Autopsy  4.17.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
AbstractSingleEntityParser.java
Go to the documentation of this file.
1 /*
2  * Autopsy Forensic Browser
3  *
4  * Copyright 2019-2020 Basis Technology Corp.
5  * Contact: carrier <at> sleuthkit <dot> org
6  *
7  * Licensed under the Apache License, Version 2.0 (the "License");
8  * you may not use this file except in compliance with the License.
9  * You may obtain a copy of the License at
10  *
11  * http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing, software
14  * distributed under the License is distributed on an "AS IS" BASIS,
15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * See the License for the specific language governing permissions and
17  * limitations under the License.
18  */
19 package org.sleuthkit.autopsy.datasourceprocessors.xry;
20 
21 import java.io.IOException;
22 import java.nio.file.Path;
23 import java.util.ArrayList;
24 import java.util.List;
25 import java.util.logging.Level;
27 import org.sleuthkit.datamodel.Blackboard.BlackboardException;
28 import org.sleuthkit.datamodel.Content;
29 import org.sleuthkit.datamodel.SleuthkitCase;
30 import org.sleuthkit.datamodel.TskCoreException;
31 
36 abstract class AbstractSingleEntityParser implements XRYFileParser {
37 
38  private static final Logger logger = Logger.getLogger(AbstractSingleEntityParser.class.getName());
39 
40  protected static final String PARSER_NAME = "XRY DSP";
41 
42  @Override
43  public void parse(XRYFileReader reader, Content parent, SleuthkitCase currentCase) throws IOException, TskCoreException, BlackboardException {
44  Path reportPath = reader.getReportPath();
45  logger.log(Level.INFO, String.format("[XRY DSP] Processing report at [ %s ]", reportPath.toString()));
46 
47  while (reader.hasNextEntity()) {
48  String xryEntity = reader.nextEntity();
49  String[] xryLines = xryEntity.split("\n");
50 
51  List<XRYKeyValuePair> keyValuePairs = new ArrayList<>();
52 
53  //First line of the entity is the title, the entity will always be non-empty.
54  logger.log(Level.INFO, String.format("[XRY DSP] Processing [ %s ]", xryLines[0]));
55 
56  String namespace = "";
57  //Process each line, searching for a key value pair or a namespace.
58  for (int i = 1; i < xryLines.length; i++) {
59  String xryLine = xryLines[i];
60 
61  String candidateNamespace = xryLine.trim();
62  //Check if the line is a namespace, which gives context to the keys
63  //that follow.
64  if (isNamespace(candidateNamespace)) {
65  namespace = candidateNamespace;
66  continue;
67  }
68 
69  //Check if this line resembles a Key Value pair.
70  if(!XRYKeyValuePair.isPair(xryLine)) {
71  logger.log(Level.WARNING, String.format("[XRY DSP] Expected a key value "
72  + "pair on this line (in brackets) [ %s ], but one was not detected.",
73  xryLine));
74  continue;
75  }
76 
77  XRYKeyValuePair pair = XRYKeyValuePair.from(xryLine, namespace);
78 
79  //Verify the implementation recognizes the key.
80  if (!canProcess(pair)) {
81  logger.log(Level.WARNING, String.format("[XRY DSP] The following key, "
82  + "value pair (in brackets) [ %s ] was not recognized. Discarding...",
83  pair));
84  continue;
85  }
86 
87  //Empty values are meaningless for blackboard attributes.
88  if (pair.getValue().isEmpty()) {
89  logger.log(Level.WARNING, String.format("[XRY DSP] The following key value pair"
90  + "(in brackets) [ %s ] was recognized, but the value was empty. Discarding...",
91  pair));
92  continue;
93  }
94 
95  keyValuePairs.add(pair);
96  }
97 
98  if(!keyValuePairs.isEmpty()) {
99  makeArtifact(keyValuePairs, parent, currentCase);
100  }
101  }
102  }
103 
108  abstract boolean canProcess(XRYKeyValuePair pair);
109 
125  abstract boolean isNamespace(String nameSpace);
126 
130  abstract void makeArtifact(List<XRYKeyValuePair> keyValuePairs, Content parent, SleuthkitCase currentCase) throws TskCoreException, BlackboardException;
131 
132 }
synchronized static Logger getLogger(String name)
Definition: Logger.java:124

Copyright © 2012-2021 Basis Technology. Generated on: Tue Jan 19 2021
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.