Sleuth Kit Java Bindings (JNI)
4.4.1
Java bindings for using The Sleuth Kit
|
Public Member Functions | |
OSInfo () | |
OSInfo (BlackboardArtifact a_art, boolean a_isBackup, long a_fileSystemId, Content a_parent) throws TskCoreException | |
OSInfo (BlackboardArtifact a_art, boolean a_isBackup, Content a_parent) throws TskCoreException | |
void | combine (OSInfo a_osInfo) |
List< BlackboardArtifact > | getArtifacts () |
String | getAttributeValue (ATTRIBUTE_TYPE attrType) |
String | getCompName () |
String | getDomain () |
long | getFileSystemId () |
boolean | getIsBackup () |
String | getOSName () |
String | getProcessorArchitecture () |
boolean | haveFileSystem () |
boolean | matches (OSInfo a_osInfo) |
Private Attributes | |
final List< BlackboardArtifact > | artifacts |
final Map< Integer, String > | attributeMap |
final long | fileSystemId |
final boolean | haveFsContent |
final boolean | haveParentId |
final boolean | isBackup |
final long | parentObjId |
Utility class to hold information from OS Info artifacts
Definition at line 31 of file OSInfo.java.
org.sleuthkit.datamodel.OSInfo.OSInfo | ( | ) |
Definition at line 41 of file OSInfo.java.
org.sleuthkit.datamodel.OSInfo.OSInfo | ( | BlackboardArtifact | a_art, |
boolean | a_isBackup, | ||
long | a_fileSystemId, | ||
Content | a_parent | ||
) | throws TskCoreException |
Initialize an OSInfo object
a_art | - OSInfo artifact associated with one registry hive |
a_isBackup | - True if the registry hive was found in a "RegBack" directory |
a_fileSystemId | - File system ID for FS containing the registry hive |
a_parent | - Parent directory containing the registry hive. Can be null |
TskCoreException |
Definition at line 64 of file OSInfo.java.
org.sleuthkit.datamodel.OSInfo.OSInfo | ( | BlackboardArtifact | a_art, |
boolean | a_isBackup, | ||
Content | a_parent | ||
) | throws TskCoreException |
Initialize an OSInfo object (without file system information)
a_art | - OSInfo artifact associated with one registry hive |
a_isBackup | - True if the registry hive was found in a "RegBack" directory |
a_parent | - Parent directory containing the registry hive. Can be null |
TskCoreException |
Definition at line 95 of file OSInfo.java.
void org.sleuthkit.datamodel.OSInfo.combine | ( | OSInfo | a_osInfo | ) |
Combine the attribute map for two OSInfo objects.
a_osInfo | - The OSInfo object to combine with |
Definition at line 145 of file OSInfo.java.
References org.sleuthkit.datamodel.OSInfo.artifacts, and org.sleuthkit.datamodel.OSInfo.attributeMap.
Referenced by org.sleuthkit.datamodel.OSUtility.getOSInfoInternal().
List<BlackboardArtifact> org.sleuthkit.datamodel.OSInfo.getArtifacts | ( | ) |
Definition at line 150 of file OSInfo.java.
References org.sleuthkit.datamodel.OSInfo.artifacts.
String org.sleuthkit.datamodel.OSInfo.getAttributeValue | ( | ATTRIBUTE_TYPE | attrType | ) |
Generic method to get an OSInfo attribute value by ATTRIBUTE_TYPE.
attrType | - the attribute to get |
Definition at line 173 of file OSInfo.java.
References org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.getTypeID().
Referenced by org.sleuthkit.datamodel.OSInfo.getCompName(), org.sleuthkit.datamodel.OSInfo.getDomain(), org.sleuthkit.datamodel.OSInfo.getOSName(), and org.sleuthkit.datamodel.OSInfo.getProcessorArchitecture().
String org.sleuthkit.datamodel.OSInfo.getCompName | ( | ) |
Definition at line 183 of file OSInfo.java.
References org.sleuthkit.datamodel.OSInfo.getAttributeValue(), and org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.
String org.sleuthkit.datamodel.OSInfo.getDomain | ( | ) |
Definition at line 191 of file OSInfo.java.
References org.sleuthkit.datamodel.OSInfo.getAttributeValue(), and org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DOMAIN.
long org.sleuthkit.datamodel.OSInfo.getFileSystemId | ( | ) |
Definition at line 158 of file OSInfo.java.
References org.sleuthkit.datamodel.OSInfo.fileSystemId.
boolean org.sleuthkit.datamodel.OSInfo.getIsBackup | ( | ) |
Definition at line 162 of file OSInfo.java.
References org.sleuthkit.datamodel.OSInfo.isBackup.
String org.sleuthkit.datamodel.OSInfo.getOSName | ( | ) |
Definition at line 195 of file OSInfo.java.
References org.sleuthkit.datamodel.OSInfo.getAttributeValue(), and org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.
String org.sleuthkit.datamodel.OSInfo.getProcessorArchitecture | ( | ) |
Definition at line 187 of file OSInfo.java.
References org.sleuthkit.datamodel.OSInfo.getAttributeValue(), and org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROCESSOR_ARCHITECTURE.
boolean org.sleuthkit.datamodel.OSInfo.haveFileSystem | ( | ) |
Definition at line 154 of file OSInfo.java.
References org.sleuthkit.datamodel.OSInfo.haveFsContent.
boolean org.sleuthkit.datamodel.OSInfo.matches | ( | OSInfo | a_osInfo | ) |
Determine whether two OSInfo objects should be combined.
a_osInfo | - the OSInfo object to compare against |
Definition at line 121 of file OSInfo.java.
References org.sleuthkit.datamodel.OSInfo.fileSystemId, org.sleuthkit.datamodel.OSInfo.haveFsContent, org.sleuthkit.datamodel.OSInfo.haveParentId, org.sleuthkit.datamodel.OSInfo.isBackup, and org.sleuthkit.datamodel.OSInfo.parentObjId.
|
private |
Definition at line 33 of file OSInfo.java.
Referenced by org.sleuthkit.datamodel.OSInfo.combine(), and org.sleuthkit.datamodel.OSInfo.getArtifacts().
|
private |
Definition at line 34 of file OSInfo.java.
Referenced by org.sleuthkit.datamodel.OSInfo.combine().
|
private |
Definition at line 37 of file OSInfo.java.
Referenced by org.sleuthkit.datamodel.OSInfo.getFileSystemId(), and org.sleuthkit.datamodel.OSInfo.matches().
|
private |
Definition at line 36 of file OSInfo.java.
Referenced by org.sleuthkit.datamodel.OSInfo.haveFileSystem(), and org.sleuthkit.datamodel.OSInfo.matches().
|
private |
Definition at line 38 of file OSInfo.java.
Referenced by org.sleuthkit.datamodel.OSInfo.matches().
|
private |
Definition at line 35 of file OSInfo.java.
Referenced by org.sleuthkit.datamodel.OSInfo.getIsBackup(), and org.sleuthkit.datamodel.OSInfo.matches().
|
private |
Definition at line 39 of file OSInfo.java.
Referenced by org.sleuthkit.datamodel.OSInfo.matches().
Copyright © 2011-2015 Brian Carrier. (carrier -at- sleuthkit -dot- org)
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.