Autopsy  3.1
Graphical digital forensics platform for The Sleuth Kit and other tools.
StixArtifactData.java
Go to the documentation of this file.
1 /*
2  * Autopsy Forensic Browser
3  *
4  * Copyright 2013 Basis Technology Corp.
5  * Contact: carrier <at> sleuthkit <dot> org
6  *
7  * Licensed under the Apache License, Version 2.0 (the "License");
8  * you may not use this file except in compliance with the License.
9  * You may obtain a copy of the License at
10  *
11  * http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing, software
14  * distributed under the License is distributed on an "AS IS" BASIS,
15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * See the License for the specific language governing permissions and
17  * limitations under the License.
18  */
19 package org.sleuthkit.autopsy.modules.stix;
20 
21 import java.util.ArrayList;
22 import java.util.Collection;
23 import org.sleuthkit.autopsy.casemodule.Case;
24 import org.sleuthkit.datamodel.AbstractFile;
25 import org.sleuthkit.datamodel.BlackboardArtifact;
26 import org.sleuthkit.datamodel.BlackboardAttribute;
27 import org.sleuthkit.datamodel.SleuthkitCase;
28 import org.sleuthkit.datamodel.TskCoreException;
29 
33 class StixArtifactData {
34 
35  private AbstractFile file;
36  private final String observableId;
37  private final String objType;
38 
39  public StixArtifactData(AbstractFile a_file, String a_observableId, String a_objType) {
40  file = a_file;
41  observableId = a_observableId;
42  objType = a_objType;
43  }
44 
45  public StixArtifactData(long a_objId, String a_observableId, String a_objType) {
46  Case case1 = Case.getCurrentCase();
47  SleuthkitCase sleuthkitCase = case1.getSleuthkitCase();
48  try {
49  file = sleuthkitCase.getAbstractFileById(a_objId);
50  } catch (TskCoreException ex) {
51  file = null;
52  }
53  observableId = a_observableId;
54  objType = a_objType;
55  }
56 
57  public void createArtifact(String a_title) throws TskCoreException {
58  Collection<BlackboardAttribute> attrs = new ArrayList<BlackboardAttribute>();
59 
60  String setName;
61  if (a_title != null) {
62  setName = "STIX Indicator - " + a_title; //NON-NLS
63  } else {
64  setName = "STIX Indicator - (no title)"; //NON-NLS
65  }
66 
67  BlackboardArtifact bba = file.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT);
68  bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME.getTypeID(), "Stix", setName)); //NON-NLS
69  bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_TITLE.getTypeID(), "Stix", observableId)); //NON-NLS
70  bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_CATEGORY.getTypeID(), "Stix", objType)); //NON-NLS
71  }
72 
73  public void print() {
74  System.out.println(" " + observableId + " " + file.getName());
75  }
76 }

Copyright © 2012-2015 Basis Technology. Generated on: Mon Oct 19 2015
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.