Autopsy  4.12.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
AppDBParserHelper.java
Go to the documentation of this file.
1 /*
2  * Autopsy Forensic Browser
3  *
4  * Copyright 2019 Basis Technology Corp.
5  * Contact: carrier <at> sleuthkit <dot> org
6  *
7  * Licensed under the Apache License, Version 2.0 (the "License");
8  * you may not use this file except in compliance with the License.
9  * You may obtain a copy of the License at
10  *
11  * http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing, software
14  * distributed under the License is distributed on an "AS IS" BASIS,
15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * See the License for the specific language governing permissions and
17  * limitations under the License.
18  */
19 package org.sleuthkit.autopsy.coreutils;
20 
21 import java.util.Arrays;
22 import java.util.Collection;
23 import java.util.Collections;
24 import java.util.List;
25 import java.util.logging.Level;
26 import org.apache.commons.lang3.StringUtils;
27 import org.sleuthkit.autopsy.casemodule.Case;
28 import org.sleuthkit.datamodel.AbstractFile;
29 import org.sleuthkit.datamodel.AccountFileInstance;
30 import org.sleuthkit.datamodel.BlackboardArtifact;
31 import org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE;
32 import org.sleuthkit.datamodel.BlackboardAttribute;
33 import org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE;
34 import org.sleuthkit.datamodel.Account;
35 import org.sleuthkit.datamodel.Blackboard;
36 import org.sleuthkit.datamodel.DataSource;
37 import org.sleuthkit.datamodel.Relationship;
38 import org.sleuthkit.datamodel.TskCoreException;
39 import org.sleuthkit.datamodel.TskDataException;
40 
41 
46 public final class AppDBParserHelper {
47 
48  private static final Logger logger = Logger.getLogger(AppDBParserHelper.class.getName());
49 
53  public enum MessageReadStatusEnum {
54 
55  UNKNOWN,
56  UNREAD,
57  READ
58  }
59 
63  public enum CommunicationDirection
64  {
65  UNKNOWN("Unknown"),
66  INCOMING("Incoming"),
67  OUTGOING("Outgoing");
68 
69  private final String dirStr;
70 
71  CommunicationDirection(String dir) {
72  this.dirStr = dir;
73  }
74 
75  public String getString() {
76  return dirStr;
77  }
78  }
79 
83  public enum CallMediaType
84  {
85  UNKNOWN("Unknown"),
86  AUDIO("Audio"),
87  VIDEO("Video");
88 
89  private final String typeStr;
90 
91  CallMediaType(String type) {
92  this.typeStr = type;
93  }
94 
95  public String getString() {
96  return typeStr;
97  }
98  }
99 
100 
101  private final AbstractFile dbAbstractFile;
102  private final String moduleName;
103 
104  // 'self' account for the application.
105  private final AccountFileInstance selfAccountInstance;
106 
107  // type of accounts to be created for the Application using this helper
108  private final Account.Type accountsType;
109 
124  public AppDBParserHelper(String moduleName, AbstractFile dbFile, Account.Type accountsType) throws TskCoreException {
125 
126  this.moduleName = moduleName;
127  this.dbAbstractFile = dbFile;
128  this.accountsType = accountsType;
129  this.selfAccountInstance = Case.getCurrentCase().getSleuthkitCase().getCommunicationsManager().createAccountFileInstance(Account.Type.DEVICE, ((DataSource)dbFile.getDataSource()).getDeviceId(), moduleName, dbFile);
130  }
131 
149  public AppDBParserHelper(String moduleName, AbstractFile dbFile, Account.Type accountsType, Account.Type selfAccountType, Account.Address selfAccountAddress) throws TskCoreException {
150 
151  this.moduleName = moduleName;
152  this.dbAbstractFile = dbFile;
153  this.accountsType = accountsType;
154 
155  this.selfAccountInstance = Case.getCurrentCase().getSleuthkitCase().getCommunicationsManager().createAccountFileInstance(selfAccountType, selfAccountAddress.getUniqueID(), moduleName, dbFile);
156  }
157 
168  public AppDBParserHelper(String moduleName, AbstractFile dbFile) {
169  this.moduleName = moduleName;
170  this.dbAbstractFile = dbFile;
171  this.selfAccountInstance = null;
172  this.accountsType = null;
173  }
174 
175 
192  public BlackboardArtifact addContact(String contactAccountUniqueID, String contactName,
193  String phoneNumber, String homePhoneNumber,
194  String mobilePhoneNumber, String emailAddr) {
195  return addContact(contactAccountUniqueID, contactName,phoneNumber,
196  homePhoneNumber,mobilePhoneNumber, emailAddr,
197  Collections.<BlackboardAttribute>emptyList() );
198  }
199 
200 
219  public BlackboardArtifact addContact(String contactAccountUniqueID, String contactName,
220  String phoneNumber, String homePhoneNumber,
221  String mobilePhoneNumber, String emailAddr,
222  Collection<BlackboardAttribute> additionalAttributes) {
223 
224  BlackboardArtifact contactArtifact = null;
225  try {
226  // Create TSK_CONTACT artifact
227  contactArtifact = this.dbAbstractFile.newArtifact(ARTIFACT_TYPE.TSK_CONTACT);
228 
229  // Add basic attributes for name phonenumber email, if specified
230  contactArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME, moduleName, contactName));
231 
232  if (!StringUtils.isEmpty(phoneNumber)) {
233  contactArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PHONE_NUMBER, moduleName, phoneNumber));
234  }
235  if (!StringUtils.isEmpty(homePhoneNumber)) {
236  contactArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_HOME, moduleName, homePhoneNumber));
237  }
238  if (!StringUtils.isEmpty(mobilePhoneNumber)) {
239  contactArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_MOBILE, moduleName, mobilePhoneNumber));
240  }
241  if (!StringUtils.isEmpty(emailAddr)) {
242  contactArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_EMAIL, moduleName, emailAddr));
243  }
244 
245  // Add additional specified attributes
246  for (BlackboardAttribute additionalAttribute: additionalAttributes) {
247  contactArtifact.addAttribute(additionalAttribute);
248  }
249 
250  // Find/Create an account instance for the contact
251  // Create a relationship between selfAccount and contactAccount
252  AccountFileInstance contactAccountInstance = createAccountInstance(accountsType, contactAccountUniqueID);
253  if (selfAccountInstance != null) {
254  addRelationship (selfAccountInstance, contactAccountInstance, contactArtifact, Relationship.Type.CONTACT, 0 );
255  }
256 
257  // post artifact
258  Case.getCurrentCase().getSleuthkitCase().getBlackboard().postArtifact(contactArtifact, this.moduleName);
259  } catch (TskCoreException ex) {
260  logger.log(Level.SEVERE, "Unable to add contact artifact", ex); //NON-NLS
261  return null;
262  }
263  catch (Blackboard.BlackboardException ex) {
264  logger.log(Level.SEVERE, String.format("Unable to post artifact %s", ((contactArtifact != null)? contactArtifact.getArtifactID() : "")), ex); //NON-NLS
265  }
266 
267  return contactArtifact;
268  }
269 
270 
278  private AccountFileInstance createAccountInstance(Account.Type accountType, String accountUniqueID ) throws TskCoreException {
279  return Case.getCurrentCase().getSleuthkitCase().getCommunicationsManager().createAccountFileInstance(accountType, accountUniqueID, moduleName, this.dbAbstractFile);
280  }
281 
282 
292  private void addRelationship(AccountFileInstance selfAccountInstance, AccountFileInstance otherAccountInstance,
293  BlackboardArtifact sourceArtifact, Relationship.Type relationshipType, long dateTime) {
294  try {
295  if (selfAccountInstance.getAccount() != otherAccountInstance.getAccount()) {
296  Case.getCurrentCase().getSleuthkitCase().getCommunicationsManager().addRelationships(selfAccountInstance,
297  Collections.singletonList(otherAccountInstance), sourceArtifact, relationshipType, dateTime);
298  }
299  } catch (TskCoreException | TskDataException ex) {
300  logger.log(Level.SEVERE, String.format("Unable to add relationship between account %s and account %s", selfAccountInstance.toString(), otherAccountInstance.toString()), ex); //NON-NLS
301  }
302  }
303 
304 
323  public BlackboardArtifact addMessage(
324  String messageType,
325  CommunicationDirection direction,
326  Account.Address fromAddress,
327  Account.Address toAddress,
328  long dateTime, MessageReadStatusEnum readStatus,
329  String subject, String messageText, String threadId) {
330  return addMessage(messageType, direction,
331  fromAddress, toAddress, dateTime, readStatus,
332  subject, messageText, threadId,
333  Collections.<BlackboardAttribute>emptyList());
334  }
335 
356  public BlackboardArtifact addMessage( String messageType,
357  CommunicationDirection direction,
358  Account.Address fromAddress,
359  Account.Address toAddress,
360  long dateTime, MessageReadStatusEnum readStatus, String subject,
361  String messageText, String threadId,
362  Collection<BlackboardAttribute> otherAttributesList) {
363 
364  return addMessage(messageType, direction,
365  fromAddress,
366  Arrays.asList(toAddress),
367  dateTime, readStatus,
368  subject, messageText, threadId,
369  otherAttributesList);
370  }
371 
393  public BlackboardArtifact addMessage( String messageType,
394  CommunicationDirection direction,
395  Account.Address fromAddress,
396  List<Account.Address> recipientsList,
397  long dateTime, MessageReadStatusEnum readStatus,
398  String subject, String messageText, String threadId) {
399  return addMessage( messageType, direction,
400  fromAddress, recipientsList,
401  dateTime, readStatus,
402  subject, messageText, threadId,
403  Collections.<BlackboardAttribute>emptyList());
404  }
405 
406 
407  public BlackboardArtifact addMessage( String messageType,
408  CommunicationDirection direction,
409  Account.Address fromAddress,
410  List<Account.Address> recipientsList,
411  long dateTime, MessageReadStatusEnum readStatus,
412  String subject, String messageText,
413  String threadId,
414  Collection<BlackboardAttribute> otherAttributesList) {
415 
416  // Created message artifact.
417  BlackboardArtifact msgArtifact = null;
418  try {
419  // Create TSK_MESSAGE artifact
420  msgArtifact = dbAbstractFile.newArtifact(ARTIFACT_TYPE.TSK_MESSAGE);
421  if (dateTime > 0) {
422  msgArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME, moduleName, dateTime));
423  }
424  if (readStatus != MessageReadStatusEnum.UNKNOWN) {
425  msgArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_READ_STATUS, moduleName, (readStatus == MessageReadStatusEnum.READ) ? 1 : 0));
426  }
427 
428  // Add basic attribute, if the correspond value is specified
429  if (!StringUtils.isEmpty(messageType)) {
430  msgArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_MESSAGE_TYPE, moduleName, messageType));
431  }
432  if (direction != CommunicationDirection.UNKNOWN) {
433  msgArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DIRECTION, moduleName, direction.getString()));
434  }
435  if (fromAddress != null && !StringUtils.isEmpty(fromAddress.getDisplayName())) {
436  msgArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_FROM, moduleName, fromAddress.getDisplayName()));
437  }
438  // Create a comma separated string of recipients
439  String toAddresses = addressListToString(recipientsList);
440  if (toAddresses != null && !StringUtils.isEmpty(toAddresses)) {
441  msgArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_TO, moduleName, toAddresses));
442  }
443 
444  if (!StringUtils.isEmpty(subject)) {
445  msgArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_SUBJECT, moduleName, subject));
446  }
447  if (!StringUtils.isEmpty(messageText)) {
448  msgArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_TEXT, moduleName, messageText));
449  }
450  if (!StringUtils.isEmpty(threadId)) {
451  msgArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_THREAD_ID, moduleName, threadId));
452  }
453 
454  // Add other specified attributes
455  for (BlackboardAttribute otherAttribute: otherAttributesList) {
456  msgArtifact.addAttribute(otherAttribute);
457  }
458 
459  // Find/create an account instance for sender
460  if (fromAddress != null) {
461  AccountFileInstance senderAccountInstance = createAccountInstance(accountsType, fromAddress.getUniqueID());
462 
463  // Create a relationship between selfAccount and sender account
464  if (selfAccountInstance != null) {
465  addRelationship (selfAccountInstance, senderAccountInstance, msgArtifact, Relationship.Type.MESSAGE, dateTime );
466  }
467  }
468 
469  // Find/create an account instance for each recipient
470  if (recipientsList != null) {
471  for(Account.Address recipient : recipientsList) {
472 
473  AccountFileInstance recipientAccountInstance = createAccountInstance(accountsType, recipient.getUniqueID());
474 
475  // Create a relationship between selfAccount and recipient account
476  if (selfAccountInstance != null) {
477  addRelationship (selfAccountInstance, recipientAccountInstance, msgArtifact, Relationship.Type.MESSAGE, dateTime );
478  }
479  }
480  }
481 
482  // post artifact
483  Case.getCurrentCase().getSleuthkitCase().getBlackboard().postArtifact(msgArtifact, this.moduleName);
484  } catch (TskCoreException ex) {
485  logger.log(Level.SEVERE, "Unable to add message artifact", ex); //NON-NLS
486  return null;
487  }
488  catch (Blackboard.BlackboardException ex) {
489  logger.log(Level.SEVERE, String.format("Unable to post artifact %s", ((msgArtifact != null)? msgArtifact.getArtifactID() : "")), ex); //NON-NLS
490  }
491 
492  // return the artifact
493  return msgArtifact;
494  }
495 
510  public BlackboardArtifact addCalllog(CommunicationDirection direction,
511  Account.Address fromAddress, Account.Address toAddress,
512  long startDateTime, long endDateTime) {
513  return addCalllog(direction, fromAddress, toAddress,
514  startDateTime, endDateTime,
515  CallMediaType.UNKNOWN);
516  }
517 
533  public BlackboardArtifact addCalllog(CommunicationDirection direction,
534  Account.Address fromAddress, Account.Address toAddress,
535  long startDateTime, long endDateTime, CallMediaType mediaType) {
536  return addCalllog(direction, fromAddress, toAddress,
537  startDateTime, endDateTime, mediaType,
538  Collections.<BlackboardAttribute>emptyList());
539  }
540 
557  public BlackboardArtifact addCalllog(CommunicationDirection direction,
558  Account.Address fromAddress,
559  Account.Address toAddress,
560  long startDateTime, long endDateTime,
561  CallMediaType mediaType,
562  Collection<BlackboardAttribute> otherAttributesList) {
563  return addCalllog(direction,
564  fromAddress,
565  Arrays.asList(toAddress),
566  startDateTime, endDateTime,
567  mediaType,
568  otherAttributesList);
569  }
570 
586  public BlackboardArtifact addCalllog(CommunicationDirection direction,
587  Account.Address fromAddress,
588  Collection<Account.Address> toAddressList,
589  long startDateTime, long endDateTime) {
590 
591  return addCalllog(direction, fromAddress, toAddressList,
592  startDateTime, endDateTime,
593  CallMediaType.UNKNOWN);
594  }
595 
612  public BlackboardArtifact addCalllog(CommunicationDirection direction,
613  Account.Address fromAddress,
614  Collection<Account.Address> toAddressList,
615  long startDateTime, long endDateTime,
616  CallMediaType mediaType) {
617 
618  return addCalllog(direction, fromAddress, toAddressList,
619  startDateTime, endDateTime,
620  mediaType,
621  Collections.<BlackboardAttribute>emptyList());
622  }
623 
641  public BlackboardArtifact addCalllog(CommunicationDirection direction,
642  Account.Address fromAddress,
643  Collection<Account.Address> toAddressList,
644  long startDateTime, long endDateTime,
645  CallMediaType mediaType,
646  Collection<BlackboardAttribute> otherAttributesList) {
647  BlackboardArtifact callLogArtifact = null;
648  try {
649  // Create TSK_CALLLOG artifact
650  callLogArtifact = dbAbstractFile.newArtifact(ARTIFACT_TYPE.TSK_CALLLOG);
651 
652  // Add basic attributes
653  if (startDateTime > 0) {
654  callLogArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_START, moduleName, startDateTime));
655  }
656  if (endDateTime > 0) {
657  callLogArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_END, moduleName, endDateTime));
658  }
659 
660  if (direction != CommunicationDirection.UNKNOWN) {
661  callLogArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DIRECTION, moduleName, direction.getString()));
662  }
663  if (fromAddress != null) {
664  callLogArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_FROM, moduleName, fromAddress.getUniqueID()));
665  if (!StringUtils.isEmpty(fromAddress.getDisplayName())) {
666  callLogArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME, moduleName, fromAddress.getDisplayName()));
667  }
668  }
669 
670  // Create a comma separated string of recipients
671  String toAddresses = addressListToString(toAddressList);
672  if (!StringUtils.isEmpty(toAddresses)) {
673  callLogArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_TO, moduleName, toAddresses));
674  }
675 
676  // Add other specified attributes
677  for (BlackboardAttribute otherAttribute: otherAttributesList) {
678  callLogArtifact.addAttribute(otherAttribute);
679  }
680 
681  // Create a relationship between selfAccount and caller
682  if (fromAddress != null) {
683  AccountFileInstance callerAccountInstance = createAccountInstance(accountsType, fromAddress.getUniqueID());
684  if (selfAccountInstance != null) {
685  addRelationship (selfAccountInstance, callerAccountInstance, callLogArtifact, Relationship.Type.CALL_LOG, (startDateTime > 0) ? startDateTime : 0 );
686  }
687  }
688 
689  // Create a relationship between selfAccount and each callee
690  if (toAddressList != null) {
691  for(Account.Address callee : toAddressList) {
692  AccountFileInstance calleeAccountInstance = createAccountInstance(accountsType, callee.getUniqueID());
693  if (selfAccountInstance != null) {
694  addRelationship (selfAccountInstance, calleeAccountInstance, callLogArtifact, Relationship.Type.CALL_LOG, (startDateTime > 0) ? startDateTime : 0 );
695  }
696  }
697  }
698 
699  // post artifact
700  Case.getCurrentCase().getSleuthkitCase().getBlackboard().postArtifact(callLogArtifact, this.moduleName);
701  } catch (TskCoreException ex) {
702  logger.log(Level.SEVERE, "Unable to add calllog artifact", ex); //NON-NLS
703  return null;
704  }
705  catch (Blackboard.BlackboardException ex) {
706  logger.log(Level.SEVERE, String.format("Unable to post artifact %s", ((callLogArtifact != null)? callLogArtifact.getArtifactID() : "")), ex); //NON-NLS
707  }
708 
709  // return the artifact
710  return callLogArtifact;
711  }
712 
713 
724  public BlackboardArtifact addWebBookmark(String url, String title, long creationTime, String progName) {
725  return addWebBookmark(url, title, creationTime, progName,
726  Collections.<BlackboardAttribute>emptyList());
727  }
728 
740  public BlackboardArtifact addWebBookmark(String url, String title, long creationTime, String progName,
741  Collection<BlackboardAttribute> otherAttributesList) {
742 
743  BlackboardArtifact bookMarkArtifact = null;
744  try {
745  // Create artifact
746  bookMarkArtifact = dbAbstractFile.newArtifact(ARTIFACT_TYPE.TSK_WEB_BOOKMARK);
747 
748  // Add basic attributes
749  bookMarkArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_URL, moduleName, url));
750  if (creationTime > 0) {
751  bookMarkArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_CREATED, moduleName, creationTime));
752  }
753 
754  if (!StringUtils.isEmpty(title)) {
755  bookMarkArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_TITLE, moduleName, title));
756  }
757  if (!StringUtils.isEmpty(url)) {
758  bookMarkArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DOMAIN, moduleName, NetworkUtils.extractDomain(url)));
759  }
760  if (!StringUtils.isEmpty(progName)) {
761  bookMarkArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME, moduleName, progName));
762  }
763 
764  // Add other specified attributes
765  for (BlackboardAttribute otherAttribute: otherAttributesList) {
766  bookMarkArtifact.addAttribute(otherAttribute);
767  }
768 
769  // post artifact
770  Case.getCurrentCase().getSleuthkitCase().getBlackboard().postArtifact(bookMarkArtifact, this.moduleName);
771  } catch (TskCoreException ex) {
772  logger.log(Level.SEVERE, "Unable to add bookmark artifact", ex); //NON-NLS
773  return null;
774  }
775  catch (Blackboard.BlackboardException ex) {
776  logger.log(Level.SEVERE, String.format("Unable to post artifact %s", ((bookMarkArtifact != null)? bookMarkArtifact.getArtifactID() : "")), ex); //NON-NLS
777  }
778 
779  // return the artifact
780  return bookMarkArtifact;
781  }
782 
783 
795  public BlackboardArtifact addWebCookie(String url, long creationTime,
796  String name, String value, String programName) {
797 
798  return addWebCookie(url, creationTime, name, value, programName,
799  Collections.<BlackboardAttribute>emptyList());
800  }
801 
815  public BlackboardArtifact addWebCookie(String url,
816  long creationTime, String name, String value, String programName,
817  Collection<BlackboardAttribute> otherAttributesList) {
818 
819 
820  BlackboardArtifact cookieArtifact = null;
821  try {
822  // Create artifact
823  cookieArtifact = dbAbstractFile.newArtifact(ARTIFACT_TYPE.TSK_WEB_COOKIE);
824 
825  // Add basic attributes
826  cookieArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_URL, moduleName, url));
827  if (creationTime > 0) {
828  cookieArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME, moduleName, creationTime));
829  }
830 
831  if (!StringUtils.isEmpty(name)) {
832  cookieArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME, moduleName, name));
833  }
834  if (!StringUtils.isEmpty(value)) {
835  cookieArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_VALUE, moduleName, value));
836  }
837  if (!StringUtils.isEmpty(url)) {
838  cookieArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DOMAIN, moduleName, NetworkUtils.extractDomain(url)));
839  }
840  if (!StringUtils.isEmpty(programName)) {
841  cookieArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME, moduleName, programName));
842  }
843 
844  // Add other specified attributes
845  for (BlackboardAttribute otherAttribute: otherAttributesList) {
846  cookieArtifact.addAttribute(otherAttribute);
847  }
848 
849  // post artifact
850  Case.getCurrentCase().getSleuthkitCase().getBlackboard().postArtifact(cookieArtifact, this.moduleName);
851  } catch (TskCoreException ex) {
852  logger.log(Level.SEVERE, "Unable to add bookmark artifact", ex); //NON-NLS
853  return null;
854  }
855  catch (Blackboard.BlackboardException ex) {
856  logger.log(Level.SEVERE, String.format("Unable to post artifact %s", ((cookieArtifact != null)? cookieArtifact.getArtifactID() : "")), ex); //NON-NLS
857  }
858 
859  // return the artifact
860  return cookieArtifact;
861  }
862 
874  public BlackboardArtifact addWebHistory(String url, long accessTime,
875  String referrer, String title, String programName) {
876  return addWebHistory(url, accessTime, referrer, title, programName,
877  Collections.<BlackboardAttribute>emptyList());
878  }
879 
894  public BlackboardArtifact addWebHistory(String url, long accessTime,
895  String referrer, String title, String programName,
896  Collection<BlackboardAttribute> otherAttributesList) {
897 
898  BlackboardArtifact webHistoryArtifact = null;
899  try {
900  // Create artifact
901  webHistoryArtifact = dbAbstractFile.newArtifact(ARTIFACT_TYPE.TSK_WEB_HISTORY);
902 
903  // Add basic attributes
904  webHistoryArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_URL, moduleName, url));
905  if (accessTime > 0) {
906  webHistoryArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED, moduleName, accessTime));
907  }
908 
909  if (!StringUtils.isEmpty(title)) {
910  webHistoryArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_TITLE, moduleName, title));
911  }
912  if (!StringUtils.isEmpty(referrer)) {
913  webHistoryArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_REFERRER, moduleName, referrer));
914  }
915 
916  if (!StringUtils.isEmpty(programName)) {
917  webHistoryArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME, moduleName, programName));
918  }
919  if (!StringUtils.isEmpty(url)) {
920  webHistoryArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DOMAIN, moduleName, NetworkUtils.extractDomain(url)));
921  }
922 
923  // Add other specified attributes
924  for (BlackboardAttribute otherAttribute: otherAttributesList) {
925  webHistoryArtifact.addAttribute(otherAttribute);
926  }
927 
928  // post artifact
929  Case.getCurrentCase().getSleuthkitCase().getBlackboard().postArtifact(webHistoryArtifact, this.moduleName);
930  } catch (TskCoreException ex) {
931  logger.log(Level.SEVERE, "Unable to add bookmark artifact", ex); //NON-NLS
932  return null;
933  }
934  catch (Blackboard.BlackboardException ex) {
935  logger.log(Level.SEVERE, String.format("Unable to post artifact %s", ((webHistoryArtifact != null)? webHistoryArtifact.getArtifactID() : "")), ex); //NON-NLS
936  }
937 
938  // return the artifact
939  return webHistoryArtifact;
940  }
941 
952  public BlackboardArtifact addWebDownload(String path, long startTime, String url, String progName) {
953  return addWebDownload(path, startTime, url, progName, Collections.<BlackboardAttribute>emptyList() );
954  }
955 
968  public BlackboardArtifact addWebDownload(String path, long startTime, String url, String programName,
969  Collection<BlackboardAttribute> otherAttributesList ) {
970 
971  BlackboardArtifact webDownloadArtifact = null;
972  try {
973  // Create artifact
974  webDownloadArtifact = dbAbstractFile.newArtifact(ARTIFACT_TYPE.TSK_WEB_DOWNLOAD);
975 
976  // Add basic attributes
977  webDownloadArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_URL, moduleName, url));
978  if (startTime > 0) {
979  webDownloadArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED, moduleName, startTime));
980  }
981  webDownloadArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PATH, moduleName, path));
982 
984 // long pathID = Util.findID(dataSource, downloadedFilePath);
985 // if (pathID != -1) {
986 // bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PATH_ID, moduleName, pathID));
987 // }
988 
989  if (!StringUtils.isEmpty(programName)) {
990  webDownloadArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME, moduleName, programName));
991  }
992  if (!StringUtils.isEmpty(url)) {
993  webDownloadArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DOMAIN, moduleName, NetworkUtils.extractDomain(url)));
994  }
995 
996  // Add other specified attributes
997  for (BlackboardAttribute otherAttribute: otherAttributesList) {
998  webDownloadArtifact.addAttribute(otherAttribute);
999  }
1000 
1001  // post artifact
1002  Case.getCurrentCase().getSleuthkitCase().getBlackboard().postArtifact(webDownloadArtifact, this.moduleName);
1003  } catch (TskCoreException ex) {
1004  logger.log(Level.SEVERE, "Unable to add web download artifact", ex); //NON-NLS
1005  return null;
1006  }
1007  catch (Blackboard.BlackboardException ex) {
1008  logger.log(Level.SEVERE, String.format("Unable to post artifact %s", ((webDownloadArtifact != null)? webDownloadArtifact.getArtifactID() : "")), ex); //NON-NLS
1009  }
1010 
1011  // return the artifact
1012  return webDownloadArtifact;
1013  }
1014 
1015 
1027  public BlackboardArtifact addWebFormAutofill(String name, String value,
1028  long creationTime, long accessTime, int count) {
1029  return addWebFormAutofill(name, value, creationTime, accessTime, count,
1030  Collections.<BlackboardAttribute>emptyList() );
1031  }
1032 
1045  public BlackboardArtifact addWebFormAutofill(String name, String value,
1046  long creationTime, long accessTime, int count,
1047  Collection<BlackboardAttribute> otherAttributesList ) {
1048  BlackboardArtifact webFormAutofillArtifact = null;
1049  try {
1050  // Create artifact
1051  webFormAutofillArtifact = dbAbstractFile.newArtifact(ARTIFACT_TYPE.TSK_WEB_FORM_AUTOFILL);
1052 
1053  // Add basic attributes
1054  webFormAutofillArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME, moduleName, name));
1055  webFormAutofillArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_VALUE, moduleName, value));
1056  if (creationTime > 0) {
1057  webFormAutofillArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_CREATED, moduleName, creationTime));
1058  }
1059  if (accessTime > 0) {
1060  webFormAutofillArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED, moduleName, accessTime));
1061  }
1062  if (count > 0) {
1063  webFormAutofillArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_COUNT, moduleName, count));
1064  }
1065 
1066  // Add other specified attributes
1067  for (BlackboardAttribute otherAttribute: otherAttributesList) {
1068  webFormAutofillArtifact.addAttribute(otherAttribute);
1069  }
1070 
1071  // post artifact
1072  Case.getCurrentCase().getSleuthkitCase().getBlackboard().postArtifact(webFormAutofillArtifact, this.moduleName);
1073  } catch (TskCoreException ex) {
1074  logger.log(Level.SEVERE, "Unable to add web form autofill artifact", ex); //NON-NLS
1075  return null;
1076  }
1077  catch (Blackboard.BlackboardException ex) {
1078  logger.log(Level.SEVERE, String.format("Unable to post artifact %s", ((webFormAutofillArtifact != null)? webFormAutofillArtifact.getArtifactID() : "")), ex); //NON-NLS
1079  }
1080 
1081  // return the artifact
1082  return webFormAutofillArtifact;
1083  }
1084 
1085 
1099  public BlackboardArtifact addWebFormAddress(String personName, String email,
1100  String phoneNumber, String mailingAddress,
1101  long creationTime, long accessTime, int count ) {
1102  return addWebFormAddress(personName, email, phoneNumber,
1103  mailingAddress, creationTime, accessTime, count,
1104  Collections.<BlackboardAttribute>emptyList() );
1105  }
1106 
1121  public BlackboardArtifact addWebFormAddress(String personName, String email,
1122  String phoneNumber, String mailingAddress,
1123  long creationTime, long accessTime, int count,
1124  Collection<BlackboardAttribute> otherAttributesList ) {
1125 
1126  BlackboardArtifact webFormAddressArtifact = null;
1127  try {
1128  // Create artifact
1129  webFormAddressArtifact = dbAbstractFile.newArtifact(ARTIFACT_TYPE.TSK_WEB_FORM_AUTOFILL);
1130 
1131  // Add basic attributes
1132  webFormAddressArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME, moduleName, personName));
1133  if (creationTime > 0) {
1134  webFormAddressArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_CREATED, moduleName, creationTime));
1135  }
1136  if (accessTime > 0) {
1137  webFormAddressArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED, moduleName, accessTime));
1138  }
1139  if (count > 0) {
1140  webFormAddressArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_COUNT, moduleName, count));
1141  }
1142 
1143  if (!StringUtils.isEmpty(email)) {
1144  webFormAddressArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_EMAIL, moduleName, email));
1145  }
1146  if (!StringUtils.isEmpty(phoneNumber)) {
1147  webFormAddressArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PHONE_NUMBER, moduleName, phoneNumber));
1148  }
1149  if (!StringUtils.isEmpty(mailingAddress)) {
1150  webFormAddressArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_LOCATION, moduleName, mailingAddress));
1151  }
1152 
1153  // Add other specified attributes
1154  for (BlackboardAttribute otherAttribute: otherAttributesList) {
1155  webFormAddressArtifact.addAttribute(otherAttribute);
1156  }
1157 
1158  // post artifact
1159  Case.getCurrentCase().getSleuthkitCase().getBlackboard().postArtifact(webFormAddressArtifact, this.moduleName);
1160  } catch (TskCoreException ex) {
1161  logger.log(Level.SEVERE, "Unable to add web form address artifact", ex); //NON-NLS
1162  return null;
1163  }
1164  catch (Blackboard.BlackboardException ex) {
1165  logger.log(Level.SEVERE, String.format("Unable to post artifact %s", ((webFormAddressArtifact != null)? webFormAddressArtifact.getArtifactID() : "")), ex); //NON-NLS
1166  }
1167 
1168  // return the artifact
1169  return webFormAddressArtifact;
1170  }
1171 
1180  public BlackboardArtifact addInstalledProgram(String programName, long dateInstalled) {
1181  return addInstalledProgram(programName, dateInstalled,
1182  Collections.<BlackboardAttribute>emptyList() );
1183  }
1184 
1194  public BlackboardArtifact addInstalledProgram(String programName, long dateInstalled,
1195  Collection<BlackboardAttribute> otherAttributesList ) {
1196 
1197  BlackboardArtifact installedProgramArtifact = null;
1198  try {
1199  // Create artifact
1200  installedProgramArtifact = dbAbstractFile.newArtifact(ARTIFACT_TYPE.TSK_INSTALLED_PROG);
1201 
1202  // Add basic attributes
1203  installedProgramArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME, moduleName, programName));
1204  if (dateInstalled > 0) {
1205  installedProgramArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME, moduleName, dateInstalled));
1206  }
1207 
1208  // Add other specified attributes
1209  for (BlackboardAttribute otherAttribute: otherAttributesList) {
1210  installedProgramArtifact.addAttribute(otherAttribute);
1211  }
1212 
1213  // post artifact
1214  Case.getCurrentCase().getSleuthkitCase().getBlackboard().postArtifact(installedProgramArtifact, this.moduleName);
1215  } catch (TskCoreException ex) {
1216  logger.log(Level.SEVERE, "Unable to add installed program artifact", ex); //NON-NLS
1217  return null;
1218  }
1219  catch (Blackboard.BlackboardException ex) {
1220  logger.log(Level.SEVERE, String.format("Unable to post artifact %s", ((installedProgramArtifact != null)? installedProgramArtifact.getArtifactID() : "")), ex); //NON-NLS
1221  }
1222 
1223  // return the artifact
1224  return installedProgramArtifact;
1225  }
1226 
1227 
1239  public BlackboardArtifact addGPSLocation(double latitude, double longitude,
1240  long timeStamp, String poiName, String programName) {
1241 
1242  return addGPSLocation(latitude, longitude, timeStamp, poiName, programName,
1243  Collections.<BlackboardAttribute>emptyList());
1244  }
1245 
1258  public BlackboardArtifact addGPSLocation(double latitude, double longitude, long timeStamp, String name, String programName,
1259  Collection<BlackboardAttribute> otherAttributesList) {
1260 
1261  BlackboardArtifact gpsTrackpointArtifact = null;
1262  try {
1263  // Create artifact
1264  gpsTrackpointArtifact = dbAbstractFile.newArtifact(ARTIFACT_TYPE.TSK_GPS_TRACKPOINT);
1265 
1266  // Add basic attributes
1267  gpsTrackpointArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_GEO_LATITUDE, moduleName, latitude));
1268  gpsTrackpointArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_GEO_LONGITUDE, moduleName, longitude));
1269  if (timeStamp > 0) {
1270  gpsTrackpointArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME, moduleName, timeStamp));
1271  }
1272 
1273  if (!StringUtils.isEmpty(name)) {
1274  gpsTrackpointArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME, moduleName, name));
1275  }
1276 
1277  if (!StringUtils.isEmpty(programName)) {
1278  gpsTrackpointArtifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME, moduleName, programName));
1279  }
1280 
1281  // Add other specified attributes
1282  for (BlackboardAttribute otherAttribute: otherAttributesList) {
1283  gpsTrackpointArtifact.addAttribute(otherAttribute);
1284  }
1285 
1286  // post artifact
1287  Case.getCurrentCase().getSleuthkitCase().getBlackboard().postArtifact(gpsTrackpointArtifact, this.moduleName);
1288  } catch (TskCoreException ex) {
1289  logger.log(Level.SEVERE, "Unable to add GPS trackpoint artifact", ex); //NON-NLS
1290  return null;
1291  }
1292  catch (Blackboard.BlackboardException ex) {
1293  logger.log(Level.SEVERE, String.format("Unable to post artifact %s", ((gpsTrackpointArtifact != null)? gpsTrackpointArtifact.getArtifactID() : "")), ex); //NON-NLS
1294  }
1295 
1296  // return the artifact
1297  return gpsTrackpointArtifact;
1298  }
1299 
1307  private String addressListToString(Collection<Account.Address> addressList) {
1308 
1309  String toAddresses = "";
1310  if (addressList != null && (!addressList.isEmpty())) {
1311  StringBuilder toAddressesSb = new StringBuilder();
1312  for(Account.Address address : addressList) {
1313  String displayAddress = !StringUtils.isEmpty(address.getDisplayName()) ? address.getDisplayName() : address.getUniqueID();
1314  toAddressesSb = toAddressesSb.length() > 0 ? toAddressesSb.append(",").append(displayAddress) : toAddressesSb.append(displayAddress);
1315  }
1316  toAddresses = toAddressesSb.toString();
1317  }
1318 
1319  return toAddresses;
1320  }
1321 }
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addGPSLocation
BlackboardArtifact addGPSLocation(double latitude, double longitude, long timeStamp, String poiName, String programName)
Definition: AppDBParserHelper.java:1239
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addMessage
BlackboardArtifact addMessage(String messageType, CommunicationDirection direction, Account.Address fromAddress, Account.Address toAddress, long dateTime, MessageReadStatusEnum readStatus, String subject, String messageText, String threadId, Collection< BlackboardAttribute > otherAttributesList)
Definition: AppDBParserHelper.java:356
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addCalllog
BlackboardArtifact addCalllog(CommunicationDirection direction, Account.Address fromAddress, Collection< Account.Address > toAddressList, long startDateTime, long endDateTime, CallMediaType mediaType, Collection< BlackboardAttribute > otherAttributesList)
Definition: AppDBParserHelper.java:641
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.AppDBParserHelper
AppDBParserHelper(String moduleName, AbstractFile dbFile)
Definition: AppDBParserHelper.java:168
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addContact
BlackboardArtifact addContact(String contactAccountUniqueID, String contactName, String phoneNumber, String homePhoneNumber, String mobilePhoneNumber, String emailAddr)
Definition: AppDBParserHelper.java:192
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addWebBookmark
BlackboardArtifact addWebBookmark(String url, String title, long creationTime, String progName)
Definition: AppDBParserHelper.java:724
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addCalllog
BlackboardArtifact addCalllog(CommunicationDirection direction, Account.Address fromAddress, Account.Address toAddress, long startDateTime, long endDateTime, CallMediaType mediaType)
Definition: AppDBParserHelper.java:533
org.sleuthkit.autopsy.coreutils.NetworkUtils.extractDomain
static String extractDomain(String urlString)
Definition: NetworkUtils.java:112
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.AppDBParserHelper
AppDBParserHelper(String moduleName, AbstractFile dbFile, Account.Type accountsType, Account.Type selfAccountType, Account.Address selfAccountAddress)
Definition: AppDBParserHelper.java:149
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addressListToString
String addressListToString(Collection< Account.Address > addressList)
Definition: AppDBParserHelper.java:1307
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addWebFormAddress
BlackboardArtifact addWebFormAddress(String personName, String email, String phoneNumber, String mailingAddress, long creationTime, long accessTime, int count, Collection< BlackboardAttribute > otherAttributesList)
Definition: AppDBParserHelper.java:1121
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addWebHistory
BlackboardArtifact addWebHistory(String url, long accessTime, String referrer, String title, String programName, Collection< BlackboardAttribute > otherAttributesList)
Definition: AppDBParserHelper.java:894
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addCalllog
BlackboardArtifact addCalllog(CommunicationDirection direction, Account.Address fromAddress, Collection< Account.Address > toAddressList, long startDateTime, long endDateTime, CallMediaType mediaType)
Definition: AppDBParserHelper.java:612
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addWebDownload
BlackboardArtifact addWebDownload(String path, long startTime, String url, String programName, Collection< BlackboardAttribute > otherAttributesList)
Definition: AppDBParserHelper.java:968
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addWebHistory
BlackboardArtifact addWebHistory(String url, long accessTime, String referrer, String title, String programName)
Definition: AppDBParserHelper.java:874
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addInstalledProgram
BlackboardArtifact addInstalledProgram(String programName, long dateInstalled)
Definition: AppDBParserHelper.java:1180
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addCalllog
BlackboardArtifact addCalllog(CommunicationDirection direction, Account.Address fromAddress, Account.Address toAddress, long startDateTime, long endDateTime)
Definition: AppDBParserHelper.java:510
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addContact
BlackboardArtifact addContact(String contactAccountUniqueID, String contactName, String phoneNumber, String homePhoneNumber, String mobilePhoneNumber, String emailAddr, Collection< BlackboardAttribute > additionalAttributes)
Definition: AppDBParserHelper.java:219
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.createAccountInstance
AccountFileInstance createAccountInstance(Account.Type accountType, String accountUniqueID)
Definition: AppDBParserHelper.java:278
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addWebBookmark
BlackboardArtifact addWebBookmark(String url, String title, long creationTime, String progName, Collection< BlackboardAttribute > otherAttributesList)
Definition: AppDBParserHelper.java:740
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addGPSLocation
BlackboardArtifact addGPSLocation(double latitude, double longitude, long timeStamp, String name, String programName, Collection< BlackboardAttribute > otherAttributesList)
Definition: AppDBParserHelper.java:1258
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addCalllog
BlackboardArtifact addCalllog(CommunicationDirection direction, Account.Address fromAddress, Account.Address toAddress, long startDateTime, long endDateTime, CallMediaType mediaType, Collection< BlackboardAttribute > otherAttributesList)
Definition: AppDBParserHelper.java:557
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addRelationship
void addRelationship(AccountFileInstance selfAccountInstance, AccountFileInstance otherAccountInstance, BlackboardArtifact sourceArtifact, Relationship.Type relationshipType, long dateTime)
Definition: AppDBParserHelper.java:292
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.AppDBParserHelper
AppDBParserHelper(String moduleName, AbstractFile dbFile, Account.Type accountsType)
Definition: AppDBParserHelper.java:124
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addMessage
BlackboardArtifact addMessage(String messageType, CommunicationDirection direction, Account.Address fromAddress, Account.Address toAddress, long dateTime, MessageReadStatusEnum readStatus, String subject, String messageText, String threadId)
Definition: AppDBParserHelper.java:323
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addWebFormAutofill
BlackboardArtifact addWebFormAutofill(String name, String value, long creationTime, long accessTime, int count, Collection< BlackboardAttribute > otherAttributesList)
Definition: AppDBParserHelper.java:1045
org.sleuthkit.autopsy.coreutils.Logger.getLogger
synchronized static Logger getLogger(String name)
Definition: Logger.java:124
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addMessage
BlackboardArtifact addMessage(String messageType, CommunicationDirection direction, Account.Address fromAddress, List< Account.Address > recipientsList, long dateTime, MessageReadStatusEnum readStatus, String subject, String messageText, String threadId)
Definition: AppDBParserHelper.java:393
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addMessage
BlackboardArtifact addMessage(String messageType, CommunicationDirection direction, Account.Address fromAddress, List< Account.Address > recipientsList, long dateTime, MessageReadStatusEnum readStatus, String subject, String messageText, String threadId, Collection< BlackboardAttribute > otherAttributesList)
Definition: AppDBParserHelper.java:407
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addInstalledProgram
BlackboardArtifact addInstalledProgram(String programName, long dateInstalled, Collection< BlackboardAttribute > otherAttributesList)
Definition: AppDBParserHelper.java:1194
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addWebFormAutofill
BlackboardArtifact addWebFormAutofill(String name, String value, long creationTime, long accessTime, int count)
Definition: AppDBParserHelper.java:1027
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addWebCookie
BlackboardArtifact addWebCookie(String url, long creationTime, String name, String value, String programName, Collection< BlackboardAttribute > otherAttributesList)
Definition: AppDBParserHelper.java:815
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addWebFormAddress
BlackboardArtifact addWebFormAddress(String personName, String email, String phoneNumber, String mailingAddress, long creationTime, long accessTime, int count)
Definition: AppDBParserHelper.java:1099
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addWebCookie
BlackboardArtifact addWebCookie(String url, long creationTime, String name, String value, String programName)
Definition: AppDBParserHelper.java:795
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addWebDownload
BlackboardArtifact addWebDownload(String path, long startTime, String url, String progName)
Definition: AppDBParserHelper.java:952
org.sleuthkit.autopsy.coreutils.AppDBParserHelper.addCalllog
BlackboardArtifact addCalllog(CommunicationDirection direction, Account.Address fromAddress, Collection< Account.Address > toAddressList, long startDateTime, long endDateTime)
Definition: AppDBParserHelper.java:586

Copyright © 2012-2018 Basis Technology. Generated on: Wed Sep 18 2019
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.