Autopsy  4.18.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
Classes | Public Member Functions | Private Member Functions | Private Attributes | Static Private Attributes | List of all members
org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary Class Reference

Inherits org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultUpdateGovernor.

Classes

class  DailyActivityAmount
 
interface  DataSourceFilterFunction
 
class  TimelineSummaryData
 

Public Member Functions

 TimelineSummary ()
 
 TimelineSummary (SleuthkitCaseProvider caseProvider, Supplier< TimeZone > timeZoneProvider, DataSourceFilterFunction filterFunction)
 
default Set< Case.Events > getCaseEventUpdates ()
 
TimelineSummaryData getData (DataSource dataSource, int recentDaysNum) throws SleuthkitCaseProviderException, TskCoreException, NoCurrentCaseException
 
Set< IngestManager.IngestJobEvent > getIngestJobEventUpdates ()
 
default boolean isRefreshRequired (ModuleDataEvent evt)
 
default boolean isRefreshRequired (IngestManager.IngestJobEvent evt)
 
boolean isRefreshRequired (ModuleContentEvent evt)
 
boolean isRefreshRequired (AbstractFile file)
 
boolean isRefreshRequired (IngestManager.IngestJobEvent evt)
 
default boolean isRefreshRequiredForCaseEvent (PropertyChangeEvent evt)
 

Private Member Functions

List< DailyActivityAmountgetMostRecentActivityAmounts (Map< Long, DailyActivityAmount > dateCounts, long minRecentDay, long maxDay)
 
Map< Long, DailyActivityAmountgetTimelineEventsByDay (DataSource dataSource, TimelineManager timelineManager, TimeZone timeZone) throws TskCoreException, NoCurrentCaseException
 

Private Attributes

final SleuthkitCaseProvider caseProvider
 
final DataSourceFilterFunction filterFunction
 
final Supplier< TimeZone > timeZoneProvider
 

Static Private Attributes

static final long DAY_SECS = 24 * 60 * 60
 
static final Set< TimelineEventType > FILE_SYSTEM_EVENTS
 
static final Set< IngestManager.IngestJobEvent > INGEST_JOB_EVENTS
 

Detailed Description

Provides data source summary information pertaining to Timeline data.

Definition at line 51 of file TimelineSummary.java.

Constructor & Destructor Documentation

org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.TimelineSummary ( )
org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.TimelineSummary ( SleuthkitCaseProvider  caseProvider,
Supplier< TimeZone >  timeZoneProvider,
DataSourceFilterFunction  filterFunction 
)

Construct object with given SleuthkitCaseProvider

Parameters
caseProviderSleuthkitCaseProvider provider; cannot be null.
timeZoneProviderThe timezone provider; cannot be null.
filterFunctionProvides the default root filter function filtered to the data source; cannot be null.

Definition at line 102 of file TimelineSummary.java.

References org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.caseProvider, org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.filterFunction, and org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.timeZoneProvider.

Member Function Documentation

default Set<Case.Events> org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultUpdateGovernor.getCaseEventUpdates ( )
inherited
Returns
The set of Case Events for which data should be updated.

Implements org.sleuthkit.autopsy.datasourcesummary.uiutils.UpdateGovernor.

Definition at line 57 of file DefaultUpdateGovernor.java.

TimelineSummaryData org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.getData ( DataSource  dataSource,
int  recentDaysNum 
) throws SleuthkitCaseProviderException, TskCoreException, NoCurrentCaseException

Retrieves timeline summary data.

Parameters
dataSourceThe data source for which timeline data will be retrieved.
recentDaysNumThe maximum number of most recent days' activity to include.
Returns
The retrieved data.
Exceptions
SleuthkitCaseProviderException
TskCoreException
NoCurrentCaseException

Definition at line 140 of file TimelineSummary.java.

References org.sleuthkit.autopsy.datasourcesummary.datamodel.SleuthkitCaseProvider.get(), org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.getMostRecentActivityAmounts(), and org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.getTimelineEventsByDay().

Referenced by org.sleuthkit.autopsy.datasourcesummary.ui.TimelinePanel.TimelinePanel().

Set<IngestManager.IngestJobEvent> org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.getIngestJobEventUpdates ( )
Returns
The set of Ingest Job Events for which data should be updated.

Implements org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultUpdateGovernor.

Definition at line 124 of file TimelineSummary.java.

References org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.INGEST_JOB_EVENTS.

List<DailyActivityAmount> org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.getMostRecentActivityAmounts ( Map< Long, DailyActivityAmount dateCounts,
long  minRecentDay,
long  maxDay 
)
private

Given activity by day, converts to most recent days' activity handling empty values.

Parameters
dateCountsThe day from epoch mapped to activity amounts for that day.
minRecentDayThe minimum recent day in days from epoch.
maxDayThe maximum recent day in days from epoch;
Returns
The most recent daily activity amounts.

Definition at line 183 of file TimelineSummary.java.

Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.getData().

Map<Long, DailyActivityAmount> org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.getTimelineEventsByDay ( DataSource  dataSource,
TimelineManager  timelineManager,
TimeZone  timeZone 
) throws TskCoreException, NoCurrentCaseException
private

Fetches timeline events per day for a particular data source.

Parameters
dataSourceThe data source.
timelineManagerThe timeline manager to use while fetching the data.
timeZoneThe time zone to use to determine which day activity belongs.
Returns
A Map mapping days from epoch to the activity for that day.
Exceptions
TskCoreException
NoCurrentCaseException

Definition at line 209 of file TimelineSummary.java.

References org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.DataSourceFilterFunction.apply(), org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.FILE_SYSTEM_EVENTS, org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.DailyActivityAmount.getArtifactActivityCount(), org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.DailyActivityAmount.getDay(), and org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.DailyActivityAmount.getFileActivityCount().

Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.getData().

default boolean org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultUpdateGovernor.isRefreshRequired ( ModuleDataEvent  evt)
inherited

Given a module data event, whether or not an update should occur.

Parameters
evtThe ModuleDataEvent that is occurring.
Returns
Whether or not this event should trigger an update.

Implements org.sleuthkit.autopsy.datasourcesummary.uiutils.UpdateGovernor.

Implemented in org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultArtifactUpdateGovernor.

Definition at line 47 of file DefaultUpdateGovernor.java.

default boolean org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultUpdateGovernor.isRefreshRequired ( IngestManager.IngestJobEvent  evt)
inherited
boolean org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.isRefreshRequired ( ModuleContentEvent  evt)

Given a module content event, whether or not an update should occur.

Parameters
evtThe ModuleContentEvent.
Returns
Whether or not this event should trigger an update.

Implements org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultUpdateGovernor.

Definition at line 109 of file TimelineSummary.java.

boolean org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.isRefreshRequired ( AbstractFile  evt)

Whether or not a newly added AbstractFile should trigger an update.

Parameters
evtThe AbstractFile.
Returns
True if an update should occur.

Implements org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultUpdateGovernor.

Definition at line 114 of file TimelineSummary.java.

boolean org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.isRefreshRequired ( IngestManager.IngestJobEvent  evt)

Given an ingest job event, determines whether or not an update should occur.

Parameters
evtThe event.
Returns
Whether or not this event should trigger an update.

Implements org.sleuthkit.autopsy.datasourcesummary.uiutils.UpdateGovernor.

Definition at line 119 of file TimelineSummary.java.

References org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.INGEST_JOB_EVENTS.

default boolean org.sleuthkit.autopsy.datasourcesummary.uiutils.DefaultUpdateGovernor.isRefreshRequiredForCaseEvent ( PropertyChangeEvent  evt)
inherited

Given a case event, whether or not an update should occur.

Parameters
evtThe event.
Returns
Whether or not this event should trigger an update.

Implements org.sleuthkit.autopsy.datasourcesummary.uiutils.UpdateGovernor.

Definition at line 37 of file DefaultUpdateGovernor.java.

Member Data Documentation

final SleuthkitCaseProvider org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.caseProvider
private
final long org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.DAY_SECS = 24 * 60 * 60
staticprivate

Definition at line 70 of file TimelineSummary.java.

final Set<TimelineEventType> org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.FILE_SYSTEM_EVENTS
staticprivate
Initial value:
= new HashSet<>(Arrays.asList(
TimelineEventType.FILE_MODIFIED,
TimelineEventType.FILE_ACCESSED,
TimelineEventType.FILE_CREATED,
TimelineEventType.FILE_CHANGED))

Definition at line 75 of file TimelineSummary.java.

Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.getTimelineEventsByDay().

final DataSourceFilterFunction org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.filterFunction
private
final Set<IngestManager.IngestJobEvent> org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.INGEST_JOB_EVENTS
staticprivate
Initial value:
= new HashSet<>(
Arrays.asList(IngestManager.IngestJobEvent.COMPLETED, IngestManager.IngestJobEvent.CANCELLED))

Definition at line 71 of file TimelineSummary.java.

Referenced by org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.getIngestJobEventUpdates(), and org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.isRefreshRequired().

final Supplier<TimeZone> org.sleuthkit.autopsy.datasourcesummary.datamodel.TimelineSummary.timeZoneProvider
private

The documentation for this class was generated from the following file:

Copyright © 2012-2021 Basis Technology. Generated on: Thu Jul 8 2021
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.