Sleuth Kit Java Bindings (JNI)  4.11.0
Java bindings for using The Sleuth Kit
Classes | Public Member Functions | Static Public Member Functions | Public Attributes | List of all members
org.sleuthkit.datamodel.TimelineEventType Interface Reference

Inherits Comparable< TimelineEventType >.

Inherited by org.sleuthkit.datamodel.TimelineEventTypeImpl.

Classes

enum  HierarchyLevel
 

Public Member Functions

default int compareTo (TimelineEventType otherType)
 
default TimelineEventType getCategory ()
 
Optional<?extends TimelineEventTypegetChild (String displayName)
 
SortedSet<?extends TimelineEventTypegetChildren ()
 
String getDisplayName ()
 
TimelineEventType getParent ()
 
default SortedSet<?extends TimelineEventTypegetSiblings ()
 
TimelineEventType.HierarchyLevel getTypeHierarchyLevel ()
 
long getTypeID ()
 

Static Public Member Functions

static SortedSet<?extends TimelineEventTypegetCategoryTypes ()
 
static SortedSet<?extends TimelineEventTypegetFileSystemTypes ()
 
static SortedSet<?extends TimelineEventTypegetMiscTypes ()
 
static SortedSet<?extends TimelineEventTypegetWebActivityTypes ()
 
static String stringValueOf (BlackboardAttribute attr)
 
static String toFrom (BlackboardAttribute dir)
 

Public Attributes

TimelineEventType BACKUP_EVENT_END
 
TimelineEventType BACKUP_EVENT_START
 
TimelineEventType BLUETOOTH_ADAPTER
 
TimelineEventType BLUETOOTH_PAIRING
 
TimelineEventType BLUETOOTH_PAIRING_ACCESSED
 
TimelineEventType CALENDAR_ENTRY_END
 
TimelineEventType CALENDAR_ENTRY_START
 
TimelineEventType CALL_LOG
 
TimelineEventType CALL_LOG_END
 
TimelineEventType CUSTOM_ARTIFACT_CATCH_ALL
 
int DEPRECATED_OTHER_EVENT_ID = 22
 
TimelineEventType DEVICES_ATTACHED
 
TimelineEventType EMAIL
 
TimelineEventType EMAIL_RCVD
 
TimelineEventType EXIF
 
TimelineEventType FILE_ACCESSED
 
TimelineEventType FILE_CHANGED
 
TimelineEventType FILE_CREATED
 
TimelineEventType FILE_MODIFIED
 
TimelineEventType FILE_SYSTEM
 
TimelineEventType GPS_BOOKMARK
 
TimelineEventType GPS_LAST_KNOWN_LOCATION
 
TimelineEventType GPS_ROUTE
 
TimelineEventType GPS_SEARCH
 
TimelineEventType GPS_TRACK
 
TimelineEventType GPS_TRACKPOINT
 
TimelineEventType INSTALLED_PROGRAM
 
TimelineEventType LOG_ENTRY
 
TimelineEventType MESSAGE
 
TimelineEventType METADATA_CREATED
 
TimelineEventType METADATA_LAST_PRINTED
 
TimelineEventType METADATA_LAST_SAVED
 
TimelineEventType MISC_TYPES
 
TimelineEventType OS_INFO
 
TimelineEventType PROGRAM_DELETED
 
TimelineEventType PROGRAM_EXECUTION
 
TimelineEventType PROGRAM_NOTIFICATION
 
TimelineEventType RECENT_DOCUMENTS
 
TimelineEventType REGISTRY
 
TimelineEventType ROOT_EVENT_TYPE
 
TimelineEventType SCREEN_SHOT
 
TimelineEventType SERVICE_ACCOUNT
 
TimelineEventType STANDARD_ARTIFACT_CATCH_ALL
 
TimelineEventType USER_CREATED
 
TimelineEventType USER_DEVICE_EVENT_END
 
TimelineEventType USER_DEVICE_EVENT_START
 
TimelineEventType WEB_ACTIVITY
 
TimelineEventType WEB_BOOKMARK
 
TimelineEventType WEB_CACHE
 
TimelineEventType WEB_COOKIE
 
TimelineEventType WEB_COOKIE_ACCESSED
 
TimelineEventType WEB_COOKIE_END
 
TimelineEventType WEB_DOWNLOADS
 
TimelineEventType WEB_FORM_ADDRESSES
 
TimelineEventType WEB_FORM_ADDRESSES_MODIFIED
 
TimelineEventType WEB_FORM_AUTOFILL
 
TimelineEventType WEB_FORM_AUTOFILL_ACCESSED
 
TimelineEventType WEB_HISTORY
 
TimelineEventType WEB_HISTORY_CREATED
 
TimelineEventType WEB_SEARCH
 
TimelineEventType WIFI_NETWORK
 

Detailed Description

An interface implemented by timeline event types. Timeline event types are organized into a type hierarchy. This type hierarchy has three levels: the root level, the category level (e.g, file system events, web activity events), and the actual event level (e.g., file modified events, web download events).

Currently (9/20/19), all supported timeline event types are defined as members of this interface.

WARNING: THIS INTERFACE IS A "BETA" INTERFACE AND IS SUBJECT TO CHANGE AT ANY TIME.

Definition at line 55 of file TimelineEventType.java.

Member Function Documentation

default int org.sleuthkit.datamodel.TimelineEventType.compareTo ( TimelineEventType  otherType)

Definition at line 127 of file TimelineEventType.java.

References org.sleuthkit.datamodel.TimelineEventType.getDisplayName().

default TimelineEventType org.sleuthkit.datamodel.TimelineEventType.getCategory ( )

Gets the category level event type for this event type in the type hierarchy.

Returns
The category event type.

Definition at line 108 of file TimelineEventType.java.

References org.sleuthkit.datamodel.TimelineEventType.getCategory(), org.sleuthkit.datamodel.TimelineEventType.getParent(), and org.sleuthkit.datamodel.TimelineEventType.ROOT_EVENT_TYPE.

Referenced by org.sleuthkit.datamodel.TimelineEventType.getCategory().

static SortedSet<? extends TimelineEventType> org.sleuthkit.datamodel.TimelineEventType.getCategoryTypes ( )
static

Definition at line 823 of file TimelineEventType.java.

References org.sleuthkit.datamodel.TimelineEventType.getChildren().

Optional<? extends TimelineEventType> org.sleuthkit.datamodel.TimelineEventType.getChild ( String  displayName)

Gets a specific child event type of this event type in the type hierarchy.

Parameters
displayNameThe display name of the desired child event type.
Returns
The child event type in an Optional object, may be empty.
SortedSet<? extends TimelineEventType> org.sleuthkit.datamodel.TimelineEventType.getChildren ( )

Gets the child event types of this event type in the type hierarchy.

Returns
A sorted set of the child event types.

Referenced by org.sleuthkit.datamodel.TimelineEventType.getCategoryTypes(), org.sleuthkit.datamodel.TimelineEventType.getFileSystemTypes(), org.sleuthkit.datamodel.TimelineEventType.getMiscTypes(), org.sleuthkit.datamodel.TimelineEventType.getSiblings(), and org.sleuthkit.datamodel.TimelineEventType.getWebActivityTypes().

String org.sleuthkit.datamodel.TimelineEventType.getDisplayName ( )

Gets the display name of this event type.

Returns
The event type display name.

Referenced by org.sleuthkit.datamodel.TimelineEventType.compareTo(), and org.sleuthkit.datamodel.TimelineFilter.EventTypeFilter.getDisplayName().

static SortedSet<? extends TimelineEventType> org.sleuthkit.datamodel.TimelineEventType.getFileSystemTypes ( )
static

Definition at line 827 of file TimelineEventType.java.

References org.sleuthkit.datamodel.TimelineEventType.getChildren().

static SortedSet<? extends TimelineEventType> org.sleuthkit.datamodel.TimelineEventType.getMiscTypes ( )
static

Definition at line 835 of file TimelineEventType.java.

References org.sleuthkit.datamodel.TimelineEventType.getChildren().

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.getParent ( )

Gets the parent event type of this event type in the type hierarchy.

Returns
The parent event type.

Referenced by org.sleuthkit.datamodel.TimelineEventType.getCategory(), and org.sleuthkit.datamodel.TimelineEventType.getSiblings().

default SortedSet<? extends TimelineEventType> org.sleuthkit.datamodel.TimelineEventType.getSiblings ( )

Gets the sibling event types of this event type in the type hierarchy.

Returns
The sibling event types.

Definition at line 120 of file TimelineEventType.java.

References org.sleuthkit.datamodel.TimelineEventType.getChildren(), org.sleuthkit.datamodel.TimelineEventType.getParent(), and org.sleuthkit.datamodel.TimelineEventType.ROOT_EVENT_TYPE.

TimelineEventType.HierarchyLevel org.sleuthkit.datamodel.TimelineEventType.getTypeHierarchyLevel ( )

Gets the type hierarchy level of this event type.

Returns
The type hierarchy level.
long org.sleuthkit.datamodel.TimelineEventType.getTypeID ( )

Gets the unique ID of this event type in the case database.

Returns
The event type ID.
static SortedSet<? extends TimelineEventType> org.sleuthkit.datamodel.TimelineEventType.getWebActivityTypes ( )
static

Definition at line 831 of file TimelineEventType.java.

References org.sleuthkit.datamodel.TimelineEventType.getChildren().

static String org.sleuthkit.datamodel.TimelineEventType.stringValueOf ( BlackboardAttribute  attr)
static

Definition at line 839 of file TimelineEventType.java.

References org.sleuthkit.datamodel.BlackboardAttribute.getDisplayString().

static String org.sleuthkit.datamodel.TimelineEventType.toFrom ( BlackboardAttribute  dir)
static

Definition at line 845 of file TimelineEventType.java.

References org.sleuthkit.datamodel.BlackboardAttribute.getDisplayString().

Member Data Documentation

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.BACKUP_EVENT_END
Initial value:
= new TimelineEventArtifactTypeImpl(44,
getBundle().getString("TimelineEventType.BackupEventEnd.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_BACKUP_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME_END),
artf -> {
return getBundle().getString("TimelineEventType.BackupEvent.description.end");
},
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 678 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.BACKUP_EVENT_START
Initial value:
= new TimelineEventArtifactTypeImpl(43,
getBundle().getString("TimelineEventType.BackupEventStart.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_BACKUP_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME_START),
artf -> {
return getBundle().getString("TimelineEventType.BackupEvent.description.start");
},
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 667 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.BLUETOOTH_ADAPTER
Initial value:
= new TimelineEventArtifactTypeSingleDescription(58,
getBundle().getString("TimelineEventType.BluetoothAdapter.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_BLUETOOTH_ADAPTER),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_NAME))

Definition at line 800 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.BLUETOOTH_PAIRING
Initial value:
= new TimelineEventArtifactTypeSingleDescription(45,
getBundle().getString("TimelineEventType.BluetoothPairing.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_BLUETOOTH_PAIRING),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_DEVICE_NAME))

Definition at line 689 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.BLUETOOTH_PAIRING_ACCESSED
Initial value:
= new TimelineEventArtifactTypeSingleDescription(59,
getBundle().getString("TimelineEventType.BluetoothPairingLastConnection.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_BLUETOOTH_PAIRING),
new BlackboardAttribute.Type(TSK_DATETIME_ACCESSED),
new BlackboardAttribute.Type(TSK_DEVICE_NAME))

Definition at line 807 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.CALENDAR_ENTRY_END
Initial value:
= new TimelineEventArtifactTypeSingleDescription(47,
getBundle().getString("TimelineEventType.CalendarEntryEnd.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_CALENDAR_ENTRY),
new BlackboardAttribute.Type(TSK_DATETIME_END),
new BlackboardAttribute.Type(TSK_DESCRIPTION))

Definition at line 703 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.CALENDAR_ENTRY_START
Initial value:
= new TimelineEventArtifactTypeSingleDescription(46,
getBundle().getString("TimelineEventType.CalendarEntryStart.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_CALENDAR_ENTRY),
new BlackboardAttribute.Type(TSK_DATETIME_START),
new BlackboardAttribute.Type(TSK_DESCRIPTION))

Definition at line 696 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.CALL_LOG
Initial value:
= new TimelineEventArtifactTypeImpl(16,
getBundle().getString("MiscTypes.Calls.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_CALLLOG),
new Type(TSK_DATETIME_START),
new AttributeExtractor(new Type(TSK_NAME)),
artf -> {
BlackboardAttribute phoneNumber = getAttributeSafe(artf, new Type(TSK_PHONE_NUMBER));
if (phoneNumber == null) {
phoneNumber = getAttributeSafe(artf, new Type(TSK_PHONE_NUMBER_TO));
}
if (phoneNumber == null) {
phoneNumber = getAttributeSafe(artf, new Type(TSK_PHONE_NUMBER_FROM));
}
return "Phone Number: " + stringValueOf(phoneNumber);
},
new AttributeExtractor(new Type(TSK_DIRECTION)))

Definition at line 356 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.CALL_LOG_END
Initial value:
= new TimelineEventArtifactTypeImpl(38,
getBundle().getString("MiscTypes.CallsEnd.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_CALLLOG),
new Type(TSK_DATETIME_END),
new AttributeExtractor(new Type(TSK_NAME)),
artf -> {
BlackboardAttribute phoneNumber = getAttributeSafe(artf, new Type(TSK_PHONE_NUMBER));
if (phoneNumber == null) {
phoneNumber = getAttributeSafe(artf, new Type(TSK_PHONE_NUMBER_TO));
}
if (phoneNumber == null) {
phoneNumber = getAttributeSafe(artf, new Type(TSK_PHONE_NUMBER_FROM));
}
return "Phone number: " + stringValueOf(phoneNumber);
},
new AttributeExtractor(new Type(TSK_DIRECTION)))

Definition at line 601 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.CUSTOM_ARTIFACT_CATCH_ALL
Initial value:
= new TimelineEventArtifactTypeSingleDescription(26,
getBundle().getString("CustomTypes.customArtifact.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_TL_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_DESCRIPTION))

Definition at line 470 of file TimelineEventType.java.

int org.sleuthkit.datamodel.TimelineEventType.DEPRECATED_OTHER_EVENT_ID = 22

Definition at line 439 of file TimelineEventType.java.

Referenced by org.sleuthkit.datamodel.TimelineManager.getEventType().

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.DEVICES_ATTACHED
Initial value:
= new TimelineEventArtifactTypeImpl(21,
getBundle().getString("MiscTypes.devicesAttached.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_DEVICE_ATTACHED),
new Type(TSK_DATETIME),
new AttributeExtractor(new Type(TSK_DEVICE_MAKE)),
new AttributeExtractor(new Type(TSK_DEVICE_MODEL)),
new AttributeExtractor(new Type(TSK_DEVICE_ID)))

Definition at line 427 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.EMAIL
Initial value:
= new TimelineEventArtifactTypeImpl(17,
getBundle().getString("MiscTypes.Email.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_EMAIL_MSG),
new Type(TSK_DATETIME_SENT),
artf -> {
String emailFrom = stringValueOf(getAttributeSafe(artf, new Type(TSK_EMAIL_FROM)));
if (emailFrom.length() > TimelineEventArtifactTypeImpl.EMAIL_TO_FROM_LENGTH_MAX) {
emailFrom = emailFrom.substring(0, TimelineEventArtifactTypeImpl.EMAIL_TO_FROM_LENGTH_MAX);
}
String emailTo = stringValueOf(getAttributeSafe(artf, new Type(TSK_EMAIL_TO)));
if (emailTo.length() > TimelineEventArtifactTypeImpl.EMAIL_TO_FROM_LENGTH_MAX) {
emailTo = emailTo.substring(0, TimelineEventArtifactTypeImpl.EMAIL_TO_FROM_LENGTH_MAX);
}
return "Sent from: " + emailFrom + "Sent to: " + emailTo;
},
new AttributeExtractor(new Type(TSK_SUBJECT)),
artf -> {
final BlackboardAttribute msgAttribute = getAttributeSafe(artf, new Type(TSK_EMAIL_CONTENT_PLAIN));
String msg = stringValueOf(msgAttribute);
if (msg.length() > TimelineEventArtifactTypeImpl.EMAIL_FULL_DESCRIPTION_LENGTH_MAX) {
msg = msg.substring(0, TimelineEventArtifactTypeImpl.EMAIL_FULL_DESCRIPTION_LENGTH_MAX);
}
return msg;
})

Definition at line 375 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.EMAIL_RCVD
Initial value:
= new TimelineEventArtifactTypeImpl(39,
getBundle().getString("MiscTypes.EmailRcvd.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_EMAIL_MSG),
new Type(TSK_DATETIME_RCVD),
artf -> {
String emailFrom = stringValueOf(getAttributeSafe(artf, new Type(TSK_EMAIL_FROM)));
if (emailFrom.length() > TimelineEventArtifactTypeImpl.EMAIL_TO_FROM_LENGTH_MAX) {
emailFrom = emailFrom.substring(0, TimelineEventArtifactTypeImpl.EMAIL_TO_FROM_LENGTH_MAX);
}
String emailTo = stringValueOf(getAttributeSafe(artf, new Type(TSK_EMAIL_TO)));
if (emailTo.length() > TimelineEventArtifactTypeImpl.EMAIL_TO_FROM_LENGTH_MAX) {
emailTo = emailTo.substring(0, TimelineEventArtifactTypeImpl.EMAIL_TO_FROM_LENGTH_MAX);
}
return "Message from: " + emailFrom + " To: " + emailTo;
},
new AttributeExtractor(new Type(TSK_SUBJECT)),
artf -> {
final BlackboardAttribute msgAttribute = getAttributeSafe(artf, new Type(TSK_EMAIL_CONTENT_PLAIN));
String msg = stringValueOf(msgAttribute);
if (msg.length() > TimelineEventArtifactTypeImpl.EMAIL_FULL_DESCRIPTION_LENGTH_MAX) {
msg = msg.substring(0, TimelineEventArtifactTypeImpl.EMAIL_FULL_DESCRIPTION_LENGTH_MAX);
}
return msg;
})

Definition at line 620 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.EXIF
Initial value:
= new TimelineEventArtifactTypeImpl(20,
getBundle().getString("MiscTypes.exif.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_METADATA_EXIF),
new Type(TSK_DATETIME_CREATED),
new AttributeExtractor(new Type(TSK_DEVICE_MAKE)),
new AttributeExtractor(new Type(TSK_DEVICE_MODEL)),
artf -> artf.getSleuthkitCase().getAbstractFileById(artf.getObjectID()).getName()
)

Definition at line 417 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.FILE_ACCESSED
Initial value:
= new FilePathEventType(5,
getBundle().getString("FileSystemTypes.fileAccessed.name"),
HierarchyLevel.EVENT, FILE_SYSTEM)

Definition at line 248 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.FILE_CHANGED
Initial value:
= new FilePathEventType(7,
getBundle().getString("FileSystemTypes.fileChanged.name"),
HierarchyLevel.EVENT, FILE_SYSTEM)

Definition at line 256 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.FILE_CREATED
Initial value:
= new FilePathEventType(6,
getBundle().getString("FileSystemTypes.fileCreated.name"),
HierarchyLevel.EVENT, FILE_SYSTEM)

Definition at line 252 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.FILE_MODIFIED
Initial value:
= new FilePathEventType(4,
getBundle().getString("FileSystemTypes.fileModified.name"),
HierarchyLevel.EVENT, FILE_SYSTEM)

Definition at line 244 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.FILE_SYSTEM
Initial value:
= new TimelineEventTypeImpl(1,
getBundle().getString("BaseTypes.fileSystem.name"),
HierarchyLevel.CATEGORY, ROOT_EVENT_TYPE) {
@Override
public SortedSet< TimelineEventType> getChildren() {
return ImmutableSortedSet.of(FILE_MODIFIED, FILE_ACCESSED,
FILE_CREATED, FILE_CHANGED);
}
}

Definition at line 199 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.GPS_BOOKMARK
Initial value:
= new TimelineEventArtifactTypeImpl(29,
getBundle().getString("MiscTypes.GPSBookmark.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_GPS_BOOKMARK),
new Type(TSK_DATETIME),
new AttributeExtractor(new Type(TSK_NAME)),
artf -> {
final BlackboardAttribute longitude = getAttributeSafe(artf, new Type(TSK_GEO_LONGITUDE));
final BlackboardAttribute latitude = getAttributeSafe(artf, new Type(TSK_GEO_LATITUDE));
return "Latitude: " + stringValueOf(latitude) + " Longitude: " + stringValueOf(longitude);
},
new EmptyExtractor())

Definition at line 496 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.GPS_LAST_KNOWN_LOCATION
Initial value:
= new TimelineEventArtifactTypeImpl(30,
getBundle().getString("MiscTypes.GPSLastknown.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_GPS_LAST_KNOWN_LOCATION),
new Type(TSK_DATETIME),
new AttributeExtractor(new Type(TSK_NAME)),
artf -> {
final BlackboardAttribute longitude = getAttributeSafe(artf, new Type(TSK_GEO_LONGITUDE));
final BlackboardAttribute latitude = getAttributeSafe(artf, new Type(TSK_GEO_LATITUDE));
return "Latitude: " + stringValueOf(latitude) + " Longitude: " + stringValueOf(longitude);
},
new EmptyExtractor())

Definition at line 509 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.GPS_ROUTE
Initial value:
= new TimelineEventArtifactTypeImpl(14,
getBundle().getString("MiscTypes.GPSRoutes.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_GPS_ROUTE),
new Type(TSK_DATETIME),
new AttributeExtractor(new Type(TSK_PROG_NAME)),
new AttributeExtractor(new Type(TSK_LOCATION)),
artf -> {
final BlackboardAttribute latStart = getAttributeSafe(artf, new Type(TSK_GEO_LATITUDE_START));
final BlackboardAttribute longStart = getAttributeSafe(artf, new Type(TSK_GEO_LONGITUDE_START));
final BlackboardAttribute latEnd = getAttributeSafe(artf, new Type(TSK_GEO_LATITUDE_END));
final BlackboardAttribute longEnd = getAttributeSafe(artf, new Type(TSK_GEO_LONGITUDE_END));
return String.format("From latitude: %1$s longitude: %2$s To latitude: %3$s longitude: %4$s", stringValueOf(latStart), stringValueOf(longStart), stringValueOf(latEnd), stringValueOf(longEnd));
})

Definition at line 327 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.GPS_SEARCH
Initial value:
= new TimelineEventArtifactTypeImpl(31,
getBundle().getString("MiscTypes.GPSearch.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_GPS_SEARCH),
new Type(TSK_DATETIME),
new AttributeExtractor(new Type(TSK_NAME)),
artf -> {
final BlackboardAttribute longitude = getAttributeSafe(artf, new Type(TSK_GEO_LONGITUDE));
final BlackboardAttribute latitude = getAttributeSafe(artf, new Type(TSK_GEO_LATITUDE));
return "Latitude: " + stringValueOf(latitude) + " Longitude: " + stringValueOf(longitude);
},
new EmptyExtractor())

Definition at line 522 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.GPS_TRACK
Initial value:
= new GPSTrackArtifactEventType(32,
getBundle().getString("MiscTypes.GPSTrack.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_GPS_TRACK),
new Type(TSK_NAME))

Definition at line 535 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.GPS_TRACKPOINT
Initial value:
= new TimelineEventArtifactTypeImpl(15,
getBundle().getString("MiscTypes.GPSTrackpoint.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_GPS_TRACKPOINT),
new Type(TSK_DATETIME),
new AttributeExtractor(new Type(TSK_PROG_NAME)),
artf -> {
final BlackboardAttribute longitude = getAttributeSafe(artf, new Type(TSK_GEO_LONGITUDE));
final BlackboardAttribute latitude = getAttributeSafe(artf, new Type(TSK_GEO_LATITUDE));
return "Latitude: " + stringValueOf(latitude) + " Longitude: " + stringValueOf(longitude);
},
new EmptyExtractor())

Definition at line 343 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.INSTALLED_PROGRAM
Initial value:
= new TimelineEventArtifactTypeImpl(19,
getBundle().getString("MiscTypes.installedPrograms.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_INSTALLED_PROG),
new Type(TSK_DATETIME),
new AttributeExtractor(new Type(TSK_PROG_NAME)),
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 408 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.LOG_ENTRY
Initial value:
= new TimelineEventArtifactTypeSingleDescription(24,
getBundle().getString("MiscTypes.LogEntry.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_TL_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_DESCRIPTION))

Definition at line 453 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.MESSAGE

Definition at line 295 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.METADATA_CREATED
Initial value:
= new TimelineEventArtifactTypeImpl(35,
getBundle().getString("MiscTypes.metadataCreated.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_METADATA),
new BlackboardAttribute.Type(TSK_DATETIME_CREATED),
artf -> {
return getBundle().getString("MiscTypes.metadataCreated.name");
},
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 563 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.METADATA_LAST_PRINTED
Initial value:
= new TimelineEventArtifactTypeImpl(33,
getBundle().getString("MiscTypes.metadataLastPrinted.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_METADATA),
new BlackboardAttribute.Type(TSK_LAST_PRINTED_DATETIME),
artf -> {
return getBundle().getString("MiscTypes.metadataLastPrinted.name");
},
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 541 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.METADATA_LAST_SAVED
Initial value:
= new TimelineEventArtifactTypeImpl(34,
getBundle().getString("MiscTypes.metadataLastSaved.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_METADATA),
new BlackboardAttribute.Type(TSK_DATETIME_MODIFIED),
artf -> {
return getBundle().getString("MiscTypes.metadataLastSaved.name");
},
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 552 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.MISC_TYPES
Initial value:
= new TimelineEventTypeImpl(3,
getBundle().getString("BaseTypes.miscTypes.name"),
HierarchyLevel.CATEGORY, ROOT_EVENT_TYPE) {
@Override
public SortedSet<TimelineEventType> getChildren() {
return ImmutableSortedSet.of(CALL_LOG, CALL_LOG_END, DEVICES_ATTACHED, EMAIL, EMAIL_RCVD,
EXIF, GPS_BOOKMARK, GPS_LAST_KNOWN_LOCATION, GPS_TRACKPOINT,
GPS_ROUTE, GPS_SEARCH, GPS_TRACK, INSTALLED_PROGRAM, LOG_ENTRY, MESSAGE,
METADATA_LAST_PRINTED, METADATA_LAST_SAVED, METADATA_CREATED, PROGRAM_EXECUTION,
RECENT_DOCUMENTS, REGISTRY, BACKUP_EVENT_START, BACKUP_EVENT_END,
BLUETOOTH_PAIRING, CALENDAR_ENTRY_START, CALENDAR_ENTRY_END,
PROGRAM_DELETED,
OS_INFO, WIFI_NETWORK, USER_DEVICE_EVENT_START, USER_DEVICE_EVENT_END,
SERVICE_ACCOUNT, SCREEN_SHOT, PROGRAM_NOTIFICATION,
BLUETOOTH_PAIRING_ACCESSED, BLUETOOTH_ADAPTER, CUSTOM_ARTIFACT_CATCH_ALL, STANDARD_ARTIFACT_CATCH_ALL, USER_CREATED);
}
}

Definition at line 225 of file TimelineEventType.java.

Referenced by org.sleuthkit.datamodel.TimelineManager.getEventType().

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.OS_INFO
Initial value:
= new TimelineEventArtifactTypeSingleDescription(49,
getBundle().getString("TimelineEventType.OSInfo.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_OS_INFO),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_PROG_NAME))

Definition at line 717 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.PROGRAM_DELETED
Initial value:
= new TimelineEventArtifactTypeSingleDescription(48,
getBundle().getString("TimelineEventType.DeletedProgram.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_DELETED_PROG),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_PROG_NAME))

Definition at line 710 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.PROGRAM_EXECUTION
Initial value:
= new TimelineEventArtifactTypeImpl(36,
getBundle().getString("MiscTypes.programexecuted.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_PROG_RUN),
new Type(TSK_DATETIME),
new AttributeExtractor(new Type(TSK_PROG_NAME)),
artf -> {
String userName = stringValueOf(getAttributeSafe(artf, new Type(TSK_USER_NAME)));
if (userName != null) {
return userName;
}
return "";
},
new AttributeExtractor(new Type(TSK_COMMENT)))

Definition at line 574 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.PROGRAM_NOTIFICATION
Initial value:
= new TimelineEventArtifactTypeSingleDescription(50,
getBundle().getString("TimelineEventType.ProgramNotification.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_PROG_NOTIFICATIONS),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_PROG_NAME))

Definition at line 724 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.RECENT_DOCUMENTS
Initial value:
= new FilePathArtifactEventType(18,
getBundle().getString("MiscTypes.recentDocuments.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_RECENT_OBJECT),
new Type(TSK_DATETIME_ACCESSED),
new Type(TSK_PATH))

Definition at line 401 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.REGISTRY
Initial value:
= new TimelineEventArtifactTypeSingleDescription(25,
getBundle().getString("MiscTypes.Registry.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_TL_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_DESCRIPTION))

Definition at line 460 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.ROOT_EVENT_TYPE
Initial value:
= new TimelineEventTypeImpl(0,
getBundle().getString("RootEventType.eventTypes.name"),
HierarchyLevel.ROOT, null) {
@Override
public SortedSet< TimelineEventType> getChildren() {
ImmutableSortedSet.Builder<TimelineEventType> builder = ImmutableSortedSet.orderedBy(new Comparator<TimelineEventType>() {
@Override
public int compare(TimelineEventType o1, TimelineEventType o2) {
return ((Long) o1.getTypeID()).compareTo(o2.getTypeID());
}
});
builder.add(FILE_SYSTEM, WEB_ACTIVITY, MISC_TYPES);
return builder.build();
}
}

The root type of all event types. No event should actually have this type.

Definition at line 181 of file TimelineEventType.java.

Referenced by org.sleuthkit.datamodel.TimelineEventType.getCategory(), org.sleuthkit.datamodel.TimelineFilter.EventTypeFilter.getDisplayName(), and org.sleuthkit.datamodel.TimelineEventType.getSiblings().

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.SCREEN_SHOT
Initial value:
= new TimelineEventArtifactTypeSingleDescription(51,
getBundle().getString("TimelineEventType.ScreenShot.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_SCREEN_SHOTS),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_PROG_NAME))

Definition at line 731 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.SERVICE_ACCOUNT
Initial value:
= new TimelineEventArtifactTypeImpl(52,
getBundle().getString("TimelineEventType.ServiceAccount.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_SERVICE_ACCOUNT),
new BlackboardAttribute.Type(TSK_DATETIME_CREATED),
artf -> {
String progName = stringValueOf(getAttributeSafe(artf, new Type(TSK_PROG_NAME)));
String userId = stringValueOf(getAttributeSafe(artf, new Type(TSK_USER_ID)));
return String.format("Program Name: %s User ID: %s", progName, userId);
},
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 738 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.STANDARD_ARTIFACT_CATCH_ALL
Initial value:
= new TimelineEventArtifactTypeSingleDescription(23,
getBundle().getString("CustomTypes.other.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_TL_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_DESCRIPTION))

Definition at line 445 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.USER_CREATED
Initial value:
= new TimelineEventArtifactTypeSingleDescription(60,
getBundle().getString("CustomTypes.userCreated.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_TL_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_DESCRIPTION))

Definition at line 816 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.USER_DEVICE_EVENT_END
Initial value:
= new TimelineEventArtifactTypeImpl(54,
getBundle().getString("TimelineEventType.UserDeviceEventEnd.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_USER_DEVICE_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME_END),
artf -> {
String progName = stringValueOf(getAttributeSafe(artf, new Type(TSK_PROG_NAME)));
String activityType = stringValueOf(getAttributeSafe(artf, new Type(TSK_ACTIVITY_TYPE)));
String connectionType = stringValueOf(getAttributeSafe(artf, new Type(TSK_VALUE)));
return String.format("Program Name: %s Activity Type: %s Connection Type: %s", progName, activityType, connectionType);
},
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 765 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.USER_DEVICE_EVENT_START
Initial value:
= new TimelineEventArtifactTypeImpl(53,
getBundle().getString("TimelineEventType.UserDeviceEventStart.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_USER_DEVICE_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME_START),
artf -> {
String progName = stringValueOf(getAttributeSafe(artf, new Type(TSK_PROG_NAME)));
String activityType = stringValueOf(getAttributeSafe(artf, new Type(TSK_ACTIVITY_TYPE)));
String connectionType = stringValueOf(getAttributeSafe(artf, new Type(TSK_VALUE)));
return String.format("Program Name: %s Activity Type: %s Connection Type: %s", progName, activityType, connectionType);
},
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 751 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_ACTIVITY
Initial value:
= new TimelineEventTypeImpl(2,
getBundle().getString("BaseTypes.webActivity.name"),
HierarchyLevel.CATEGORY, ROOT_EVENT_TYPE) {
@Override
public SortedSet< TimelineEventType> getChildren() {
return ImmutableSortedSet.of(WEB_DOWNLOADS, WEB_COOKIE,
WEB_COOKIE_ACCESSED,
WEB_COOKIE_END, WEB_BOOKMARK,
WEB_HISTORY, WEB_SEARCH, WEB_FORM_AUTOFILL,
WEB_FORM_ADDRESSES, WEB_FORM_ADDRESSES_MODIFIED,
WEB_FORM_AUTOFILL_ACCESSED, WEB_CACHE, WEB_HISTORY_CREATED);
}
}

Definition at line 209 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_BOOKMARK
Initial value:
= new URLArtifactEventType(10,
getBundle().getString("WebTypes.webBookmarks.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_BOOKMARK),
new Type(TSK_DATETIME_CREATED),
new Type(TSK_URL))

Definition at line 274 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_CACHE
Initial value:
= new URLArtifactEventType(55,
getBundle().getString("TimelineEventType.WebCache.text"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_CACHE),
new Type(TSK_DATETIME_CREATED),
new Type(TSK_URL))

Definition at line 779 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_COOKIE
Initial value:
= new URLArtifactEventType(9,
getBundle().getString("WebTypes.webCookies.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_COOKIE),
new Type(TSK_DATETIME_CREATED),
new Type(TSK_URL))

Definition at line 267 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_COOKIE_ACCESSED
Initial value:
= new URLArtifactEventType(41,
getBundle().getString("WebTypes.webCookiesAccessed.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_COOKIE),
new Type(TSK_DATETIME_ACCESSED),
new Type(TSK_URL))

Definition at line 653 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_COOKIE_END
Initial value:
= new URLArtifactEventType(42,
getBundle().getString("WebTypes.webCookiesEnd.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_COOKIE),
new Type(TSK_DATETIME_END),
new Type(TSK_URL))

Definition at line 660 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_DOWNLOADS
Initial value:
= new URLArtifactEventType(8,
getBundle().getString("WebTypes.webDownloads.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_DOWNLOAD),
new Type(TSK_DATETIME_ACCESSED),
new Type(TSK_URL))

Definition at line 260 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_FORM_ADDRESSES
Initial value:
= new URLArtifactEventType(28,
getBundle().getString("WebTypes.webFormAddress.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_FORM_ADDRESS),
new Type(TSK_DATETIME_ACCESSED),
new Type(TSK_EMAIL))

Definition at line 489 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_FORM_ADDRESSES_MODIFIED
Initial value:
= new URLArtifactEventType(40,
getBundle().getString("WebTypes.webFormAddressModified.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_FORM_ADDRESS),
new Type(TSK_DATETIME_MODIFIED),
new Type(TSK_EMAIL))

Definition at line 646 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_FORM_AUTOFILL
Initial value:
= new TimelineEventArtifactTypeImpl(27,
getBundle().getString("WebTypes.webFormAutoFill.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_FORM_AUTOFILL),
new Type(TSK_DATETIME_CREATED),
artf -> {
final BlackboardAttribute name = getAttributeSafe(artf, new Type(TSK_NAME));
final BlackboardAttribute value = getAttributeSafe(artf, new Type(TSK_VALUE));
final BlackboardAttribute count = getAttributeSafe(artf, new Type(TSK_COUNT));
return stringValueOf(name) + ":" + stringValueOf(value);
}, new EmptyExtractor(), new EmptyExtractor())

Definition at line 477 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_FORM_AUTOFILL_ACCESSED
Initial value:
= new TimelineEventArtifactTypeImpl(37,
getBundle().getString("WebTypes.webFormAutofillAccessed.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_FORM_AUTOFILL),
new Type(TSK_DATETIME_ACCESSED),
artf -> {
final BlackboardAttribute name = getAttributeSafe(artf, new Type(TSK_NAME));
final BlackboardAttribute value = getAttributeSafe(artf, new Type(TSK_VALUE));
final BlackboardAttribute count = getAttributeSafe(artf, new Type(TSK_COUNT));
return stringValueOf(name) + ":" + stringValueOf(value) + " Access count: " + stringValueOf(count);
}, new EmptyExtractor(), new EmptyExtractor())

Definition at line 589 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_HISTORY
Initial value:
= new URLArtifactEventType(11,
getBundle().getString("WebTypes.webHistory.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_HISTORY),
new Type(TSK_DATETIME_ACCESSED),
new Type(TSK_URL))

Definition at line 281 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_HISTORY_CREATED
Initial value:
= new URLArtifactEventType(57,
getBundle().getString("WebTypes.webHistoryCreated.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_HISTORY),
new Type(TSK_DATETIME_CREATED),
new Type(TSK_URL))

Definition at line 793 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_SEARCH
Initial value:
= new URLArtifactEventType(12,
getBundle().getString("WebTypes.webSearch.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_SEARCH_QUERY),
new Type(TSK_DATETIME_ACCESSED),
new Type(TSK_DOMAIN))

Definition at line 288 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WIFI_NETWORK
Initial value:
= new TimelineEventArtifactTypeSingleDescription(56,
getBundle().getString("TimelineEventType.WIFINetwork.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_WIFI_NETWORK),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_SSID))

Definition at line 786 of file TimelineEventType.java.

The documentation for this interface was generated from the following file:

Copyright © 2011-2021 Brian Carrier. (carrier -at- sleuthkit -dot- org)
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.