Autopsy
4.4.1
Graphical digital forensics platform for The Sleuth Kit and other tools.
|
Inherits SwingWorker< Object, Void >.
Protected Member Functions | |
Object | doInBackground () throws Exception |
void | done () |
Private Member Functions | |
QueryResults | filterResults (QueryResults queryResult) |
void | finalizeSearcher () |
void | updateKeywords () |
Private Attributes | |
boolean | finalRun = false |
SearchJobInfo | job |
List< String > | keywordListNames |
List< KeywordList > | keywordLists |
List< Keyword > | keywords |
Map< Keyword, KeywordList > | keywordToList |
final Logger | logger = Logger.getLogger(SearchRunner.Searcher.class.getName()) |
AggregateProgressHandle | progressGroup |
Searcher responsible for searching the current index and writing results to blackboard and the inbox. Also, posts results to listeners as Ingest data events. Searches entire index, and keeps track of only new results to report and save. Runs as a background thread.
Definition at line 373 of file SearchRunner.java.
|
protected |
Definition at line 403 of file SearchRunner.java.
References org.sleuthkit.autopsy.coreutils.MessageNotifyUtil.Notify.error(), org.sleuthkit.autopsy.keywordsearch.SearchRunner.Searcher.filterResults(), org.sleuthkit.autopsy.keywordsearch.SearchRunner.Searcher.finalizeSearcher(), org.sleuthkit.autopsy.keywordsearch.SearchRunner.SearchJobInfo.getDataSourceId(), org.sleuthkit.autopsy.keywordsearch.SearchRunner.SearchJobInfo.searchNotify(), org.sleuthkit.autopsy.coreutils.StopWatch.start(), org.sleuthkit.autopsy.coreutils.StopWatch.stop(), and org.sleuthkit.autopsy.keywordsearch.SearchRunner.Searcher.updateKeywords().
|
protected |
Definition at line 524 of file SearchRunner.java.
References org.sleuthkit.autopsy.ingest.IngestMessage.createErrorMessage(), and org.sleuthkit.autopsy.ingest.IngestServices.postMessage().
|
private |
This method filters out all of the hits found in earlier periodic searches and returns only the results found by the most recent search.
This method will only return hits for objects for which we haven't previously seen a hit for the keyword.
queryResult | The results returned by a keyword search. |
Definition at line 589 of file SearchRunner.java.
References org.sleuthkit.autopsy.keywordsearch.SearchRunner.SearchJobInfo.addKeywordResults(), and org.sleuthkit.autopsy.keywordsearch.SearchRunner.SearchJobInfo.currentKeywordResults().
Referenced by org.sleuthkit.autopsy.keywordsearch.SearchRunner.Searcher.doInBackground().
|
private |
Performs the cleanup that needs to be done right AFTER doInBackground() returns without relying on done() method that is not guaranteed to run.
Definition at line 565 of file SearchRunner.java.
Referenced by org.sleuthkit.autopsy.keywordsearch.SearchRunner.Searcher.doInBackground().
|
private |
Sync-up the updated keywords from the currently used lists in the XML
Definition at line 543 of file SearchRunner.java.
Referenced by org.sleuthkit.autopsy.keywordsearch.SearchRunner.Searcher.doInBackground().
|
private |
Definition at line 385 of file SearchRunner.java.
|
private |
Searcher has private copies/snapshots of the lists and keywords
Definition at line 378 of file SearchRunner.java.
|
private |
Definition at line 380 of file SearchRunner.java.
|
private |
Definition at line 381 of file SearchRunner.java.
|
private |
Definition at line 379 of file SearchRunner.java.
|
private |
Definition at line 382 of file SearchRunner.java.
|
private |
Definition at line 384 of file SearchRunner.java.
|
private |
Definition at line 383 of file SearchRunner.java.
Copyright © 2012-2016 Basis Technology. Generated on: Fri Sep 29 2017
This work is licensed under a
Creative Commons Attribution-Share Alike 3.0 United States License.