Autopsy
3.1
Graphical digital forensics platform for The Sleuth Kit and other tools.
|
Static Public Member Functions | |
static String | getInstallPath () |
static String | getInstallModulesPath () |
static String | getUserModulesPath () |
static String | getUserPythonModulesPath () |
static synchronized String | getJavaPath () |
static File | getUserDirectory () |
static List< String > | getProjectsDirs () |
static String | getUserConfigDirectory () |
static String | getLogDirectory () |
static String | getDefaultPlatformFileEncoding () |
static String | getDefaultPlatformCharset () |
static String | getLogFileEncoding () |
static< T > boolean | extractResourceToUserConfigDir (final Class< T > resourceClass, final String resourceFileName, boolean overWrite) throws IOException |
static String | getOSName () |
static String | getOSVersion () |
static String | getOSArch () |
static boolean | isWindowsOS () |
static String | getOSFilePath (String origFilePath) |
static boolean | is64BitOS () |
static List< LocalDisk > | getPhysicalDrives () |
static List< LocalDisk > | getPartitions () |
static synchronized long | getPID () |
static synchronized long | getJavaPID (String sigarSubQuery) |
static synchronized long[] | getJavaPIDs (String sigarSubQuery) |
static synchronized void | killProcess (long pid) |
static synchronized long | getProcessVirtualMemoryUsed () |
static String | getJvmMemInfo () |
static String | getPhysicalMemInfo () |
static String | getAllMemUsageInfo () |
Static Public Attributes | |
static final String | OS_NAME_UNKNOWN = NbBundle.getMessage(PlatformUtil.class, "PlatformUtil.nameUnknown") |
static final String | OS_VERSION_UNKNOWN = NbBundle.getMessage(PlatformUtil.class, "PlatformUtil.verUnknown") |
static final String | OS_ARCH_UNKNOWN = NbBundle.getMessage(PlatformUtil.class, "PlatformUtil.archUnknown") |
Static Private Member Functions | |
static boolean | canReadDrive (String diskPath) |
Static Private Attributes | |
static final String | PYTHON_MODULES_SUBDIRECTORY = "python_modules" |
static String | javaPath = null |
static volatile long | pid = -1 |
static volatile Sigar | sigar = null |
static volatile MemoryMXBean | memoryManager = null |
Platform utilities
Definition at line 51 of file PlatformUtil.java.
|
staticprivate |
Are we able to read this drive? Usually related to admin permissions.
For all drives and partitions, we are using Java's ability to read the first byte of a drive to determine if TSK would be able to read the drive during the add image process. This returns whether the drive is readable or not far faster than validating if TSK can open the drive. We are assuming the results are almost exactly the same.
diskPath | path to the disk we want to read |
IOException | if we fail to read |
Definition at line 413 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getPartitions(), and org.sleuthkit.autopsy.coreutils.PlatformUtil.getPhysicalDrives().
|
static |
Utility to extract a resource file to a user configuration directory, if it does not exist - useful for setting up default configurations.
resourceClass | class in the same package as the resourceFile to extract |
resourceFileName | Name of the resource file to extract |
overWrite | true to overwrite an existing resource |
IOException | exception thrown if extract the file failed for IO reasons |
Definition at line 222 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.getUserConfigDirectory().
Referenced by org.sleuthkit.autopsy.report.ReportBranding.extractDefaultGeneratorLogo(), org.sleuthkit.autopsy.coreutils.XMLUtil.validateDocument(), and org.sleuthkit.autopsy.coreutils.XMLUtil.xmlIsValid().
|
static |
Return formatted string with all memory usage (jvm, physical, native)
Definition at line 608 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.getJvmMemInfo(), org.sleuthkit.autopsy.coreutils.PlatformUtil.getPhysicalMemInfo(), and org.sleuthkit.autopsy.coreutils.PlatformUtil.getProcessVirtualMemoryUsed().
Referenced by org.sleuthkit.autopsy.casemodule.Case.doCaseChange(), and org.sleuthkit.autopsy.ingest.IngestMonitor.MonitorAction.monitorMemory().
|
static |
Definition at line 202 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.Installer.restored(), and org.sleuthkit.autopsy.keywordsearch.Server.InputStreamPrinterThread.run().
|
static |
Definition at line 198 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.Installer.restored().
|
static |
Get root path where the application modules are installed
Definition at line 79 of file PlatformUtil.java.
|
static |
Get root path where the application is installed
Definition at line 67 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getJavaPath().
|
static |
get file path to the java executable binary use embedded java if available, otherwise use system java in PATH no validation is done if java exists in PATH
Definition at line 126 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.getInstallPath(), and org.sleuthkit.autopsy.coreutils.PlatformUtil.javaPath.
|
static |
Query and get PID of another java process
sigarSubQuery | a sigar subquery to identify a unique java process among other java processes, for example, by class name, use: Args.*.eq=org.jboss.Main more examples here: http://support.hyperic.com/display/SIGAR/PTQL |
Definition at line 469 of file PlatformUtil.java.
References org.sleuthkit.autopsy.corelibs.SigarLoader.getSigar().
|
static |
Query and get PIDs of another java processes matching a query
sigarSubQuery | a sigar subquery to identify a java processes among other java processes, for example, by class name, use: Args.*.eq=org.jboss.Main more examples here: http://support.hyperic.com/display/SIGAR/PTQL |
Definition at line 501 of file PlatformUtil.java.
References org.sleuthkit.autopsy.corelibs.SigarLoader.getSigar().
|
static |
Return formatted string with Jvm heap and non-heap memory usage
Definition at line 574 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getAllMemUsageInfo().
|
static |
Get log directory path
Definition at line 193 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.casemodule.Case.changeCase().
|
static |
Definition at line 206 of file PlatformUtil.java.
|
static |
Get OS arch details, or OS_ARCH_UNKNOWN
Definition at line 269 of file PlatformUtil.java.
|
static |
Convert file path (quote) for OS specific
origFilePath |
Definition at line 288 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.isWindowsOS().
|
static |
Get operating system name, or OS_NAME_UNKNOWN
Definition at line 251 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.isWindowsOS().
|
static |
Get operating system version, or OS_VERSION_UNKNOWN
Definition at line 260 of file PlatformUtil.java.
|
static |
Get a list all all the local drives and partitions on the client's machine.
Definition at line 368 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.canReadDrive(), and org.sleuthkit.autopsy.coreutils.PlatformUtil.isWindowsOS().
|
static |
Get a list of all physical drives attached to the client's machine. Error threshold of 4 non-existent physical drives before giving up.
Definition at line 317 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.canReadDrive(), org::sleuthkit::datamodel::SleuthkitJNI.findDeviceSize(), and org.sleuthkit.autopsy.coreutils.PlatformUtil.isWindowsOS().
|
static |
Return formatted string with physical memory usage
Definition at line 593 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getAllMemUsageInfo().
|
static |
Query and get PID of this process
Definition at line 437 of file PlatformUtil.java.
References org.sleuthkit.autopsy.corelibs.SigarLoader.getSigar(), and org.sleuthkit.autopsy.coreutils.PlatformUtil.pid.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getProcessVirtualMemoryUsed(), and org.sleuthkit.autopsy.coreutils.Installer.restored().
|
static |
Query and return virtual memory used by the process
Definition at line 549 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.getPID(), and org.sleuthkit.autopsy.corelibs.SigarLoader.getSigar().
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getAllMemUsageInfo(), and org.sleuthkit.autopsy.coreutils.Installer.restored().
|
static |
|
static |
Get user config directory path
Definition at line 184 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.report.ReportBranding.extractDefaultGeneratorLogo(), org.sleuthkit.autopsy.coreutils.PlatformUtil.extractResourceToUserConfigDir(), org.sleuthkit.autopsy.report.ReportBranding.ReportBranding(), org.sleuthkit.autopsy.coreutils.XMLUtil.validateDocument(), and org.sleuthkit.autopsy.coreutils.XMLUtil.xmlIsValid().
|
static |
Get user directory where application wide user settings, cache, temp files are stored
Definition at line 155 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getUserModulesPath(), org.sleuthkit.autopsy.coreutils.PlatformUtil.getUserPythonModulesPath(), and org.sleuthkit.autopsy.corecomponents.AboutWindowPanel.startVerboseLogging().
|
static |
Get root path where the user modules are installed
Definition at line 106 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.getUserDirectory().
|
static |
Get root path where the user Python modules are installed.
Definition at line 115 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.getUserDirectory(), and org.sleuthkit.autopsy.coreutils.PlatformUtil.PYTHON_MODULES_SUBDIRECTORY.
Referenced by org.sleuthkit.autopsy.actions.OpenPythonModulesFolderAction.actionPerformed(), org.sleuthkit.autopsy.core.Installer.ensurePythonModulesFolderExists(), and org.sleuthkit.autopsy.python.JythonModuleLoader.getInterfaceImplementations().
|
static |
Attempts to determine whether the operating system is a 64-bit operating system. May not be completely reliable for non-Windows operating systems.
Definition at line 303 of file PlatformUtil.java.
|
static |
Check if running on Windows OS
Definition at line 278 of file PlatformUtil.java.
References org.sleuthkit.autopsy.coreutils.PlatformUtil.getOSName().
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getOSFilePath(), org.sleuthkit.autopsy.coreutils.PlatformUtil.getPartitions(), org.sleuthkit.autopsy.coreutils.PlatformUtil.getPhysicalDrives(), and org.sleuthkit.autopsy.core.Installer.loadDynLibraries().
|
static |
Kill a process by PID by sending signal to it using Sigar
pid | pid of the process to kill |
Definition at line 527 of file PlatformUtil.java.
References org.sleuthkit.autopsy.corelibs.SigarLoader.getSigar().
|
staticprivate |
Definition at line 54 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getJavaPath().
|
staticprivate |
Definition at line 60 of file PlatformUtil.java.
|
static |
Definition at line 57 of file PlatformUtil.java.
|
static |
Definition at line 55 of file PlatformUtil.java.
|
static |
Definition at line 56 of file PlatformUtil.java.
|
staticprivate |
Definition at line 58 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getPID().
|
staticprivate |
Definition at line 53 of file PlatformUtil.java.
Referenced by org.sleuthkit.autopsy.coreutils.PlatformUtil.getUserPythonModulesPath().
|
staticprivate |
Definition at line 59 of file PlatformUtil.java.
Copyright © 2012-2015 Basis Technology. Generated on: Mon Oct 19 2015
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.