACT),

                 TSK_GPS_SEARCH(31, "TSK_GPS_SEARCH", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskGpsSearch.text"), Category.DATA_ARTIFACT),

                 TSK_PROG_RUN(32, "TSK_PROG_RUN", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskProgRun.text"), Category.DATA_ARTIFACT),

                 TSK_ENCRYPTION_DETECTED(33, "TSK_ENCRYPTION_DETECTED", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskEncryptionDetected.text"), Category.ANALYSIS_RESULT),

                 TSK_EXT_MISMATCH_DETECTED(34, "TSK_EXT_MISMATCH_DETECTED", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskExtMismatchDetected.text"), Category.ANALYSIS_RESULT),

                 TSK_INTERESTING_ARTIFACT_HIT(35, "TSK_INTERESTING_ARTIFACT_HIT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskInterestingArtifactHit.text"), Category.ANALYSIS_RESULT),

                 TSK_GPS_ROUTE(36, "TSK_GPS_ROUTE", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskGpsRoute.text"), Category.DATA_ARTIFACT),

                 TSK_REMOTE_DRIVE(37, "TSK_REMOTE_DRIVE", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskRemoteDrive.text"), Category.DATA_ARTIFACT),

                 TSK_FACE_DETECTED(38, "TSK_FACE_DETECTED", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskFaceDetected.text"), Category.ANALYSIS_RESULT),

                 TSK_ACCOUNT(39, "TSK_ACCOUNT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskAccount.text"), Category.DATA_ARTIFACT),

                 TSK_ENCRYPTION_SUSPECTED(40, "TSK_ENCRYPTION_SUSPECTED", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskEncryptionSuspected.text"), Category.ANALYSIS_RESULT),

                 /*

                  * A classifier detected an object in a media file.

                  */

                 TSK_OBJECT_DETECTED(41, "TSK_OBJECT_DETECTED", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskObjectDetected.text"), Category.ANALYSIS_RESULT),

                 TSK_WIFI_NETWORK(42, "TSK_WIFI_NETWORK", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskWIFINetwork.text"), Category.DATA_ARTIFACT),

                 TSK_DEVICE_INFO(43, "TSK_DEVICE_INFO", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskDeviceInfo.text"), Category.DATA_ARTIFACT),

                 TSK_SIM_ATTACHED(44, "TSK_SIM_ATTACHED", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskSimAttached.text"), Category.DATA_ARTIFACT),

                 TSK_BLUETOOTH_ADAPTER(45, "TSK_BLUETOOTH_ADAPTER", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskBluetoothAdapter.text"), Category.DATA_ARTIFACT),

                 TSK_WIFI_NETWORK_ADAPTER(46, "TSK_WIFI_NETWORK_ADAPTER", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskWIFINetworkAdapter.text"), Category.DATA_ARTIFACT),

                 TSK_VERIFICATION_FAILED(47, "TSK_VERIFICATION_FAILED", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskVerificationFailed.text"), Category.ANALYSIS_RESULT),

                 TSK_DATA_SOURCE_USAGE(48, "TSK_DATA_SOURCE_USAGE", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskDataSourceUsage.text"), Category.ANALYSIS_RESULT),

                 TSK_WEB_FORM_AUTOFILL(49, "TSK_WEB_FORM_AUTOFILL", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskWebFormAutofill.text"), Category.DATA_ARTIFACT),

                 TSK_WEB_FORM_ADDRESS(50, "TSK_WEB_FORM_ADDRESSES ", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskWebFormAddresses.text"), Category.DATA_ARTIFACT),

                 @Deprecated

                 TSK_DOWNLOAD_SOURCE(51, "TSK_DOWNLOAD_SOURCE", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskDownloadSource.text"), Category.DATA_ARTIFACT),

                 TSK_WEB_CACHE(52, "TSK_WEB_CACHE", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskWebCache.text"), Category.DATA_ARTIFACT),

                 TSK_TL_EVENT(53, "TSK_TL_EVENT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskTLEvent.text"), Category.DATA_ARTIFACT),

                 TSK_CLIPBOARD_CONTENT(54, "TSK_CLIPBOARD_CONTENT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskClipboardContent.text"), Category.DATA_ARTIFACT),

                 TSK_ASSOCIATED_OBJECT(55, "TSK_ASSOCIATED_OBJECT", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskAssociatedObject.text"), Category.DATA_ARTIFACT),

                 TSK_USER_CONTENT_SUSPECTED(56, "TSK_USER_CONTENT_SUSPECTED", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskUserContentSuspected.text"), Category.ANALYSIS_RESULT),

                 TSK_METADATA(57, "TSK_METADATA", //NON-NLS

                                 bundle.getString("BlackboardArtifact.tskMetadata.text"), Category.DATA_ARTIFACT),

                 TSK_GPS_TRACK(58, "TSK_GPS_TRACK",

                                 bundle.getString("BlackboardArtifact.tskTrack.text"), Category.DATA_ARTIFACT),

                 TSK_WEB_ACCOUNT_TYPE(59, "TSK_WEB_ACCOUNT_TYPE",

                                 bundle.getString("BlackboardArtifact.tskWebAccountType.text"), Category.ANALYSIS_RESULT),

                 TSK_SCREEN_SHOTS(60, "TSK_SCREEN_SHOTS",

                                 bundle.getString("BlackboardArtifact.tskScreenShots.text"), Category.DATA_ARTIFACT),

                 TSK_PROG_NOTIFICATIONS(62, "TSK_PROG_NOTIFICATIONS",

                                 bundle.getString("BlackboardArtifact.tskProgNotifications.text"), Category.DATA_ARTIFACT),

                 TSK_BACKUP_EVENT(63, "TSK_BACKUP_EVENT",

                                 bundle.getString("BlackboardArtifact.tskBackupEvent.text"), Category.DATA_ARTIFACT),

                 TSK_DELETED_PROG(64, "TSK_DELETED_PROG",

                                 bundle.getString("BlackboardArtifact.tskDeletedProg.text"), Category.DATA_ARTIFACT),

                 TSK_USER_DEVICE_EVENT(65, "TSK_USER_DEVICE_EVENT",

                                 bundle.getString("BlackboardArtifact.tskUserDeviceEvent.text"), Category.DATA_ARTIFACT),

                 TSK_YARA_HIT(66, "TSK_YARA_HIT",

                                 bundle.getString("BlackboardArtifact.tskYaraHit.text"), Category.ANALYSIS_RESULT),

                 TSK_GPS_AREA(67, "TSK_GPS_AREA",

                                 bundle.getString("BlackboardArtifact.tskGPSArea.text"), Category.DATA_ARTIFACT),

                 TSK_WEB_CATEGORIZATION(68, "TSK_WEB_CATEGORIZATION",

                                 bundle.getString("BlackboardArtifact.tskWebCategorization.text"), Category.ANALYSIS_RESULT),

                 TSK_PREVIOUSLY_SEEN(69, "TSK_PREVIOUSLY_SEEN",

                                 bundle.getString("BlackboardArtifact.tskPreviouslySeen.text"), Category.ANALYSIS_RESULT),

                 TSK_PREVIOUSLY_UNSEEN(70, "TSK_PREVIOUSLY_UNSEEN",

                                 bundle.getString("BlackboardArtifact.tskPreviouslyUnseen.text"), Category.ANALYSIS_RESULT),

                 TSK_PREVIOUSLY_NOTABLE(71, "TSK_PREVIOUSLY_NOTABLE",

                                 bundle.getString("BlackboardArtifact.tskPreviouslyNotable.text"), Category.ANALYSIS_RESULT);


                 /*

                  * To developers: For each new artifact, ensure that: - The enum value

                  * has 1-line JavaDoc description - The artifact catalog

                  * (artifact_catalog.dox) is updated to reflect the attributes it uses

                  */

                 private final String label;

                 private final int typeId;

                 private final String displayName;

                 private final Category category;


                 private ARTIFACT_TYPE(int typeId, String label, String displayName) {

                         this(typeId, label, displayName, Category.DATA_ARTIFACT);

                 }


                 private ARTIFACT_TYPE(int typeId, String label, String displayName, Category category) {

                         this.typeId = typeId;

                         this.label = label;

                         this.displayName = displayName;

                         this.category = category;

                 }


                 public int getTypeID() {

                         return this.typeId;

                 }


                 public String getLabel() {

                         return this.label;

                 }


                 public Category getCategory() {

                         return this.category;

                 }


                 static public ARTIFACT_TYPE fromLabel(String label) {

                         for (ARTIFACT_TYPE value : ARTIFACT_TYPE.values()) {

                                 if (value.getLabel().equals(label)) {

                                         return value;

                                 }

                         }

                         throw new IllegalArgumentException("No ARTIFACT_TYPE matching type: " + label);

                 }


                 static public ARTIFACT_TYPE fromID(int id) {

                         for (ARTIFACT_TYPE value : ARTIFACT_TYPE.values()) {

                                 if (value.getTypeID() == id) {

                                         return value;

                                 }

                         }

                         throw new IllegalArgumentException("No ARTIFACT_TYPE matching type: " + id);

                 }


                 public String getDisplayName() {

                         return displayName;

                 }


                 @Override

                 public <T> T accept(SleuthkitItemVisitor<T> visitor) {

                         return visitor.visit(this);

                 }


         }


         public enum Category {

                 // NOTE: The schema code defaults to '0', so that code must be updated too if DATA_ARTIFACT changes from being 0

                 DATA_ARTIFACT(0, "DATA_ARTIFACT", ResourceBundle.getBundle("org.sleuthkit.datamodel.Bundle").getString("CategoryType.DataArtifact")), // artifact is data that is directly/indirectly extracted from a data source.

                 ANALYSIS_RESULT(1, "ANALYSIS_RESULT", ResourceBundle.getBundle("org.sleuthkit.datamodel.Bundle").getString("CategoryType.AnalysisResult")); // artifacts represents outcome of analysis of data.


                 private final Integer id;

                 private final String name;

                 private final String displayName;


                 private final static Map<Integer, Category> idToCategory = new HashMap<Integer, Category>();


                 static {

                         for (Category status : values()) {

                                 idToCategory.put(status.getID(), status);

                         }

                 }


                 private Category(Integer id, String name, String displayName) {

                         this.id = id;

                         this.name = name;

                         this.displayName = displayName;

                 }


                 public static Category fromID(int id) {

                         return idToCategory.get(id);

                 }


                 public Integer getID() {

                         return id;

                 }


                 String getName() {

                         return name;

                 }


                 public String getDisplayName() {

                         return displayName;

                 }

         }


         public enum ReviewStatus {


                 APPROVED(1, "APPROVED", "ReviewStatus.Approved"), //approved by human user

                 REJECTED(2, "REJECTED", "ReviewStatus.Rejected"), //rejected by humna user

                 UNDECIDED(3, "UNDECIDED", "ReviewStatus.Undecided"); // not yet reviewed by human user


                 private final Integer id;

                 private final String name;

                 private final String displayName;

                 private final static Map<Integer, ReviewStatus> idToStatus = new HashMap<Integer, ReviewStatus>();


                 static {

                         for (ReviewStatus status : values()) {

                                 idToStatus.put(status.getID(), status);

                         }

                 }


                 private ReviewStatus(Integer id, String name, String displayNameKey) {

                         this.id = id;

                         this.name = name;

                         this.displayName = ResourceBundle.getBundle("org.sleuthkit.datamodel.Bundle").getString(displayNameKey);

                 }


                 public static ReviewStatus withID(int id) {

                         return idToStatus.get(id);

                 }


                 public Integer getID() {

                         return id;

                 }


                 String getName() {

                         return name;

                 }


                 public String getDisplayName() {

                         return displayName;

                 }

         }


         @Deprecated

         protected BlackboardArtifact(SleuthkitCase sleuthkitCase, long artifactID, long objID, long artifactObjID, long dataSourceObjId, int artifactTypeID, String artifactTypeName, String displayName) {

                 this(sleuthkitCase, artifactID, objID, artifactObjID, dataSourceObjId, artifactTypeID, artifactTypeName, displayName, ReviewStatus.UNDECIDED);

         }


         @Deprecated

         public List<BlackboardAttribute> getAttributes(final BlackboardAttribute.ATTRIBUTE_TYPE attributeType) throws TskCoreException {

                 if (loadedCacheFromDb == false) {

                         List<BlackboardAttribute> attrs = getSleuthkitCase().getBlackboardAttributes(this);

                         attrsCache.clear();

                         attrsCache.addAll(attrs);

                         loadedCacheFromDb = true;

                 }

                 ArrayList<BlackboardAttribute> filteredAttributes = new ArrayList<BlackboardAttribute>();

                 for (BlackboardAttribute attr : attrsCache) {

                         if (attr.getAttributeType().getTypeID() == attributeType.getTypeID()) {

                                 filteredAttributes.add(attr);

                         }

                 }

                 return filteredAttributes;

         }


         @Override

         public long getId() {

                 return this.artifactObjId;

         }


         @Override

         public List<Long> getChildrenIds() throws TskCoreException {

                 List<Long> childrenIDs = new ArrayList<Long>();

                 childrenIDs.addAll(getSleuthkitCase().getAbstractFileChildrenIds(this));

                 childrenIDs.addAll(getSleuthkitCase().getBlackboardArtifactChildrenIds(this));


                 return childrenIDs;

         }


         @Override

         public int getChildrenCount() throws TskCoreException {

                 if (childrenCount != -1) {

                         return childrenCount;

                 }


                 childrenCount = this.getSleuthkitCase().getContentChildrenCount(this);


                 hasChildren = childrenCount > 0;

                 checkedHasChildren = true;


                 return childrenCount;

         }


         @Override

         public boolean hasChildren() throws TskCoreException {

                 if (checkedHasChildren == true) {

                         return hasChildren;

                 }


                 childrenCount = this.getSleuthkitCase().getContentChildrenCount(this);


                 hasChildren = childrenCount > 0;

                 checkedHasChildren = true;


                 return hasChildren;

         }


         @Override

         public List<Content> getChildren() throws TskCoreException {

                 List<Content> children = new ArrayList<>();

                 children.addAll(getSleuthkitCase().getAbstractFileChildren(this));

                 children.addAll(getSleuthkitCase().getBlackboardArtifactChildren(this));


                 return children;

         }

 }

org.sleuthkit

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.fromID
static ARTIFACT_TYPE fromID(int id)
Definition: BlackboardArtifact.java:2032

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DEVICE_NAME
TSK_DEVICE_NAME
Definition: BlackboardAttribute.java:1309

org.sleuthkit.datamodel.BlackboardArtifact.Type.getTypeName
String getTypeName()
Definition: BlackboardArtifact.java:1465

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_GPS_LAST_KNOWN_LOCATION
static final Type TSK_GPS_LAST_KNOWN_LOCATION
Definition: BlackboardArtifact.java:1153

org.sleuthkit.datamodel.BlackboardArtifact.getAllArtifactsCount
long getAllArtifactsCount()
Definition: BlackboardArtifact.java:627

org.sleuthkit.datamodel.BlackboardArtifact.getArtifacts
ArrayList< BlackboardArtifact > getArtifacts(int artifactTypeID)
Definition: BlackboardArtifact.java:599

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_TO
TSK_PHONE_NUMBER_TO
Definition: BlackboardAttribute.java:1282

org.sleuthkit.datamodel.BlackboardArtifact.ReviewStatus
Definition: BlackboardArtifact.java:2147

org.sleuthkit.datamodel.SleuthkitCase.getBlackboardAttributes
ArrayList< BlackboardAttribute > getBlackboardAttributes(final BlackboardArtifact artifact)
Definition: SleuthkitCase.java:4987

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.fromLabel
static ARTIFACT_TYPE fromLabel(String label)
Definition: BlackboardArtifact.java:2013

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_WEB_DOWNLOAD
static final Type TSK_WEB_DOWNLOAD
Definition: BlackboardArtifact.java:1038

org.sleuthkit.datamodel.BlackboardArtifact.getDisplayName
String getDisplayName()
Definition: BlackboardArtifact.java:221

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_SPEED_DIAL_ENTRY
static final Type TSK_SPEED_DIAL_ENTRY
Definition: BlackboardArtifact.java:1138

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_PREVIEW
TSK_KEYWORD_PREVIEW
Definition: BlackboardAttribute.java:1050

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME
TSK_NAME
Definition: BlackboardAttribute.java:1029

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_CLIPBOARD_CONTENT
static final Type TSK_CLIPBOARD_CONTENT
Definition: BlackboardArtifact.java:1276

org.sleuthkit.datamodel.BlackboardArtifact.newDataArtifact
DataArtifact newDataArtifact(BlackboardArtifact.Type artifactType, Collection< BlackboardAttribute > attributesList, Long osAccountId)
Definition: BlackboardArtifact.java:793

org.sleuthkit.datamodel.SleuthkitCase.addBlackboardAttributes
void addBlackboardAttributes(Collection< BlackboardAttribute > attributes, int artifactTypeId)
Definition: SleuthkitCase.java:4452

org.sleuthkit.datamodel.BlackboardArtifact.hashCode
int hashCode()
Definition: BlackboardArtifact.java:862

org.sleuthkit.datamodel.SleuthkitCase.beginTransaction
CaseDbTransaction beginTransaction()
Definition: SleuthkitCase.java:2809

org.sleuthkit.datamodel.BlackboardArtifact.ReviewStatus.REJECTED
REJECTED
Definition: BlackboardArtifact.java:2150

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_INSTALLED_PROG
static final Type TSK_INSTALLED_PROG
Definition: BlackboardArtifact.java:1049

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_WEB_ACCOUNT_TYPE
static final Type TSK_WEB_ACCOUNT_TYPE
Definition: BlackboardArtifact.java:1303

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_SCREEN_SHOTS
static final Type TSK_SCREEN_SHOTS
Definition: BlackboardArtifact.java:1308

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_RECENT_OBJECT
static final Type TSK_RECENT_OBJECT
Definition: BlackboardArtifact.java:1043

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_SIM_ATTACHED
static final Type TSK_SIM_ATTACHED
Definition: BlackboardArtifact.java:1226

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_METADATA
static final Type TSK_METADATA
Definition: BlackboardArtifact.java:1291

org.sleuthkit.datamodel.BlackboardAttribute
Definition: BlackboardAttribute.java:45

org.sleuthkit.datamodel.SleuthkitCase.getBlackboard
Blackboard getBlackboard()
Definition: SleuthkitCase.java:497

org.sleuthkit.datamodel.BlackboardArtifact.ReviewStatus.APPROVED
APPROVED
Definition: BlackboardArtifact.java:2149

org.sleuthkit.datamodel.BlackboardArtifact.ReviewStatus.getID
Integer getID()
Definition: BlackboardArtifact.java:2194

org.sleuthkit.datamodel.SleuthkitItemVisitor
Definition: SleuthkitItemVisitor.java:35

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_KEYWORD_HIT
static final Type TSK_KEYWORD_HIT
Definition: BlackboardArtifact.java:1054

org.sleuthkit.datamodel.AnalysisResultAdded
Definition: AnalysisResultAdded.java:25

org.sleuthkit.datamodel.BlackboardArtifact.Category.fromID
static Category fromID(int id)
Definition: BlackboardArtifact.java:2112

org.sleuthkit.datamodel.BlackboardArtifact.getArtifactTypeName
String getArtifactTypeName()
Definition: BlackboardArtifact.java:212

org.sleuthkit.datamodel.BlackboardAttribute.toString
String toString()
Definition: BlackboardAttribute.java:336

org.sleuthkit.datamodel.BlackboardArtifact.addAttributes
void addAttributes(Collection< BlackboardAttribute > attributes)
Definition: BlackboardArtifact.java:459

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_GPS_ROUTE
static final Type TSK_GPS_ROUTE
Definition: BlackboardArtifact.java:1186

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_REMOTE_PATH
TSK_REMOTE_PATH
Definition: BlackboardAttribute.java:1357

org.sleuthkit.datamodel.BlackboardArtifact.getObjectID
long getObjectID()
Definition: BlackboardArtifact.java:171

org.sleuthkit.datamodel.SleuthkitCase.addBlackboardAttribute
void addBlackboardAttribute(BlackboardAttribute attr, int artifactTypeId)
Definition: SleuthkitCase.java:4432

org.sleuthkit.datamodel.BlackboardArtifact.getParent
Content getParent()
Definition: BlackboardArtifact.java:531

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DOMAIN
TSK_DOMAIN
Definition: BlackboardAttribute.java:1063

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_TL_EVENT
static final Type TSK_TL_EVENT
Definition: BlackboardArtifact.java:1271

org.sleuthkit.datamodel.BlackboardArtifact.getAttributes
List< BlackboardAttribute > getAttributes(final BlackboardAttribute.ATTRIBUTE_TYPE attributeType)
Definition: BlackboardArtifact.java:2258

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_WEB_HISTORY
static final Type TSK_WEB_HISTORY
Definition: BlackboardArtifact.java:1031

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_DATA_SOURCE_USAGE
static final Type TSK_DATA_SOURCE_USAGE
Definition: BlackboardArtifact.java:1246

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_SERVICE_ACCOUNT
static final Type TSK_SERVICE_ACCOUNT
Definition: BlackboardArtifact.java:1103

org

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_INTERESTING_ARTIFACT_HIT
static final Type TSK_INTERESTING_ARTIFACT_HIT
Definition: BlackboardArtifact.java:1179

org.sleuthkit.datamodel.BlackboardArtifact.Category.getID
Integer getID()
Definition: BlackboardArtifact.java:2121

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_DEVICE_ATTACHED
static final Type TSK_DEVICE_ATTACHED
Definition: BlackboardArtifact.java:1064

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_CALENDAR_ENTRY
static final Type TSK_CALENDAR_ENTRY
Definition: BlackboardArtifact.java:1133

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_OBJECT_DETECTED
static final Type TSK_OBJECT_DETECTED
Definition: BlackboardArtifact.java:1211

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER
TSK_PHONE_NUMBER
Definition: BlackboardAttribute.java:1131

org.sleuthkit.datamodel.BlackboardArtifact.getArtifactsCount
long getArtifactsCount(int artifactTypeID)
Definition: BlackboardArtifact.java:659

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DESCRIPTION
TSK_DESCRIPTION
Definition: BlackboardAttribute.java:1264

org.sleuthkit.datamodel.Blackboard
Definition: Blackboard.java:44

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME
TSK_PROG_NAME
Definition: BlackboardAttribute.java:1032

org.sleuthkit.datamodel.SleuthkitCase.getContentById
Content getContentById(long id)
Definition: SleuthkitCase.java:5834

org.sleuthkit.datamodel.BlackboardArtifact.getGenInfoArtifact
BlackboardArtifact getGenInfoArtifact()
Definition: BlackboardArtifact.java:689

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_WEB_CATEGORIZATION
static final Type TSK_WEB_CATEGORIZATION
Definition: BlackboardArtifact.java:1343

org.sleuthkit.datamodel.BlackboardArtifact.toString
String toString()
Definition: BlackboardArtifact.java:874

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_EXT_MISMATCH_DETECTED
static final Type TSK_EXT_MISMATCH_DETECTED
Definition: BlackboardArtifact.java:1173

org.sleuthkit.datamodel.BlackboardArtifact.Type.getTypeID
int getTypeID()
Definition: BlackboardArtifact.java:1474

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_DELETED_PROG
static final Type TSK_DELETED_PROG
Definition: BlackboardArtifact.java:1323

org.sleuthkit.datamodel.ContentVisitor.visit
T visit(Directory d)

org.sleuthkit.datamodel.BlackboardArtifact.read
final int read(byte[] buf, long offset, long len)
Definition: BlackboardArtifact.java:935

org.sleuthkit.datamodel.BlackboardArtifact.getShortDescription
String getShortDescription()
Definition: BlackboardArtifact.java:232

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_START
TSK_DATETIME_START
Definition: BlackboardAttribute.java:1294

org.sleuthkit.datamodel.BlackboardArtifact.getSize
long getSize()
Definition: BlackboardArtifact.java:900

org.sleuthkit.datamodel.BlackboardArtifact.getSleuthkitCase
SleuthkitCase getSleuthkitCase()
Definition: BlackboardArtifact.java:152

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_EMAIL_OFFICE
TSK_EMAIL_OFFICE
Definition: BlackboardAttribute.java:1291

org.sleuthkit.datamodel.BlackboardArtifact.close
void close()
Definition: BlackboardArtifact.java:917

org.sleuthkit.datamodel.BlackboardArtifact
Definition: BlackboardArtifact.java:53

org.sleuthkit.datamodel.BlackboardArtifact.Type
Definition: BlackboardArtifact.java:1003

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_MAC_ADDRESS
TSK_MAC_ADDRESS
Definition: BlackboardAttribute.java:1429

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_GPS_AREA
static final Type TSK_GPS_AREA
Definition: BlackboardArtifact.java:1338

org.sleuthkit.datamodel.BlackboardArtifact.addAttribute
void addAttribute(BlackboardAttribute attribute)
Definition: BlackboardArtifact.java:398

org.sleuthkit.datamodel.BlackboardArtifact.equals
boolean equals(Object object)
Definition: BlackboardArtifact.java:845

org.sleuthkit.datamodel.BlackboardArtifact.getReviewStatus
ReviewStatus getReviewStatus()
Definition: BlackboardArtifact.java:370

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DEVICE_ID
TSK_DEVICE_ID
Definition: BlackboardAttribute.java:1078

org.sleuthkit.datamodel.BlackboardArtifact.Type.getDisplayName
String getDisplayName()
Definition: BlackboardArtifact.java:1483

org.sleuthkit.datamodel.Blackboard.getAnalysisResults
List< AnalysisResult > getAnalysisResults(long sourceObjId)
Definition: Blackboard.java:398

org.sleuthkit.datamodel.BlackboardArtifact.Category.getName
String getName()
Definition: BlackboardArtifact.java:2130

org.sleuthkit.datamodel.BlackboardArtifact.Type.hashCode
int hashCode()
Definition: BlackboardArtifact.java:1533

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_PREVIOUSLY_UNSEEN
static final Type TSK_PREVIOUSLY_UNSEEN
Definition: BlackboardArtifact.java:1353

org.sleuthkit.datamodel.BlackboardArtifact.getType
BlackboardArtifact.Type getType()
Definition: BlackboardArtifact.java:198

org.sleuthkit.datamodel.SleuthkitVisitableItem
Definition: SleuthkitVisitableItem.java:24

org.sleuthkit.datamodel.BlackboardArtifact.getArtifacts
ArrayList< BlackboardArtifact > getArtifacts(BlackboardArtifact.ARTIFACT_TYPE type)
Definition: BlackboardArtifact.java:614

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_GPS_BOOKMARK
static final Type TSK_GPS_BOOKMARK
Definition: BlackboardArtifact.java:1148

org.sleuthkit.datamodel.BlackboardArtifact.getAllAnalysisResults
List< AnalysisResult > getAllAnalysisResults()
Definition: BlackboardArtifact.java:552

org.sleuthkit.datamodel.BlackboardArtifact.newAnalysisResult
AnalysisResultAdded newAnalysisResult(BlackboardArtifact.Type artifactType, Score score, String conclusion, String configuration, String justification, Collection< BlackboardAttribute > attributesList)
Definition: BlackboardArtifact.java:765

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_PREVIOUSLY_SEEN
static final Type TSK_PREVIOUSLY_SEEN
Definition: BlackboardArtifact.java:1348

org.sleuthkit.datamodel.BlackboardArtifact.getId
long getId()
Definition: BlackboardArtifact.java:2275

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_EMAIL_HOME
TSK_EMAIL_HOME
Definition: BlackboardAttribute.java:1288

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_ACCOUNT_TYPE
TSK_ACCOUNT_TYPE
Definition: BlackboardAttribute.java:1408

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_COMMENT
TSK_COMMENT
Definition: BlackboardAttribute.java:1243

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME
TSK_DATETIME
Definition: BlackboardAttribute.java:1026

org.sleuthkit.datamodel.BlackboardArtifact.getHashSetNames
Set< String > getHashSetNames()
Definition: BlackboardArtifact.java:741

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_ENCRYPTION_DETECTED
static final Type TSK_ENCRYPTION_DETECTED
Definition: BlackboardArtifact.java:1168

org.sleuthkit.datamodel.BlackboardArtifact.Category.getDisplayName
String getDisplayName()
Definition: BlackboardArtifact.java:2139

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_MOBILE
TSK_PHONE_NUMBER_MOBILE
Definition: BlackboardAttribute.java:1276

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_BACKUP_EVENT
static final Type TSK_BACKUP_EVENT
Definition: BlackboardArtifact.java:1318

org.sleuthkit.datamodel.BlackboardArtifact.getUniquePath
String getUniquePath()
Definition: BlackboardArtifact.java:513

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_PROG_RUN
static final Type TSK_PROG_RUN
Definition: BlackboardArtifact.java:1163

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.accept
public< T > T accept(SleuthkitItemVisitor< T > visitor)
Definition: BlackboardArtifact.java:2062

org.sleuthkit.datamodel.SleuthkitCase.CaseDbTransaction.commit
void commit()
Definition: SleuthkitCase.java:13731

org.sleuthkit.datamodel.BlackboardArtifact.ReviewStatus.getDisplayName
String getDisplayName()
Definition: BlackboardArtifact.java:2212

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_RCVD
TSK_DATETIME_RCVD
Definition: BlackboardAttribute.java:1180

org.sleuthkit.datamodel.BlackboardArtifact.addAttributes
void addAttributes(Collection< BlackboardAttribute > attributes, final SleuthkitCase.CaseDbTransaction caseDbTransaction)
Definition: BlackboardArtifact.java:486

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_USER_DEVICE_EVENT
static final Type TSK_USER_DEVICE_EVENT
Definition: BlackboardArtifact.java:1328

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME
TSK_SET_NAME
Definition: BlackboardAttribute.java:1137

org.sleuthkit.datamodel.BlackboardAttribute.getDisplayString
String getDisplayString()
Definition: BlackboardAttribute.java:346

org.sleuthkit.datamodel.BlackboardArtifact.newArtifact
BlackboardArtifact newArtifact(int artifactTypeID)
Definition: BlackboardArtifact.java:760

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_VERIFICATION_FAILED
static final Type TSK_VERIFICATION_FAILED
Definition: BlackboardArtifact.java:1241

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_REMOTE_DRIVE
static final Type TSK_REMOTE_DRIVE
Definition: BlackboardArtifact.java:1191

org.sleuthkit.datamodel.Score
Definition: Score.java:64

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_YARA_HIT
static final Type TSK_YARA_HIT
Definition: BlackboardArtifact.java:1333

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_PREVIOUSLY_NOTABLE
static final Type TSK_PREVIOUSLY_NOTABLE
Definition: BlackboardArtifact.java:1358

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_GPS_SEARCH
static final Type TSK_GPS_SEARCH
Definition: BlackboardArtifact.java:1158

org.sleuthkit.datamodel.BlackboardArtifact.getAttribute
BlackboardAttribute getAttribute(BlackboardAttribute.Type attributeType)
Definition: BlackboardArtifact.java:440

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_SENT
TSK_DATETIME_SENT
Definition: BlackboardAttribute.java:1183

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_ACCOUNT
static final Type TSK_ACCOUNT
Definition: BlackboardArtifact.java:1201

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_WEB_FORM_AUTOFILL
static final Type TSK_WEB_FORM_AUTOFILL
Definition: BlackboardArtifact.java:1253

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_OFFICE
TSK_PHONE_NUMBER_OFFICE
Definition: BlackboardAttribute.java:1273

org.sleuthkit.datamodel.BlackboardArtifact.getChildrenIds
List< Long > getChildrenIds()
Definition: BlackboardArtifact.java:2288

org.sleuthkit.datamodel.TskCoreException
Definition: TskCoreException.java:25

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_WEB_CACHE
static final Type TSK_WEB_CACHE
Definition: BlackboardArtifact.java:1266

org.sleuthkit.datamodel.BlackboardArtifact.getChildrenCount
int getChildrenCount()
Definition: BlackboardArtifact.java:2297

org.sleuthkit.datamodel.Blackboard.BlackboardException
Definition: Blackboard.java:1171

org.sleuthkit.datamodel.BlackboardArtifact.getArtifactTypeID
int getArtifactTypeID()
Definition: BlackboardArtifact.java:189

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_WEB_FORM_ADDRESS
static final Type TSK_WEB_FORM_ADDRESS
Definition: BlackboardArtifact.java:1260

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SSID
TSK_SSID
Definition: BlackboardAttribute.java:1423

org.sleuthkit.datamodel.BlackboardArtifact.getArtifactsCount
long getArtifactsCount(String artifactTypeName)
Definition: BlackboardArtifact.java:643

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_HOME
TSK_PHONE_NUMBER_HOME
Definition: BlackboardAttribute.java:1270

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_CALLLOG
static final Type TSK_CALLLOG
Definition: BlackboardArtifact.java:1128

org.sleuthkit.datamodel.Content
Definition: Content.java:33

org.sleuthkit.datamodel.SleuthkitCase.CaseDbTransaction
Definition: SleuthkitCase.java:13604

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_EXTRACTED_TEXT
static final Type TSK_EXTRACTED_TEXT
Definition: BlackboardArtifact.java:1080

org.sleuthkit.datamodel.BlackboardArtifact.getAnalysisResults
List< AnalysisResult > getAnalysisResults(BlackboardArtifact.Type artifactType)
Definition: BlackboardArtifact.java:568

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_END
TSK_DATETIME_END
Definition: BlackboardAttribute.java:1297

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_EMAIL
TSK_EMAIL
Definition: BlackboardAttribute.java:1081

org.sleuthkit.datamodel.ContentVisitor
Definition: ContentVisitor.java:32

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_METADATA_EXIF
static final Type TSK_METADATA_EXIF
Definition: BlackboardArtifact.java:1090

org.sleuthkit.datamodel.BlackboardArtifact.getGenInfoArtifact
BlackboardArtifact getGenInfoArtifact(boolean create)
Definition: BlackboardArtifact.java:708

org.sleuthkit.datamodel.SleuthkitCase.getArtifactType
BlackboardArtifact.Type getArtifactType(String artTypeName)
Definition: SleuthkitCase.java:4835

org.sleuthkit.datamodel.BlackboardArtifact.ReviewStatus.UNDECIDED
UNDECIDED
Definition: BlackboardArtifact.java:2151

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_BLUETOOTH_PAIRING
static final Type TSK_BLUETOOTH_PAIRING
Definition: BlackboardArtifact.java:1143

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.getDisplayName
String getDisplayName()
Definition: BlackboardArtifact.java:2046

org.sleuthkit.datamodel.BlackboardArtifact.hasChildren
boolean hasChildren()
Definition: BlackboardArtifact.java:2311

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_GEN_INFO
static final Type TSK_GEN_INFO
Definition: BlackboardArtifact.java:1010

org.sleuthkit.datamodel.BlackboardArtifact.getAllDataArtifacts
List< DataArtifact > getAllDataArtifacts()
Definition: BlackboardArtifact.java:557

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.getLabel
String getLabel()
Definition: BlackboardArtifact.java:1992

org.sleuthkit.datamodel.AbstractAttribute.getAttributeType
BlackboardAttribute.Type getAttributeType()
Definition: AbstractAttribute.java:237

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_DEVICE_INFO
static final Type TSK_DEVICE_INFO
Definition: BlackboardArtifact.java:1221

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_USER_CONTENT_SUSPECTED
static final Type TSK_USER_CONTENT_SUSPECTED
Definition: BlackboardArtifact.java:1286

org.sleuthkit.datamodel.BlackboardArtifact.newAnalysisResult
AnalysisResultAdded newAnalysisResult(BlackboardArtifact.Type artifactType, Score score, String conclusion, String configuration, String justification, Collection< BlackboardAttribute > attributesList, long dataSourceId)
Definition: BlackboardArtifact.java:779

org.sleuthkit.datamodel.BlackboardArtifact.getArtifacts
ArrayList< BlackboardArtifact > getArtifacts(String artifactTypeName)
Definition: BlackboardArtifact.java:583

org.sleuthkit.datamodel.SleuthkitCase
Definition: SleuthkitCase.java:100

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_TEXT
TSK_TEXT
Definition: BlackboardAttribute.java:1096

org.sleuthkit.datamodel.BlackboardArtifact.getAggregateScore
Score getAggregateScore()
Definition: BlackboardArtifact.java:562

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_CONTACT
static final Type TSK_CONTACT
Definition: BlackboardArtifact.java:1112

org.sleuthkit.datamodel.BlackboardAttribute.Type
Definition: BlackboardAttribute.java:426

org.sleuthkit.datamodel.BlackboardArtifact.getAttributes
List< BlackboardAttribute > getAttributes()
Definition: BlackboardArtifact.java:413

org.sleuthkit.datamodel.BlackboardArtifact.BlackboardArtifact
BlackboardArtifact(SleuthkitCase sleuthkitCase, long artifactID, long objID, long artifactObjID, long dataSourceObjId, int artifactTypeID, String artifactTypeName, String displayName)
Definition: BlackboardArtifact.java:2239

org.sleuthkit.datamodel.BlackboardArtifact.getChildren
List< Content > getChildren()
Definition: BlackboardArtifact.java:2333

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_HASHSET_HIT
static final Type TSK_HASHSET_HIT
Definition: BlackboardArtifact.java:1059

org.sleuthkit.datamodel.Blackboard.newAnalysisResult
AnalysisResultAdded newAnalysisResult(BlackboardArtifact.Type artifactType, long objId, Long dataSourceObjId, Score score, String conclusion, String configuration, String justification, Collection< BlackboardAttribute > attributesList)
Definition: Blackboard.java:178

org.sleuthkit.datamodel.BlackboardArtifact.getName
String getName()
Definition: BlackboardArtifact.java:953

org.sleuthkit.datamodel.BlackboardArtifact.ReviewStatus.getName
String getName()
Definition: BlackboardArtifact.java:2203

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_WEB_SEARCH_QUERY
static final Type TSK_WEB_SEARCH_QUERY
Definition: BlackboardArtifact.java:1085

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_WIFI_NETWORK_ADAPTER
static final Type TSK_WIFI_NETWORK_ADAPTER
Definition: BlackboardArtifact.java:1236

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_PROG_NOTIFICATIONS
static final Type TSK_PROG_NOTIFICATIONS
Definition: BlackboardArtifact.java:1313

org.sleuthkit.datamodel.BlackboardArtifact.Type.equals
boolean equals(Object that)
Definition: BlackboardArtifact.java:1504

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_WEB_BOOKMARK
static final Type TSK_WEB_BOOKMARK
Definition: BlackboardArtifact.java:1017

org.sleuthkit.datamodel.BlackboardArtifact.newDataArtifact
DataArtifact newDataArtifact(BlackboardArtifact.Type artifactType, Collection< BlackboardAttribute > attributesList, Long osAccountId, long dataSourceId)
Definition: BlackboardArtifact.java:798

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED
TSK_DATETIME_ACCESSED
Definition: BlackboardAttribute.java:1125

org.sleuthkit.datamodel.BlackboardArtifact.Category
Definition: BlackboardArtifact.java:2075

org.sleuthkit.datamodel.DataArtifact
Definition: DataArtifact.java:27

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_ASSOCIATED_OBJECT
static final Type TSK_ASSOCIATED_OBJECT
Definition: BlackboardArtifact.java:1281

org.sleuthkit.datamodel.BlackboardArtifact.getDataSource
Content getDataSource()
Definition: BlackboardArtifact.java:958

org.sleuthkit.datamodel
Definition: AbstractAttribute.java:19

org.sleuthkit.datamodel.BlackboardArtifact.getAllArtifacts
ArrayList< BlackboardArtifact > getAllArtifacts()
Definition: BlackboardArtifact.java:546

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.getCategory
Category getCategory()
Definition: BlackboardArtifact.java:2001

org.sleuthkit.datamodel.BlackboardArtifact.getArtifactID
long getArtifactID()
Definition: BlackboardArtifact.java:161

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_EMAIL_MSG
static final Type TSK_EMAIL_MSG
Definition: BlackboardArtifact.java:1075

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_FROM
TSK_PHONE_NUMBER_FROM
Definition: BlackboardAttribute.java:1279

org.sleuthkit.datamodel.BlackboardArtifact.setReviewStatus
void setReviewStatus(ReviewStatus newStatus)
Definition: BlackboardArtifact.java:382

org.sleuthkit.datamodel.BlackboardArtifact.Category.ANALYSIS_RESULT
ANALYSIS_RESULT
Definition: BlackboardArtifact.java:2078

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_CREATED
TSK_DATETIME_CREATED
Definition: BlackboardAttribute.java:1249

org.sleuthkit.datamodel.SleuthkitItemVisitor.visit
T visit(Directory d)

org.sleuthkit.datamodel.SleuthkitCase.CaseDbTransaction.rollback
void rollback()
Definition: SleuthkitCase.java:13770

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.getTypeID
int getTypeID()
Definition: BlackboardArtifact.java:1983

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE
Definition: BlackboardAttribute.java:1021

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_MODIFIED
TSK_DATETIME_MODIFIED
Definition: BlackboardAttribute.java:1252

org.sleuthkit.datamodel.BlackboardArtifact.getArtifactsCount
long getArtifactsCount(BlackboardArtifact.ARTIFACT_TYPE type)
Definition: BlackboardArtifact.java:675

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_WEB_COOKIE
static final Type TSK_WEB_COOKIE
Definition: BlackboardArtifact.java:1024

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_GPS_TRACK
static final Type TSK_GPS_TRACK
Definition: BlackboardArtifact.java:1298

org.sleuthkit.datamodel.BlackboardArtifact.newDataArtifact
DataArtifact newDataArtifact(BlackboardArtifact.Type artifactType, Collection< BlackboardAttribute > attributesList)
Definition: BlackboardArtifact.java:803

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_OS_INFO
static final Type TSK_OS_INFO
Definition: BlackboardArtifact.java:1097

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_WIFI_NETWORK
static final Type TSK_WIFI_NETWORK
Definition: BlackboardArtifact.java:1216

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_EMAIL_TO
TSK_EMAIL_TO
Definition: BlackboardAttribute.java:1153

org.sleuthkit.datamodel.BlackboardArtifact.Type.Type
Type(ARTIFACT_TYPE type)
Definition: BlackboardArtifact.java:1456

org.sleuthkit.datamodel.BlackboardArtifact.getGenInfoAttributes
ArrayList< BlackboardAttribute > getGenInfoAttributes(BlackboardAttribute.ATTRIBUTE_TYPE attr_type)
Definition: BlackboardArtifact.java:728

org.sleuthkit.datamodel.BlackboardArtifact.ReviewStatus.withID
static ReviewStatus withID(int id)
Definition: BlackboardArtifact.java:2185

org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE
Definition: BlackboardArtifact.java:1547

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_MESSAGE
static final Type TSK_MESSAGE
Definition: BlackboardArtifact.java:1120

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LOCATION
TSK_LOCATION
Definition: BlackboardAttribute.java:1303

org.sleuthkit.datamodel.BlackboardArtifact.Category.DATA_ARTIFACT
DATA_ARTIFACT
Definition: BlackboardArtifact.java:2077

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_FACE_DETECTED
static final Type TSK_FACE_DETECTED
Definition: BlackboardArtifact.java:1196

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_BLUETOOTH_ADAPTER
static final Type TSK_BLUETOOTH_ADAPTER
Definition: BlackboardArtifact.java:1231

org.sleuthkit.datamodel.ScoringManager.getAggregateScore
Score getAggregateScore(long objId)
Definition: ScoringManager.java:67

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_ENCRYPTION_SUSPECTED
static final Type TSK_ENCRYPTION_SUSPECTED
Definition: BlackboardArtifact.java:1206

org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_EMAIL_FROM
TSK_EMAIL_FROM
Definition: BlackboardAttribute.java:1162

org.sleuthkit.datamodel.BlackboardArtifact.Type.getCategory
Category getCategory()
Definition: BlackboardArtifact.java:1492

org.sleuthkit.datamodel.Content.getUniquePath
String getUniquePath()

org.sleuthkit.datamodel.SleuthkitCase.getScoringManager
ScoringManager getScoringManager()
Definition: SleuthkitCase.java:548

org.sleuthkit.datamodel.BlackboardArtifact.Type.TSK_INTERESTING_FILE_HIT
static final Type TSK_INTERESTING_FILE_HIT
Definition: BlackboardArtifact.java:1070

org.sleuthkit.datamodel.BlackboardArtifact.newArtifact
BlackboardArtifact newArtifact(BlackboardArtifact.ARTIFACT_TYPE type)
Definition: BlackboardArtifact.java:820

org.sleuthkit.datamodel.SleuthkitCase.setReviewStatus
void setReviewStatus(BlackboardArtifact artifact, BlackboardArtifact.ReviewStatus newStatus)
Definition: SleuthkitCase.java:11052