Sleuth Kit Java Bindings (JNI)  4.6
Java bindings for using The Sleuth Kit
Public Member Functions | List of all members
org.sleuthkit.datamodel.Report Class Reference

Inherits org.sleuthkit.datamodel.Content.

Public Member Functions

void close ()
 
ArrayList< BlackboardArtifactgetAllArtifacts () throws TskCoreException
 
long getAllArtifactsCount () throws TskCoreException
 
ArrayList< BlackboardArtifactgetArtifacts (String artifactTypeName) throws TskCoreException
 
ArrayList< BlackboardArtifactgetArtifacts (int artifactTypeID) throws TskCoreException
 
ArrayList< BlackboardArtifactgetArtifacts (BlackboardArtifact.ARTIFACT_TYPE type) throws TskCoreException
 
long getArtifactsCount (String artifactTypeName) throws TskCoreException
 
long getArtifactsCount (int artifactTypeID) throws TskCoreException
 
long getArtifactsCount (BlackboardArtifact.ARTIFACT_TYPE type) throws TskCoreException
 
List< ContentgetChildren () throws TskCoreException
 
int getChildrenCount () throws TskCoreException
 
List< Long > getChildrenIds () throws TskCoreException
 
long getCreatedTime ()
 
Content getDataSource () throws TskCoreException
 
BlackboardArtifact getGenInfoArtifact () throws TskCoreException
 
BlackboardArtifact getGenInfoArtifact (boolean create) throws TskCoreException
 
ArrayList< BlackboardAttributegetGenInfoAttributes (BlackboardAttribute.ATTRIBUTE_TYPE attr_type) throws TskCoreException
 
Set< String > getHashSetNames () throws TskCoreException
 
long getId ()
 
String getName ()
 
Content getParent () throws TskCoreException
 
String getPath ()
 
String getReportName ()
 
long getSize ()
 
String getSourceModuleName ()
 
String getUniquePath () throws TskCoreException
 
boolean hasChildren () throws TskCoreException
 
BlackboardArtifact newArtifact (int artifactTypeID) throws TskCoreException
 
BlackboardArtifact newArtifact (BlackboardArtifact.ARTIFACT_TYPE type) throws TskCoreException
 
int read (byte[] buf, long offset, long len) throws TskCoreException
 

Detailed Description

This is a class that models reports.

Definition at line 38 of file Report.java.

Member Function Documentation

void org.sleuthkit.datamodel.Report.close ( )

Free native resources after read is done on the Content object. After closing, read can be called again on the same Content object, which should result in re-opening of new native resources.

Implements org.sleuthkit.datamodel.Content.

Definition at line 151 of file Report.java.

ArrayList<BlackboardArtifact> org.sleuthkit.datamodel.Report.getAllArtifacts ( ) throws TskCoreException

Get all artifacts associated with this content

Returns
a list of blackboard artifacts
Exceptions
TskCoreExceptionif critical error occurred within tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 281 of file Report.java.

References org.sleuthkit.datamodel.SleuthkitCase.getMatchingArtifacts().

long org.sleuthkit.datamodel.Report.getAllArtifactsCount ( ) throws TskCoreException

Get count of all artifacts associated with this content

Returns
count of all blackboard artifacts for this content
Exceptions
TskCoreExceptionif critical error occurred within tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 309 of file Report.java.

References org.sleuthkit.datamodel.SleuthkitCase.getBlackboardArtifactsCount().

ArrayList<BlackboardArtifact> org.sleuthkit.datamodel.Report.getArtifacts ( String  artifactTypeName) throws TskCoreException

Get all artifacts associated with this content that have the given type name

Parameters
artifactTypeNamename of the type to look up
Returns
a list of blackboard artifacts matching the type
Exceptions
TskCoreExceptionif critical error occurred within tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 245 of file Report.java.

References org.sleuthkit.datamodel.SleuthkitCase.getArtifactType().

Referenced by org.sleuthkit.datamodel.Report.getArtifacts().

ArrayList<BlackboardArtifact> org.sleuthkit.datamodel.Report.getArtifacts ( int  artifactTypeID) throws TskCoreException

Get all artifacts associated with this content that have the given type id

Parameters
artifactTypeIDtype id to look up
Returns
a list of blackboard artifacts matching the type
Exceptions
TskCoreExceptionif critical error occurred within tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 268 of file Report.java.

References org.sleuthkit.datamodel.SleuthkitCase.getBlackboardArtifacts(), and org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.

ArrayList<BlackboardArtifact> org.sleuthkit.datamodel.Report.getArtifacts ( BlackboardArtifact.ARTIFACT_TYPE  type) throws TskCoreException

Get all artifacts associated with this content that have the given type

Parameters
typetype to look up
Returns
a list of blackboard artifacts matching the type
Exceptions
TskCoreExceptionif critical error occurred within tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 276 of file Report.java.

References org.sleuthkit.datamodel.Report.getArtifacts().

long org.sleuthkit.datamodel.Report.getArtifactsCount ( String  artifactTypeName) throws TskCoreException

Get count of all artifacts associated with this content that have the given type name

Parameters
artifactTypeNamename of the type to look up
Returns
count of blackboard artifacts matching the type
Exceptions
TskCoreExceptionif critical error occurred within tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 291 of file Report.java.

References org.sleuthkit.datamodel.SleuthkitCase.getArtifactType().

Referenced by org.sleuthkit.datamodel.Report.getArtifactsCount().

long org.sleuthkit.datamodel.Report.getArtifactsCount ( int  artifactTypeID) throws TskCoreException

Get count of all artifacts associated with this content that have the given type id

Parameters
artifactTypeIDtype id to look up
Returns
count of blackboard artifacts matching the type
Exceptions
TskCoreExceptionif critical error occurred within tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 296 of file Report.java.

References org.sleuthkit.datamodel.SleuthkitCase.getBlackboardArtifactsCount(), and org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.

long org.sleuthkit.datamodel.Report.getArtifactsCount ( BlackboardArtifact.ARTIFACT_TYPE  type) throws TskCoreException

Get count of all artifacts associated with this content that have the given type

Parameters
typetype to look up
Returns
count of blackboard artifacts matching the type
Exceptions
TskCoreExceptionif critical error occurred within tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 304 of file Report.java.

References org.sleuthkit.datamodel.Report.getArtifactsCount().

List<Content> org.sleuthkit.datamodel.Report.getChildren ( ) throws TskCoreException

Gets the child content objects of this content.

Returns
List of children
Exceptions
TskCoreExceptionif critical error occurred within tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 198 of file Report.java.

int org.sleuthkit.datamodel.Report.getChildrenCount ( ) throws TskCoreException

Returns count of children objects. Note, this should be more efficient than getting children and counting them.

Returns
children count
Exceptions
TskCoreExceptionif critical error occurred within tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 208 of file Report.java.

List<Long> org.sleuthkit.datamodel.Report.getChildrenIds ( ) throws TskCoreException

Gets the child content ids of this content.

Returns
List of children ids
Exceptions
TskCoreExceptionif critical error occurred within tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 227 of file Report.java.

long org.sleuthkit.datamodel.Report.getCreatedTime ( )

Get the creation date of the report.

Returns
Number of seconds since Jan 1, 1970.

Definition at line 100 of file Report.java.

Content org.sleuthkit.datamodel.Report.getDataSource ( ) throws TskCoreException

Gets the root data source (image, virtual directory, etc.) of this content.

Returns
Content associated with data source or null if one can't be found
Exceptions
TskCoreExceptionif critical error occurred within tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 189 of file Report.java.

References org.sleuthkit.datamodel.Content.getDataSource().

BlackboardArtifact org.sleuthkit.datamodel.Report.getGenInfoArtifact ( ) throws TskCoreException

Return the TSK_GEN_INFO artifact for the file so that individual attributes can be added to it. Creates one if it does not already exist.

Returns
Instance of the TSK_GEN_INFO artifact
Exceptions
TskCoreException

Implements org.sleuthkit.datamodel.Content.

Definition at line 250 of file Report.java.

BlackboardArtifact org.sleuthkit.datamodel.Report.getGenInfoArtifact ( boolean  create) throws TskCoreException

Return the TSK_GEN_INFO artifact for the file so that individual attributes can be added to it. If one does not create, behavior depends on the create argument.

Parameters
createIf true, an artifact will be created if it does not already exist.
Returns
Instance of the TSK_GEN_INFO artifact or null if artifact does not already exist and create was set to false
Exceptions
TskCoreException

Implements org.sleuthkit.datamodel.Content.

Definition at line 256 of file Report.java.

ArrayList<BlackboardAttribute> org.sleuthkit.datamodel.Report.getGenInfoAttributes ( BlackboardAttribute.ATTRIBUTE_TYPE  attr_type) throws TskCoreException

Return attributes of a given type from TSK_GEN_INFO.

Parameters
attr_typeAttribute type to find inside of the TSK_GEN_INFO artifact.
Returns
Attributes

Implements org.sleuthkit.datamodel.Content.

Definition at line 262 of file Report.java.

Set<String> org.sleuthkit.datamodel.Report.getHashSetNames ( ) throws TskCoreException

Get the names of all the hashsets that this content is in.

Returns
the names of the hashsets that this content is in
Exceptions
TskCoreExceptionif critical error occurred within tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 286 of file Report.java.

long org.sleuthkit.datamodel.Report.getId ( )

Returns the unique object ID that was assigned to it in the database. This is a Sleuth Kit database-assigned number.

Returns
object id

Implements org.sleuthkit.datamodel.Content.

Definition at line 82 of file Report.java.

String org.sleuthkit.datamodel.Report.getName ( )

Get the name of this content object (does not include parent path)

Returns
the name

Implements org.sleuthkit.datamodel.Content.

Definition at line 178 of file Report.java.

Content org.sleuthkit.datamodel.Report.getParent ( ) throws TskCoreException
Returns
returns the parent of this Content object or null if there isn't one as is the case for Image.
Exceptions
TskCoreException

Implements org.sleuthkit.datamodel.Content.

Definition at line 213 of file Report.java.

References org.sleuthkit.datamodel.SleuthkitCase.getContentById().

String org.sleuthkit.datamodel.Report.getPath ( )

Get the absolute local path to the report.

Returns

Definition at line 91 of file Report.java.

Referenced by org.sleuthkit.datamodel.Report.getUniquePath().

String org.sleuthkit.datamodel.Report.getReportName ( )

Get the report name, if any.

Returns
The name of the report, possibly empty.

Definition at line 119 of file Report.java.

long org.sleuthkit.datamodel.Report.getSize ( )

Get the (reported) size of the content object and, in theory, how much you should be able to read from it. In some cases, data corruption may mean that you cannot read this much data.

Returns
size of the content in bytes

Implements org.sleuthkit.datamodel.Content.

Definition at line 161 of file Report.java.

String org.sleuthkit.datamodel.Report.getSourceModuleName ( )

Get the name of the module (e.g., ingest module, reporting module) that generated the report.

Returns
The module name.

Definition at line 110 of file Report.java.

String org.sleuthkit.datamodel.Report.getUniquePath ( ) throws TskCoreException
Returns
returns the full path to this Content object starting with a "/" followed by the Image name and similarly for all other segments in the hierarchy.

Implements org.sleuthkit.datamodel.Content.

Definition at line 183 of file Report.java.

References org.sleuthkit.datamodel.Report.getPath().

boolean org.sleuthkit.datamodel.Report.hasChildren ( ) throws TskCoreException

Returns true if the content object has children objects. Note, this should be more efficient than getting children and checking it empty.

Returns
true if has children, false otherwise.
Exceptions
TskCoreExceptionif critical error occurred within tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 203 of file Report.java.

BlackboardArtifact org.sleuthkit.datamodel.Report.newArtifact ( int  artifactTypeID) throws TskCoreException

Create and add an artifact associated with this content to the blackboard

Parameters
artifactTypeIDid of the artifact type (if the id doesn't already exist an exception will be thrown)
Returns
the blackboard artifact created (the artifact type id can be looked up from this)
Exceptions
TskCoreExceptionif critical error occurred within tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 232 of file Report.java.

References org.sleuthkit.datamodel.SleuthkitCase.newBlackboardArtifact(), and org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.

Referenced by org.sleuthkit.datamodel.Report.newArtifact().

BlackboardArtifact org.sleuthkit.datamodel.Report.newArtifact ( BlackboardArtifact.ARTIFACT_TYPE  type) throws TskCoreException

Create and add an artifact associated with this content to the blackboard

Parameters
typeartifact enum tyoe
Returns
the blackboard artifact created (the artifact type id can be looked up from this)
Exceptions
TskCoreExceptionif critical error occurred within tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 240 of file Report.java.

References org.sleuthkit.datamodel.Report.newArtifact().

int org.sleuthkit.datamodel.Report.read ( byte[]  buf,
long  offset,
long  len 
) throws TskCoreException

Reads data that this content object is associated with (file contents, volume contents, etc.).

Parameters
bufa character array of data (in bytes) to copy read data to
offsetbyte offset in the content to start reading from
lennumber of bytes to read into buf.
Returns
num of bytes read, or -1 on error
Exceptions
TskCoreExceptionif critical error occurred during read in the tsk core

Implements org.sleuthkit.datamodel.Content.

Definition at line 124 of file Report.java.

The documentation for this class was generated from the following file:

Copyright © 2011-2018 Brian Carrier. (carrier -at- sleuthkit -dot- org)
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.