Autopsy  4.9.1
Graphical digital forensics platform for The Sleuth Kit and other tools.
Extract.java
Go to the documentation of this file.
1 /*
2  *
3  * Autopsy Forensic Browser
4  *
5  * Copyright 2012-2018 Basis Technology Corp.
6  *
7  * Copyright 2012 42six Solutions.
8  * Contact: aebadirad <at> 42six <dot> com
9  * Project Contact/Architect: carrier <at> sleuthkit <dot> org
10  *
11  * Licensed under the Apache License, Version 2.0 (the "License");
12  * you may not use this file except in compliance with the License.
13  * You may obtain a copy of the License at
14  *
15  * http://www.apache.org/licenses/LICENSE-2.0
16  *
17  * Unless required by applicable law or agreed to in writing, software
18  * distributed under the License is distributed on an "AS IS" BASIS,
19  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20  * See the License for the specific language governing permissions and
21  * limitations under the License.
22  */
23 package org.sleuthkit.autopsy.recentactivity;
24 
25 import java.sql.ResultSet;
26 import java.sql.ResultSetMetaData;
27 import java.sql.SQLException;
28 import java.util.*;
29 import java.util.logging.Level;
30 import org.openide.util.NbBundle;
31 import org.openide.util.NbBundle.Messages;
32 import org.sleuthkit.autopsy.casemodule.Case;
33 import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;
34 import org.sleuthkit.autopsy.casemodule.services.Blackboard;
35 import org.sleuthkit.autopsy.coreutils.Logger;
36 import org.sleuthkit.autopsy.coreutils.MessageNotifyUtil;
37 import org.sleuthkit.autopsy.coreutils.SQLiteDBConnect;
38 import org.sleuthkit.autopsy.ingest.IngestJobContext;
39 import org.sleuthkit.autopsy.ingest.IngestModule.IngestModuleException;
40 import org.sleuthkit.datamodel.*;
41 
42 abstract class Extract {
43 
44  protected Case currentCase;
45  protected SleuthkitCase tskCase;
46  private final Logger logger = Logger.getLogger(this.getClass().getName());
47  private final ArrayList<String> errorMessages = new ArrayList<>();
48  String moduleName = "";
49  boolean dataFound = false;
50 
51  Extract() {
52  }
53 
54  final void init() throws IngestModuleException {
55  try {
56  currentCase = Case.getCurrentCaseThrows();
57  tskCase = currentCase.getSleuthkitCase();
58  } catch (NoCurrentCaseException ex) {
59  throw new IngestModuleException(Bundle.Extract_indexError_message(), ex);
60  }
61  configExtractor();
62  }
63 
69  void configExtractor() throws IngestModuleException {
70  }
71 
72  abstract void process(Content dataSource, IngestJobContext context);
73 
74  void complete() {
75  }
76 
82  List<String> getErrorMessages() {
83  return errorMessages;
84  }
85 
91  protected void addErrorMessage(String message) {
92  errorMessages.add(message);
93  }
94 
107  protected BlackboardArtifact addArtifact(BlackboardArtifact.ARTIFACT_TYPE type, AbstractFile content, Collection<BlackboardAttribute> bbattributes) {
108  try {
109  BlackboardArtifact bbart = content.newArtifact(type);
110  bbart.addAttributes(bbattributes);
111  // index the artifact for keyword search
112  this.indexArtifact(bbart);
113  return bbart;
114  } catch (TskException ex) {
115  logger.log(Level.SEVERE, "Error while trying to add an artifact", ex); //NON-NLS
116  }
117  return null;
118  }
119 
125  @Messages({"Extract.indexError.message=Failed to index artifact for keyword search.",
126  "Extract.noOpenCase.errMsg=No open case available."})
127  void indexArtifact(BlackboardArtifact bbart) {
128  try {
129  Blackboard blackboard = Case.getCurrentCaseThrows().getServices().getBlackboard();
130  // index the artifact for keyword search
131  blackboard.indexArtifact(bbart);
132  } catch (Blackboard.BlackboardException ex) {
133  logger.log(Level.SEVERE, "Unable to index blackboard artifact " + bbart.getDisplayName(), ex); //NON-NLS
134  MessageNotifyUtil.Notify.error(Bundle.Extract_indexError_message(), bbart.getDisplayName());
135  } catch (NoCurrentCaseException ex) {
136  logger.log(Level.SEVERE, "Exception while getting open case.", ex); //NON-NLS
137  MessageNotifyUtil.Notify.error(Bundle.Extract_noOpenCase_errMsg(), bbart.getDisplayName());
138  }
139  }
140 
152  protected List<HashMap<String, Object>> dbConnect(String path, String query) {
153  ResultSet temprs;
154  List<HashMap<String, Object>> list;
155  String connectionString = "jdbc:sqlite:" + path; //NON-NLS
156  try {
157  SQLiteDBConnect tempdbconnect = new SQLiteDBConnect("org.sqlite.JDBC", connectionString); //NON-NLS
158  temprs = tempdbconnect.executeQry(query);
159  list = this.resultSetToArrayList(temprs);
160  tempdbconnect.closeConnection();
161  } catch (SQLException ex) {
162  logger.log(Level.SEVERE, "Error while trying to read into a sqlite db." + connectionString, ex); //NON-NLS
163  errorMessages.add(NbBundle.getMessage(this.getClass(), "Extract.dbConn.errMsg.failedToQueryDb", getName()));
164  return Collections.<HashMap<String, Object>>emptyList();
165  }
166  return list;
167  }
168 
176  private List<HashMap<String, Object>> resultSetToArrayList(ResultSet rs) throws SQLException {
177  ResultSetMetaData md = rs.getMetaData();
178  int columns = md.getColumnCount();
179  List<HashMap<String, Object>> list = new ArrayList<>(50);
180  while (rs.next()) {
181  HashMap<String, Object> row = new HashMap<>(columns);
182  for (int i = 1; i <= columns; ++i) {
183  if (rs.getObject(i) == null) {
184  row.put(md.getColumnName(i), "");
185  } else {
186  row.put(md.getColumnName(i), rs.getObject(i));
187  }
188  }
189  list.add(row);
190  }
191 
192  return list;
193  }
194 
200  protected String getName() {
201  return moduleName;
202  }
203 
204  public boolean foundData() {
205  return dataFound;
206  }
207 }

Copyright © 2012-2018 Basis Technology. Generated on: Tue Dec 18 2018
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.