Sleuth Kit Java Bindings (JNI)  4.12.0
Java bindings for using The Sleuth Kit
Classes | Public Member Functions | Static Public Member Functions | Public Attributes | List of all members
org.sleuthkit.datamodel.TimelineEventType Interface Reference

Inherits Comparable< TimelineEventType >.

Inherited by org.sleuthkit.datamodel.TimelineEventTypeImpl.

Classes

enum  HierarchyLevel
 

Public Member Functions

default int compareTo (TimelineEventType otherType)
 
default TimelineEventType getCategory ()
 
Optional<?extends TimelineEventTypegetChild (String displayName)
 
SortedSet<?extends TimelineEventTypegetChildren ()
 
String getDisplayName ()
 
TimelineEventType getParent ()
 
default SortedSet<?extends TimelineEventTypegetSiblings ()
 
TimelineEventType.HierarchyLevel getTypeHierarchyLevel ()
 
long getTypeID ()
 
default boolean isDeprecated ()
 

Static Public Member Functions

static SortedSet<?extends TimelineEventTypegetCategoryTypes ()
 
static SortedSet<?extends TimelineEventTypegetFileSystemTypes ()
 
static SortedSet<?extends TimelineEventTypegetMiscTypes ()
 
static SortedSet<?extends TimelineEventTypegetWebActivityTypes ()
 
static String stringValueOf (BlackboardAttribute attr)
 
static String toFrom (BlackboardAttribute dir)
 

Public Attributes

TimelineEventType BACKUP_EVENT_END
 
TimelineEventType BACKUP_EVENT_START
 
TimelineEventType BLUETOOTH_ADAPTER
 
TimelineEventType BLUETOOTH_PAIRING
 
TimelineEventType BLUETOOTH_PAIRING_ACCESSED
 
TimelineEventType CALENDAR_ENTRY_END
 
TimelineEventType CALENDAR_ENTRY_START
 
TimelineEventType CALL_LOG
 
TimelineEventType CALL_LOG_END
 
TimelineEventType CUSTOM_ARTIFACT_CATCH_ALL
 
int DEPRECATED_OTHER_EVENT_ID = 22
 
TimelineEventType DEVICES_ATTACHED
 
TimelineEventType EMAIL
 
TimelineEventType EMAIL_RCVD
 
TimelineEventType EXIF
 
TimelineEventType FILE_ACCESSED
 
TimelineEventType FILE_CHANGED
 
TimelineEventType FILE_CREATED
 
TimelineEventType FILE_MODIFIED
 
TimelineEventType FILE_SYSTEM
 
TimelineEventType GPS_BOOKMARK
 
TimelineEventType GPS_LAST_KNOWN_LOCATION
 
TimelineEventType GPS_ROUTE
 
TimelineEventType GPS_SEARCH
 
TimelineEventType GPS_TRACK
 
TimelineEventType GPS_TRACKPOINT
 
TimelineEventType INSTALLED_PROGRAM
 
TimelineEventType LOG_ENTRY
 
TimelineEventType MESSAGE
 
TimelineEventType METADATA_CREATED
 
TimelineEventType METADATA_LAST_PRINTED
 
TimelineEventType METADATA_LAST_SAVED
 
TimelineEventType MISC_TYPES
 
TimelineEventType OS_INFO
 
TimelineEventType PROGRAM_DELETED
 
TimelineEventType PROGRAM_EXECUTION
 
TimelineEventType PROGRAM_NOTIFICATION
 
TimelineEventType RECENT_DOCUMENTS
 
TimelineEventType REGISTRY
 
TimelineEventType ROOT_EVENT_TYPE
 
TimelineEventType SCREEN_SHOT
 
TimelineEventType SERVICE_ACCOUNT
 
TimelineEventType STANDARD_ARTIFACT_CATCH_ALL
 
TimelineEventType USER_CREATED
 
TimelineEventType USER_DEVICE_EVENT_END
 
TimelineEventType USER_DEVICE_EVENT_START
 
TimelineEventType WEB_ACTIVITY
 
TimelineEventType WEB_BOOKMARK
 
TimelineEventType WEB_CACHE
 
TimelineEventType WEB_COOKIE
 
TimelineEventType WEB_COOKIE_ACCESSED
 
TimelineEventType WEB_COOKIE_END
 
TimelineEventType WEB_DOWNLOADS
 
TimelineEventType WEB_FORM_ADDRESSES
 
TimelineEventType WEB_FORM_ADDRESSES_MODIFIED
 
TimelineEventType WEB_FORM_AUTOFILL
 
TimelineEventType WEB_FORM_AUTOFILL_ACCESSED
 
TimelineEventType WEB_HISTORY
 
TimelineEventType WEB_HISTORY_CREATED
 
TimelineEventType WEB_SEARCH
 
TimelineEventType WIFI_NETWORK
 

Detailed Description

An interface implemented by timeline event types. Timeline event types are organized into a type hierarchy. This type hierarchy has three levels: the root level, the category level (e.g, file system events, web activity events), and the actual event level (e.g., file modified events, web download events).

Currently (9/20/19), all supported timeline event types are defined as members of this interface.

WARNING: THIS INTERFACE IS A "BETA" INTERFACE AND IS SUBJECT TO CHANGE AT ANY TIME.

Definition at line 57 of file TimelineEventType.java.

Member Function Documentation

default int org.sleuthkit.datamodel.TimelineEventType.compareTo ( TimelineEventType  otherType)

Definition at line 141 of file TimelineEventType.java.

References org.sleuthkit.datamodel.TimelineEventType.getDisplayName().

default TimelineEventType org.sleuthkit.datamodel.TimelineEventType.getCategory ( )

Gets the category level event type for this event type in the type hierarchy.

Returns
The category event type.

Definition at line 110 of file TimelineEventType.java.

References org.sleuthkit.datamodel.TimelineEventType.getCategory(), org.sleuthkit.datamodel.TimelineEventType.getParent(), and org.sleuthkit.datamodel.TimelineEventType.ROOT_EVENT_TYPE.

Referenced by org.sleuthkit.datamodel.TimelineEventType.getCategory().

static SortedSet<? extends TimelineEventType> org.sleuthkit.datamodel.TimelineEventType.getCategoryTypes ( )
static

Definition at line 842 of file TimelineEventType.java.

References org.sleuthkit.datamodel.TimelineEventType.getChildren().

Optional<? extends TimelineEventType> org.sleuthkit.datamodel.TimelineEventType.getChild ( String  displayName)

Gets a specific child event type of this event type in the type hierarchy.

Parameters
displayNameThe display name of the desired child event type.
Returns
The child event type in an Optional object, may be empty.
SortedSet<? extends TimelineEventType> org.sleuthkit.datamodel.TimelineEventType.getChildren ( )

Gets the child event types of this event type in the type hierarchy.

Returns
A sorted set of the child event types.

Referenced by org.sleuthkit.datamodel.TimelineEventType.getCategoryTypes(), org.sleuthkit.datamodel.TimelineEventType.getFileSystemTypes(), org.sleuthkit.datamodel.TimelineEventType.getMiscTypes(), org.sleuthkit.datamodel.TimelineEventType.getSiblings(), and org.sleuthkit.datamodel.TimelineEventType.getWebActivityTypes().

String org.sleuthkit.datamodel.TimelineEventType.getDisplayName ( )

Gets the display name of this event type.

Returns
The event type display name.

Referenced by org.sleuthkit.datamodel.TimelineEventType.compareTo(), and org.sleuthkit.datamodel.TimelineFilter.EventTypeFilter.getDisplayName().

static SortedSet<? extends TimelineEventType> org.sleuthkit.datamodel.TimelineEventType.getFileSystemTypes ( )
static

Definition at line 846 of file TimelineEventType.java.

References org.sleuthkit.datamodel.TimelineEventType.getChildren().

static SortedSet<? extends TimelineEventType> org.sleuthkit.datamodel.TimelineEventType.getMiscTypes ( )
static

Definition at line 854 of file TimelineEventType.java.

References org.sleuthkit.datamodel.TimelineEventType.getChildren().

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.getParent ( )

Gets the parent event type of this event type in the type hierarchy.

Returns
The parent event type.

Referenced by org.sleuthkit.datamodel.TimelineEventType.getCategory(), and org.sleuthkit.datamodel.TimelineEventType.getSiblings().

default SortedSet<? extends TimelineEventType> org.sleuthkit.datamodel.TimelineEventType.getSiblings ( )

Gets the sibling event types of this event type in the type hierarchy.

Returns
The sibling event types.

Definition at line 122 of file TimelineEventType.java.

References org.sleuthkit.datamodel.TimelineEventType.getChildren(), org.sleuthkit.datamodel.TimelineEventType.getParent(), and org.sleuthkit.datamodel.TimelineEventType.ROOT_EVENT_TYPE.

TimelineEventType.HierarchyLevel org.sleuthkit.datamodel.TimelineEventType.getTypeHierarchyLevel ( )

Gets the type hierarchy level of this event type.

Returns
The type hierarchy level.
long org.sleuthkit.datamodel.TimelineEventType.getTypeID ( )

Gets the unique ID of this event type in the case database.

Returns
The event type ID.
static SortedSet<? extends TimelineEventType> org.sleuthkit.datamodel.TimelineEventType.getWebActivityTypes ( )
static

Definition at line 850 of file TimelineEventType.java.

References org.sleuthkit.datamodel.TimelineEventType.getChildren().

default boolean org.sleuthkit.datamodel.TimelineEventType.isDeprecated ( )

Returns true if the particular instance is deprecated. If deprecated, no new timeline event types of this type will be created, but it can be shown in the timeline.

Returns
True if deprecated.

Definition at line 135 of file TimelineEventType.java.

static String org.sleuthkit.datamodel.TimelineEventType.stringValueOf ( BlackboardAttribute  attr)
static

Definition at line 858 of file TimelineEventType.java.

References org.sleuthkit.datamodel.BlackboardAttribute.getDisplayString().

static String org.sleuthkit.datamodel.TimelineEventType.toFrom ( BlackboardAttribute  dir)
static

Definition at line 864 of file TimelineEventType.java.

References org.sleuthkit.datamodel.BlackboardAttribute.getDisplayString().

Member Data Documentation

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.BACKUP_EVENT_END
Initial value:
= new TimelineEventArtifactTypeImpl(44,
getBundle().getString("TimelineEventType.BackupEventEnd.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_BACKUP_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME_END),
artf -> {
return getBundle().getString("TimelineEventType.BackupEvent.description.end");
},
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 697 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.BACKUP_EVENT_START
Initial value:
= new TimelineEventArtifactTypeImpl(43,
getBundle().getString("TimelineEventType.BackupEventStart.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_BACKUP_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME_START),
artf -> {
return getBundle().getString("TimelineEventType.BackupEvent.description.start");
},
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 686 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.BLUETOOTH_ADAPTER
Initial value:
= new TimelineEventArtifactTypeSingleDescription(58,
getBundle().getString("TimelineEventType.BluetoothAdapter.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_BLUETOOTH_ADAPTER),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_NAME))

Definition at line 819 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.BLUETOOTH_PAIRING
Initial value:
= new TimelineEventArtifactTypeSingleDescription(45,
getBundle().getString("TimelineEventType.BluetoothPairing.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_BLUETOOTH_PAIRING),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_DEVICE_NAME))

Definition at line 708 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.BLUETOOTH_PAIRING_ACCESSED
Initial value:
= new TimelineEventArtifactTypeSingleDescription(59,
getBundle().getString("TimelineEventType.BluetoothPairingLastConnection.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_BLUETOOTH_PAIRING),
new BlackboardAttribute.Type(TSK_DATETIME_ACCESSED),
new BlackboardAttribute.Type(TSK_DEVICE_NAME))

Definition at line 826 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.CALENDAR_ENTRY_END
Initial value:
= new TimelineEventArtifactTypeSingleDescription(47,
getBundle().getString("TimelineEventType.CalendarEntryEnd.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_CALENDAR_ENTRY),
new BlackboardAttribute.Type(TSK_DATETIME_END),
new BlackboardAttribute.Type(TSK_DESCRIPTION))

Definition at line 722 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.CALENDAR_ENTRY_START
Initial value:
= new TimelineEventArtifactTypeSingleDescription(46,
getBundle().getString("TimelineEventType.CalendarEntryStart.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_CALENDAR_ENTRY),
new BlackboardAttribute.Type(TSK_DATETIME_START),
new BlackboardAttribute.Type(TSK_DESCRIPTION))

Definition at line 715 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.CALL_LOG
Initial value:
= new TimelineEventArtifactTypeImpl(16,
getBundle().getString("MiscTypes.Calls.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_CALLLOG),
new Type(TSK_DATETIME_START),
new AttributeExtractor(new Type(TSK_NAME)),
artf -> {
BlackboardAttribute phoneNumber = getAttributeSafe(artf, new Type(TSK_PHONE_NUMBER));
if (phoneNumber == null) {
phoneNumber = getAttributeSafe(artf, new Type(TSK_PHONE_NUMBER_TO));
}
if (phoneNumber == null) {
phoneNumber = getAttributeSafe(artf, new Type(TSK_PHONE_NUMBER_FROM));
}
return "Phone Number: " + stringValueOf(phoneNumber);
},
new AttributeExtractor(new Type(TSK_DIRECTION)))

Definition at line 369 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.CALL_LOG_END
Initial value:
= new TimelineEventArtifactTypeImpl(38,
getBundle().getString("MiscTypes.CallsEnd.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_CALLLOG),
new Type(TSK_DATETIME_END),
new AttributeExtractor(new Type(TSK_NAME)),
artf -> {
BlackboardAttribute phoneNumber = getAttributeSafe(artf, new Type(TSK_PHONE_NUMBER));
if (phoneNumber == null) {
phoneNumber = getAttributeSafe(artf, new Type(TSK_PHONE_NUMBER_TO));
}
if (phoneNumber == null) {
phoneNumber = getAttributeSafe(artf, new Type(TSK_PHONE_NUMBER_FROM));
}
return "Phone number: " + stringValueOf(phoneNumber);
},
new AttributeExtractor(new Type(TSK_DIRECTION)))

Definition at line 614 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.CUSTOM_ARTIFACT_CATCH_ALL
Initial value:
= new TimelineEventArtifactTypeSingleDescription(26,
getBundle().getString("CustomTypes.customArtifact.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_TL_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_DESCRIPTION))

Definition at line 483 of file TimelineEventType.java.

int org.sleuthkit.datamodel.TimelineEventType.DEPRECATED_OTHER_EVENT_ID = 22

Definition at line 452 of file TimelineEventType.java.

Referenced by org.sleuthkit.datamodel.TimelineManager.getEventType().

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.DEVICES_ATTACHED
Initial value:
= new TimelineEventArtifactTypeImpl(21,
getBundle().getString("MiscTypes.devicesAttached.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_DEVICE_ATTACHED),
new Type(TSK_DATETIME),
new AttributeExtractor(new Type(TSK_DEVICE_MAKE)),
new AttributeExtractor(new Type(TSK_DEVICE_MODEL)),
new AttributeExtractor(new Type(TSK_DEVICE_ID)))

Definition at line 440 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.EMAIL
Initial value:
= new TimelineEventArtifactTypeImpl(17,
getBundle().getString("MiscTypes.Email.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_EMAIL_MSG),
new Type(TSK_DATETIME_SENT),
artf -> {
String emailFrom = stringValueOf(getAttributeSafe(artf, new Type(TSK_EMAIL_FROM)));
if (emailFrom.length() > TimelineEventArtifactTypeImpl.EMAIL_TO_FROM_LENGTH_MAX) {
emailFrom = emailFrom.substring(0, TimelineEventArtifactTypeImpl.EMAIL_TO_FROM_LENGTH_MAX);
}
String emailTo = stringValueOf(getAttributeSafe(artf, new Type(TSK_EMAIL_TO)));
if (emailTo.length() > TimelineEventArtifactTypeImpl.EMAIL_TO_FROM_LENGTH_MAX) {
emailTo = emailTo.substring(0, TimelineEventArtifactTypeImpl.EMAIL_TO_FROM_LENGTH_MAX);
}
return "Sent from: " + emailFrom + "Sent to: " + emailTo;
},
new AttributeExtractor(new Type(TSK_SUBJECT)),
artf -> {
final BlackboardAttribute msgAttribute = getAttributeSafe(artf, new Type(TSK_EMAIL_CONTENT_PLAIN));
String msg = stringValueOf(msgAttribute);
if (msg.length() > TimelineEventArtifactTypeImpl.EMAIL_FULL_DESCRIPTION_LENGTH_MAX) {
msg = msg.substring(0, TimelineEventArtifactTypeImpl.EMAIL_FULL_DESCRIPTION_LENGTH_MAX);
}
return msg;
})

Definition at line 388 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.EMAIL_RCVD
Initial value:
= new TimelineEventArtifactTypeImpl(39,
getBundle().getString("MiscTypes.EmailRcvd.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_EMAIL_MSG),
new Type(TSK_DATETIME_RCVD),
artf -> {
String emailFrom = stringValueOf(getAttributeSafe(artf, new Type(TSK_EMAIL_FROM)));
if (emailFrom.length() > TimelineEventArtifactTypeImpl.EMAIL_TO_FROM_LENGTH_MAX) {
emailFrom = emailFrom.substring(0, TimelineEventArtifactTypeImpl.EMAIL_TO_FROM_LENGTH_MAX);
}
String emailTo = stringValueOf(getAttributeSafe(artf, new Type(TSK_EMAIL_TO)));
if (emailTo.length() > TimelineEventArtifactTypeImpl.EMAIL_TO_FROM_LENGTH_MAX) {
emailTo = emailTo.substring(0, TimelineEventArtifactTypeImpl.EMAIL_TO_FROM_LENGTH_MAX);
}
return "Message from: " + emailFrom + " To: " + emailTo;
},
new AttributeExtractor(new Type(TSK_SUBJECT)),
artf -> {
final BlackboardAttribute msgAttribute = getAttributeSafe(artf, new Type(TSK_EMAIL_CONTENT_PLAIN));
String msg = stringValueOf(msgAttribute);
if (msg.length() > TimelineEventArtifactTypeImpl.EMAIL_FULL_DESCRIPTION_LENGTH_MAX) {
msg = msg.substring(0, TimelineEventArtifactTypeImpl.EMAIL_FULL_DESCRIPTION_LENGTH_MAX);
}
return msg;
})

Definition at line 633 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.EXIF
Initial value:
= new TimelineEventArtifactTypeImpl(20,
getBundle().getString("MiscTypes.exif.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_METADATA_EXIF),
new Type(TSK_DATETIME_CREATED),
new AttributeExtractor(new Type(TSK_DEVICE_MAKE)),
new AttributeExtractor(new Type(TSK_DEVICE_MODEL)),
artf -> artf.getSleuthkitCase().getAbstractFileById(artf.getObjectID()).getName()
)

Definition at line 430 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.FILE_ACCESSED
Initial value:
= new FilePathEventType(5,
getBundle().getString("FileSystemTypes.fileAccessed.name"),
HierarchyLevel.EVENT, FILE_SYSTEM)

Definition at line 261 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.FILE_CHANGED
Initial value:
= new FilePathEventType(7,
getBundle().getString("FileSystemTypes.fileChanged.name"),
HierarchyLevel.EVENT, FILE_SYSTEM)

Definition at line 269 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.FILE_CREATED
Initial value:
= new FilePathEventType(6,
getBundle().getString("FileSystemTypes.fileCreated.name"),
HierarchyLevel.EVENT, FILE_SYSTEM)

Definition at line 265 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.FILE_MODIFIED
Initial value:
= new FilePathEventType(4,
getBundle().getString("FileSystemTypes.fileModified.name"),
HierarchyLevel.EVENT, FILE_SYSTEM)

Definition at line 257 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.FILE_SYSTEM
Initial value:
= new TimelineEventTypeImpl(1,
getBundle().getString("BaseTypes.fileSystem.name"),
HierarchyLevel.CATEGORY, ROOT_EVENT_TYPE) {
@Override
public SortedSet< TimelineEventType> getChildren() {
return ImmutableSortedSet.of(FILE_MODIFIED, FILE_ACCESSED,
FILE_CREATED, FILE_CHANGED);
}
}

Definition at line 213 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.GPS_BOOKMARK
Initial value:
= new TimelineEventArtifactTypeImpl(29,
getBundle().getString("MiscTypes.GPSBookmark.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_GPS_BOOKMARK),
new Type(TSK_DATETIME),
new AttributeExtractor(new Type(TSK_NAME)),
artf -> {
final BlackboardAttribute longitude = getAttributeSafe(artf, new Type(TSK_GEO_LONGITUDE));
final BlackboardAttribute latitude = getAttributeSafe(artf, new Type(TSK_GEO_LATITUDE));
return "Latitude: " + stringValueOf(latitude) + " Longitude: " + stringValueOf(longitude);
},
new EmptyExtractor())

Definition at line 509 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.GPS_LAST_KNOWN_LOCATION
Initial value:
= new TimelineEventArtifactTypeImpl(30,
getBundle().getString("MiscTypes.GPSLastknown.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_GPS_LAST_KNOWN_LOCATION),
new Type(TSK_DATETIME),
new AttributeExtractor(new Type(TSK_NAME)),
artf -> {
final BlackboardAttribute longitude = getAttributeSafe(artf, new Type(TSK_GEO_LONGITUDE));
final BlackboardAttribute latitude = getAttributeSafe(artf, new Type(TSK_GEO_LATITUDE));
return "Latitude: " + stringValueOf(latitude) + " Longitude: " + stringValueOf(longitude);
},
new EmptyExtractor())

Definition at line 522 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.GPS_ROUTE
Initial value:
= new TimelineEventArtifactTypeImpl(14,
getBundle().getString("MiscTypes.GPSRoutes.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_GPS_ROUTE),
new Type(TSK_DATETIME),
new AttributeExtractor(new Type(TSK_PROG_NAME)),
new AttributeExtractor(new Type(TSK_LOCATION)),
artf -> {
final BlackboardAttribute latStart = getAttributeSafe(artf, new Type(TSK_GEO_LATITUDE_START));
final BlackboardAttribute longStart = getAttributeSafe(artf, new Type(TSK_GEO_LONGITUDE_START));
final BlackboardAttribute latEnd = getAttributeSafe(artf, new Type(TSK_GEO_LATITUDE_END));
final BlackboardAttribute longEnd = getAttributeSafe(artf, new Type(TSK_GEO_LONGITUDE_END));
return String.format("From latitude: %1$s longitude: %2$s To latitude: %3$s longitude: %4$s", stringValueOf(latStart), stringValueOf(longStart), stringValueOf(latEnd), stringValueOf(longEnd));
})

Definition at line 340 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.GPS_SEARCH
Initial value:
= new TimelineEventArtifactTypeImpl(31,
getBundle().getString("MiscTypes.GPSearch.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_GPS_SEARCH),
new Type(TSK_DATETIME),
new AttributeExtractor(new Type(TSK_NAME)),
artf -> {
final BlackboardAttribute longitude = getAttributeSafe(artf, new Type(TSK_GEO_LONGITUDE));
final BlackboardAttribute latitude = getAttributeSafe(artf, new Type(TSK_GEO_LATITUDE));
return "Latitude: " + stringValueOf(latitude) + " Longitude: " + stringValueOf(longitude);
},
new EmptyExtractor())

Definition at line 535 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.GPS_TRACK
Initial value:
= new GPSTrackArtifactEventType(32,
getBundle().getString("MiscTypes.GPSTrack.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_GPS_TRACK),
new Type(TSK_NAME))

Definition at line 548 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.GPS_TRACKPOINT
Initial value:
= new TimelineEventArtifactTypeImpl(15,
getBundle().getString("MiscTypes.GPSTrackpoint.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_GPS_TRACKPOINT),
new Type(TSK_DATETIME),
new AttributeExtractor(new Type(TSK_PROG_NAME)),
artf -> {
final BlackboardAttribute longitude = getAttributeSafe(artf, new Type(TSK_GEO_LONGITUDE));
final BlackboardAttribute latitude = getAttributeSafe(artf, new Type(TSK_GEO_LATITUDE));
return "Latitude: " + stringValueOf(latitude) + " Longitude: " + stringValueOf(longitude);
},
new EmptyExtractor())

Definition at line 356 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.INSTALLED_PROGRAM
Initial value:
= new TimelineEventArtifactTypeImpl(19,
getBundle().getString("MiscTypes.installedPrograms.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_INSTALLED_PROG),
new Type(TSK_DATETIME),
new AttributeExtractor(new Type(TSK_PROG_NAME)),
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 421 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.LOG_ENTRY
Initial value:
= new TimelineEventArtifactTypeSingleDescription(24,
getBundle().getString("MiscTypes.LogEntry.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_TL_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_DESCRIPTION))

Definition at line 466 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.MESSAGE

Definition at line 308 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.METADATA_CREATED
Initial value:
= new TimelineEventArtifactTypeImpl(35,
getBundle().getString("MiscTypes.metadataCreated.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_METADATA),
new BlackboardAttribute.Type(TSK_DATETIME_CREATED),
artf -> {
return getBundle().getString("MiscTypes.metadataCreated.name");
},
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 576 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.METADATA_LAST_PRINTED
Initial value:
= new TimelineEventArtifactTypeImpl(33,
getBundle().getString("MiscTypes.metadataLastPrinted.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_METADATA),
new BlackboardAttribute.Type(TSK_LAST_PRINTED_DATETIME),
artf -> {
return getBundle().getString("MiscTypes.metadataLastPrinted.name");
},
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 554 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.METADATA_LAST_SAVED
Initial value:
= new TimelineEventArtifactTypeImpl(34,
getBundle().getString("MiscTypes.metadataLastSaved.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_METADATA),
new BlackboardAttribute.Type(TSK_DATETIME_MODIFIED),
artf -> {
return getBundle().getString("MiscTypes.metadataLastSaved.name");
},
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 565 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.MISC_TYPES
Initial value:
= new TimelineEventTypeImpl(3,
getBundle().getString("BaseTypes.miscTypes.name"),
HierarchyLevel.CATEGORY, ROOT_EVENT_TYPE) {
@Override
public SortedSet<TimelineEventType> getChildren() {
return ImmutableSortedSet.of(CALL_LOG, CALL_LOG_END, DEVICES_ATTACHED, EMAIL, EMAIL_RCVD,
EXIF, GPS_BOOKMARK, GPS_LAST_KNOWN_LOCATION, GPS_TRACKPOINT,
GPS_ROUTE, GPS_SEARCH, GPS_TRACK, INSTALLED_PROGRAM, LOG_ENTRY, MESSAGE,
METADATA_LAST_PRINTED, METADATA_LAST_SAVED, METADATA_CREATED, PROGRAM_EXECUTION,
RECENT_DOCUMENTS, REGISTRY, BACKUP_EVENT_START, BACKUP_EVENT_END,
BLUETOOTH_PAIRING, CALENDAR_ENTRY_START, CALENDAR_ENTRY_END,
PROGRAM_DELETED,
OS_INFO, WIFI_NETWORK, USER_DEVICE_EVENT_START, USER_DEVICE_EVENT_END,
SERVICE_ACCOUNT, SCREEN_SHOT, PROGRAM_NOTIFICATION,
BLUETOOTH_PAIRING_ACCESSED, BLUETOOTH_ADAPTER, CUSTOM_ARTIFACT_CATCH_ALL, STANDARD_ARTIFACT_CATCH_ALL, USER_CREATED);
}
}

Definition at line 238 of file TimelineEventType.java.

Referenced by org.sleuthkit.datamodel.TimelineManager.getEventType().

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.OS_INFO
Initial value:
= new TimelineEventArtifactTypeSingleDescription(49,
getBundle().getString("TimelineEventType.OSInfo.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_OS_INFO),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_PROG_NAME))

Definition at line 736 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.PROGRAM_DELETED
Initial value:
= new TimelineEventArtifactTypeSingleDescription(48,
getBundle().getString("TimelineEventType.DeletedProgram.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_DELETED_PROG),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_PROG_NAME))

Definition at line 729 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.PROGRAM_EXECUTION
Initial value:
= new TimelineEventArtifactTypeImpl(36,
getBundle().getString("MiscTypes.programexecuted.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_PROG_RUN),
new Type(TSK_DATETIME),
new AttributeExtractor(new Type(TSK_PROG_NAME)),
artf -> {
String userName = stringValueOf(getAttributeSafe(artf, new Type(TSK_USER_NAME)));
if (userName != null) {
return userName;
}
return "";
},
new AttributeExtractor(new Type(TSK_COMMENT)))

Definition at line 587 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.PROGRAM_NOTIFICATION
Initial value:
= new TimelineEventArtifactTypeSingleDescription(50,
getBundle().getString("TimelineEventType.ProgramNotification.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_PROG_NOTIFICATIONS),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_PROG_NAME))

Definition at line 743 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.RECENT_DOCUMENTS
Initial value:
= new FilePathArtifactEventType(18,
getBundle().getString("MiscTypes.recentDocuments.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_RECENT_OBJECT),
new Type(TSK_DATETIME_ACCESSED),
new Type(TSK_PATH))

Definition at line 414 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.REGISTRY
Initial value:
= new TimelineEventArtifactTypeSingleDescription(25,
getBundle().getString("MiscTypes.Registry.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_TL_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_DESCRIPTION))

Definition at line 473 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.ROOT_EVENT_TYPE
Initial value:
= new TimelineEventTypeImpl(0,
getBundle().getString("RootEventType.eventTypes.name"),
HierarchyLevel.ROOT, null) {
@Override
public SortedSet< TimelineEventType> getChildren() {
ImmutableSortedSet.Builder<TimelineEventType> builder = ImmutableSortedSet.orderedBy(new Comparator<TimelineEventType>() {
@Override
public int compare(TimelineEventType o1, TimelineEventType o2) {
return ((Long) o1.getTypeID()).compareTo(o2.getTypeID());
}
});
builder.add(FILE_SYSTEM, WEB_ACTIVITY, MISC_TYPES);
return builder.build();
}
}

The root type of all event types. No event should actually have this type.

Definition at line 195 of file TimelineEventType.java.

Referenced by org.sleuthkit.datamodel.TimelineEventType.getCategory(), org.sleuthkit.datamodel.TimelineFilter.EventTypeFilter.getDisplayName(), and org.sleuthkit.datamodel.TimelineEventType.getSiblings().

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.SCREEN_SHOT
Initial value:
= new TimelineEventArtifactTypeSingleDescription(51,
getBundle().getString("TimelineEventType.ScreenShot.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_SCREEN_SHOTS),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_PROG_NAME))

Definition at line 750 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.SERVICE_ACCOUNT
Initial value:
= new TimelineEventArtifactTypeImpl(52,
getBundle().getString("TimelineEventType.ServiceAccount.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_SERVICE_ACCOUNT),
new BlackboardAttribute.Type(TSK_DATETIME_CREATED),
artf -> {
String progName = stringValueOf(getAttributeSafe(artf, new Type(TSK_PROG_NAME)));
String userId = stringValueOf(getAttributeSafe(artf, new Type(TSK_USER_ID)));
return String.format("Program Name: %s User ID: %s", progName, userId);
},
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 757 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.STANDARD_ARTIFACT_CATCH_ALL
Initial value:
= new TimelineEventArtifactTypeSingleDescription(23,
getBundle().getString("CustomTypes.other.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_TL_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_DESCRIPTION))

Definition at line 458 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.USER_CREATED
Initial value:
= new TimelineEventArtifactTypeSingleDescription(60,
getBundle().getString("CustomTypes.userCreated.name"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_TL_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_DESCRIPTION))

Definition at line 835 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.USER_DEVICE_EVENT_END
Initial value:
= new TimelineEventArtifactTypeImpl(54,
getBundle().getString("TimelineEventType.UserDeviceEventEnd.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_USER_DEVICE_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME_END),
artf -> {
String progName = stringValueOf(getAttributeSafe(artf, new Type(TSK_PROG_NAME)));
String activityType = stringValueOf(getAttributeSafe(artf, new Type(TSK_ACTIVITY_TYPE)));
String connectionType = stringValueOf(getAttributeSafe(artf, new Type(TSK_VALUE)));
return String.format("Program Name: %s Activity Type: %s Connection Type: %s", progName, activityType, connectionType);
},
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 784 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.USER_DEVICE_EVENT_START
Initial value:
= new TimelineEventArtifactTypeImpl(53,
getBundle().getString("TimelineEventType.UserDeviceEventStart.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_USER_DEVICE_EVENT),
new BlackboardAttribute.Type(TSK_DATETIME_START),
artf -> {
String progName = stringValueOf(getAttributeSafe(artf, new Type(TSK_PROG_NAME)));
String activityType = stringValueOf(getAttributeSafe(artf, new Type(TSK_ACTIVITY_TYPE)));
String connectionType = stringValueOf(getAttributeSafe(artf, new Type(TSK_VALUE)));
return String.format("Program Name: %s Activity Type: %s Connection Type: %s", progName, activityType, connectionType);
},
new EmptyExtractor(),
new EmptyExtractor())

Definition at line 770 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_ACTIVITY
Initial value:
= new TimelineEventTypeImpl(2,
getBundle().getString("BaseTypes.webActivity.name"),
HierarchyLevel.CATEGORY, ROOT_EVENT_TYPE) {
@Override
public SortedSet< TimelineEventType> getChildren() {
return ImmutableSortedSet.of(WEB_DOWNLOADS, WEB_COOKIE,
WEB_COOKIE_ACCESSED, WEB_COOKIE_END, WEB_BOOKMARK,
WEB_HISTORY, WEB_SEARCH, WEB_FORM_AUTOFILL,
WEB_FORM_ADDRESSES, WEB_FORM_ADDRESSES_MODIFIED,
WEB_FORM_AUTOFILL_ACCESSED, WEB_CACHE, WEB_HISTORY_CREATED);
}
}

Definition at line 223 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_BOOKMARK
Initial value:
= new URLArtifactEventType(10,
getBundle().getString("WebTypes.webBookmarks.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_BOOKMARK),
new Type(TSK_DATETIME_CREATED),
new Type(TSK_URL))

Definition at line 287 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_CACHE
Initial value:
= new URLArtifactEventType(55,
getBundle().getString("TimelineEventType.WebCache.text"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_CACHE),
new Type(TSK_DATETIME_CREATED),
new Type(TSK_URL))

Definition at line 798 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_COOKIE
Initial value:
= new URLArtifactEventType(9,
getBundle().getString("WebTypes.webCookies.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_COOKIE),
new Type(TSK_DATETIME_CREATED),
new Type(TSK_URL))

Definition at line 280 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_COOKIE_ACCESSED
Initial value:
= new URLArtifactEventType(41,
getBundle().getString("WebTypes.webCookiesAccessed.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_COOKIE),
new Type(TSK_DATETIME_ACCESSED),
new Type(TSK_URL))

Definition at line 666 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_COOKIE_END
Initial value:
= new URLArtifactEventType(42,
getBundle().getString("WebTypes.webCookiesEnd.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_COOKIE),
new Type(TSK_DATETIME_END),
new Type(TSK_URL)) {
@Override
public boolean isDeprecated() {
return true;
}
}

Definition at line 673 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_DOWNLOADS
Initial value:
= new URLArtifactEventType(8,
getBundle().getString("WebTypes.webDownloads.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_DOWNLOAD),
new Type(TSK_DATETIME_ACCESSED),
new Type(TSK_URL))

Definition at line 273 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_FORM_ADDRESSES
Initial value:
= new URLArtifactEventType(28,
getBundle().getString("WebTypes.webFormAddress.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_FORM_ADDRESS),
new Type(TSK_DATETIME_ACCESSED),
new Type(TSK_EMAIL))

Definition at line 502 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_FORM_ADDRESSES_MODIFIED
Initial value:
= new URLArtifactEventType(40,
getBundle().getString("WebTypes.webFormAddressModified.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_FORM_ADDRESS),
new Type(TSK_DATETIME_MODIFIED),
new Type(TSK_EMAIL))

Definition at line 659 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_FORM_AUTOFILL
Initial value:
= new TimelineEventArtifactTypeImpl(27,
getBundle().getString("WebTypes.webFormAutoFill.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_FORM_AUTOFILL),
new Type(TSK_DATETIME_CREATED),
artf -> {
final BlackboardAttribute name = getAttributeSafe(artf, new Type(TSK_NAME));
final BlackboardAttribute value = getAttributeSafe(artf, new Type(TSK_VALUE));
final BlackboardAttribute count = getAttributeSafe(artf, new Type(TSK_COUNT));
return stringValueOf(name) + ":" + stringValueOf(value);
}, new EmptyExtractor(), new EmptyExtractor())

Definition at line 490 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_FORM_AUTOFILL_ACCESSED
Initial value:
= new TimelineEventArtifactTypeImpl(37,
getBundle().getString("WebTypes.webFormAutofillAccessed.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_FORM_AUTOFILL),
new Type(TSK_DATETIME_ACCESSED),
artf -> {
final BlackboardAttribute name = getAttributeSafe(artf, new Type(TSK_NAME));
final BlackboardAttribute value = getAttributeSafe(artf, new Type(TSK_VALUE));
final BlackboardAttribute count = getAttributeSafe(artf, new Type(TSK_COUNT));
return stringValueOf(name) + ":" + stringValueOf(value) + " Access count: " + stringValueOf(count);
}, new EmptyExtractor(), new EmptyExtractor())

Definition at line 602 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_HISTORY
Initial value:
= new URLArtifactEventType(11,
getBundle().getString("WebTypes.webHistory.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_HISTORY),
new Type(TSK_DATETIME_ACCESSED),
new Type(TSK_URL))

Definition at line 294 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_HISTORY_CREATED
Initial value:
= new URLArtifactEventType(57,
getBundle().getString("WebTypes.webHistoryCreated.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_HISTORY),
new Type(TSK_DATETIME_CREATED),
new Type(TSK_URL))

Definition at line 812 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WEB_SEARCH
Initial value:
= new URLArtifactEventType(12,
getBundle().getString("WebTypes.webSearch.name"),
WEB_ACTIVITY,
new BlackboardArtifact.Type(TSK_WEB_SEARCH_QUERY),
new Type(TSK_DATETIME_ACCESSED),
new Type(TSK_DOMAIN))

Definition at line 301 of file TimelineEventType.java.

TimelineEventType org.sleuthkit.datamodel.TimelineEventType.WIFI_NETWORK
Initial value:
= new TimelineEventArtifactTypeSingleDescription(56,
getBundle().getString("TimelineEventType.WIFINetwork.txt"),
MISC_TYPES,
new BlackboardArtifact.Type(TSK_WIFI_NETWORK),
new BlackboardAttribute.Type(TSK_DATETIME),
new BlackboardAttribute.Type(TSK_SSID))

Definition at line 805 of file TimelineEventType.java.

The documentation for this interface was generated from the following file:

Copyright © 2011-2021 Brian Carrier. (carrier -at- sleuthkit -dot- org)
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.