mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-17 18:17:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6793 from markmckinnon/7238-Complete-replacement-of-legacy-Android-Analyzer-module

Browse Source 
7238 complete replacement of legacy android analyzer module
This commit is contained in:
Richard Cordovano 2021-04-06 15:00:39 -04:00 committed by GitHub
commit 13864d5555
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 544 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

292
Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/LeappFileProcessor.java
View File

@ -77,6 +77,11 @@ import org.sleuthkit.datamodel.blackboardutils.CommunicationArtifactsHelper;
import org.sleuthkit.datamodel.blackboardutils.CommunicationArtifactsHelper.CallMediaType; import org.sleuthkit.datamodel.blackboardutils.CommunicationArtifactsHelper.CallMediaType;
import org.sleuthkit.datamodel.blackboardutils.CommunicationArtifactsHelper.CommunicationDirection; import org.sleuthkit.datamodel.blackboardutils.CommunicationArtifactsHelper.CommunicationDirection;
import org.sleuthkit.datamodel.blackboardutils.CommunicationArtifactsHelper.MessageReadStatus; import org.sleuthkit.datamodel.blackboardutils.CommunicationArtifactsHelper.MessageReadStatus;
import org.sleuthkit.datamodel.blackboardutils.GeoArtifactsHelper;
import org.sleuthkit.datamodel.blackboardutils.attributes.GeoTrackPoints;
import org.sleuthkit.datamodel.blackboardutils.attributes.GeoTrackPoints.TrackPoint;
import org.sleuthkit.datamodel.blackboardutils.attributes.GeoWaypoints;
import org.sleuthkit.datamodel.blackboardutils.attributes.GeoWaypoints.Waypoint;
import org.sleuthkit.datamodel.blackboardutils.attributes.MessageAttachments; import org.sleuthkit.datamodel.blackboardutils.attributes.MessageAttachments;
import org.sleuthkit.datamodel.blackboardutils.attributes.MessageAttachments.FileAttachment; import org.sleuthkit.datamodel.blackboardutils.attributes.MessageAttachments.FileAttachment;
import org.w3c.dom.Document; import org.w3c.dom.Document;
@ -149,24 +154,41 @@ public final class LeappFileProcessor {
.build(); .build();
private static final Map<String, String> ACCOUNT_RELATIONSHIPS = ImmutableMap.<String, String>builder() private static final Map<String, String> ACCOUNT_RELATIONSHIPS = ImmutableMap.<String, String>builder()
.put("Zapya.tsv", "message") .put("zapya.tsv", "message")
.put("sms messages.tsv", "message") .put("sms messages.tsv", "message")
.put("mms messages.tsv", "message") .put("mms messages.tsv", "message")
.put("Viber - Messages.tsv", "message") .put("viber - messages.tsv", "message")
.put("Viber - Contacts.tsv", "contact") .put("viber - contacts.tsv", "contact")
.put("Viber - Call Logs.tsv", "calllog") .put("viber - call logs.tsv", "calllog")
.put("Xender file transfer - Messages.tsv", "message") .put("xender file transfer - messages.tsv", "message")
.put("Whatsapp - Contacts.tsv", "contact") .put("xender file transfer - contacts.tsv", "contact")
.put("Whatsapp - Group Call Logs.tsv", "calllog") .put("whatsapp - contacts.tsv", "contact")
.put("Whatsapp - Single Call Logs.tsv", "calllog") .put("whatsapp - group call logs.tsv", "calllog")
.put("Whatsapp - Messages Logs.tsv", "message") .put("whatsapp - single call logs.tsv", "calllog")
.put("Shareit file transfer.tsv", "message") .put("whatsapp - messages logs.tsv", "message")
.put("shareit file transfer.tsv", "message")
.put("tangomessages messages.tsv", "message") .put("tangomessages messages.tsv", "message")
.put("contacts.tsv", "contact")
.put("imo - accountid.tsv", "contact")
.put("imo - messages.tsv", "message")
.put("textnow - contacts.tsv", "contact")
.put("textnow - messages.tsv", "message")
.put("line - messages.tsv", "message")
.put("line - contacts.tsv", "contact")
.put("line - calllogs.tsv", "calllog")
.put("skype - messages logs.tsv", "message")
.put("skype - contacts.tsv", "contact")
.put("skype - call logs.tsv", "calllog")
.put("facebook messenger - chats.tsv", "message")
.put("facebook messenger - contacts.tsv", "contact")
.put("facebook messenger - calls.tsv", "calllog")
.put("call logs2.tsv", "calllog")
.put("call logs.tsv", "calllog")
.put("oruxmaps tracks.tsv", "trackpoint")
.put("google map locations.tsv", "route")
.put("Contacts.tsv", "contact") .put("Contacts.tsv", "contact")
.put("IMO - AccountId.tsv", "contact") .put("sms - imessage.tsv", "message")
.put("IMO - messages.tsv", "message") .put("call history.tsv", "calllog")
.put("SMS - iMessage.tsv", "message")
.put("Call History.tsv", "calllog")
.build(); .build();
Blackboard blkBoard; Blackboard blkBoard;
@ -319,6 +341,10 @@ public final class LeappFileProcessor {
List<BlackboardArtifact> bbartifacts, Content dataSource) throws FileNotFoundException, IOException, IngestModuleException, List<BlackboardArtifact> bbartifacts, Content dataSource) throws FileNotFoundException, IOException, IngestModuleException,
TskCoreException { TskCoreException {
String trackpointSegmentName = null;
GeoTrackPoints pointList = new GeoTrackPoints();
AbstractFile geoAbstractFile = null;
if (LeappFile == null || !LeappFile.exists() || fileName == null) { if (LeappFile == null || !LeappFile.exists() || fileName == null) {
logger.log(Level.WARNING, String.format("Leap file: %s is null or does not exist", LeappFile == null ? LeappFile.toString() : "<null>")); logger.log(Level.WARNING, String.format("Leap file: %s is null or does not exist", LeappFile == null ? LeappFile.toString() : "<null>"));
return; return;
@ -349,7 +375,7 @@ public final class LeappFileProcessor {
Collection<BlackboardAttribute> bbattributes = processReadLine(columnItems, columnIndexes, attrList, fileName, lineNum); Collection<BlackboardAttribute> bbattributes = processReadLine(columnItems, columnIndexes, attrList, fileName, lineNum);
if (!bbattributes.isEmpty()) { if (!bbattributes.isEmpty()) {
switch (ACCOUNT_RELATIONSHIPS.getOrDefault(fileName, "norelationship").toLowerCase()) { switch (ACCOUNT_RELATIONSHIPS.getOrDefault(fileName.toLowerCase(), "norelationship").toLowerCase()) {
case "message": case "message":
createMessageRelationship(bbattributes, dataSource, fileName); createMessageRelationship(bbattributes, dataSource, fileName);
break; break;
@ -359,6 +385,12 @@ public final class LeappFileProcessor {
case "calllog": case "calllog":
createCalllogRelationship(bbattributes, dataSource, fileName); createCalllogRelationship(bbattributes, dataSource, fileName);
break; break;
case "route":
createRoute(bbattributes, dataSource, fileName);
break;
case "trackpoint":
geoAbstractFile = createTrackpoint(bbattributes, dataSource, fileName, trackpointSegmentName, pointList);
break;
default: // There is no relationship defined so just process the artifact normally default: // There is no relationship defined so just process the artifact normally
BlackboardArtifact bbartifact = createArtifactWithAttributes(artifactType.getTypeID(), dataSource, bbattributes); BlackboardArtifact bbartifact = createArtifactWithAttributes(artifactType.getTypeID(), dataSource, bbattributes);
if (bbartifact != null) { if (bbartifact != null) {
@ -372,7 +404,157 @@ public final class LeappFileProcessor {
} }
} }
} }
try {
if (ACCOUNT_RELATIONSHIPS.getOrDefault(fileName.toLowerCase(), "norelationship").toLowerCase() == "trackpoint") {
(new GeoArtifactsHelper(Case.getCurrentCaseThrows().getSleuthkitCase(), moduleName, "", geoAbstractFile)).addTrack(trackpointSegmentName, pointList, new ArrayList<>());
} }
} catch (NoCurrentCaseException | TskCoreException | BlackboardException ex) {
throw new IngestModuleException(Bundle.LeappFileProcessor_cannot_create_message_relationship() + ex.getLocalizedMessage(), ex); //NON-NLS
}
}
@NbBundle.Messages({
"LeappFileProcessor.cannot.create.waypoint.relationship=Cannot create TSK_WAYPOINT artifact.",
})
private void createRoute (Collection<BlackboardAttribute> bbattributes, Content dataSource, String fileName) throws IngestModuleException {
Double startLatitude = Double.valueOf(0);
Double startLongitude = Double.valueOf(0);
Double endLatitude = Double.valueOf(0);
Double endLongitude = Double.valueOf(0);
Double zeroValue = Double.valueOf(0);
String destinationName = "";
String locationName = "";
Long dateTime = Long.valueOf(0);
Collection<BlackboardAttribute> otherAttributes = new ArrayList<>();
String sourceFile = null;
AbstractFile absFile = null;
String comment = "";
try {
for (BlackboardAttribute bba : bbattributes) {
switch (bba.getAttributeType().getTypeName()) {
case "TSK_GEO_LATITUDE_START":
startLatitude = bba.getValueDouble();
break;
case "TSK_GEO_LONGITUDE_START":
startLongitude = bba.getValueDouble();
break;
case "TSK_GEO_LATITUDE_END":
startLatitude = bba.getValueDouble();
break;
case "TSK_GEO_LONGITUDE_END":
startLongitude = bba.getValueDouble();
break;
case "TSK_DATETIME":
dateTime = bba.getValueLong();
break;
case "TSK_NAME":
destinationName = bba.getValueString();
break;
case "TSK_LOCATION":
locationName = bba.getValueString();
break;
case "TSK_TEXT_FILE":
sourceFile = bba.getValueString();
break;
case "TSK_COMMENT":
comment = bba.getValueString();
break;
default:
otherAttributes.add(bba);
break;
}
}
absFile = findAbstractFile(dataSource, sourceFile);
if (absFile == null) {
absFile = (AbstractFile) dataSource;
}
GeoWaypoints waypointList = new GeoWaypoints();
waypointList.addPoint(new Waypoint(startLatitude, startLongitude, zeroValue, ""));
waypointList.addPoint(new Waypoint(endLatitude, endLongitude, zeroValue, locationName));
(new GeoArtifactsHelper(Case.getCurrentCaseThrows().getSleuthkitCase(), moduleName, comment, absFile)).addRoute(destinationName, dateTime, waypointList, new ArrayList<>());
} catch (NoCurrentCaseException | TskCoreException | BlackboardException ex) {
throw new IngestModuleException(Bundle.LeappFileProcessor_cannot_create_waypoint_relationship() + ex.getLocalizedMessage(), ex); //NON-NLS
}
}
@NbBundle.Messages({
"LeappFileProcessor.cannot.create.trackpoint.relationship=Cannot create TSK_TRACK_POINT artifact.",
})
private AbstractFile createTrackpoint(Collection<BlackboardAttribute> bbattributes, Content dataSource, String fileName, String trackpointSegmentName, GeoTrackPoints pointList) throws IngestModuleException {
Double latitude = Double.valueOf(0);
Double longitude = Double.valueOf(0);
Double altitude = Double.valueOf(0);
Double zeroValue = Double.valueOf(0);
String segmentName = null;
Long dateTime = Long.valueOf(0);
Collection<BlackboardAttribute> otherAttributes = new ArrayList<>();
String sourceFile = null;
String comment = null;
AbstractFile absFile = null;
try {
for (BlackboardAttribute bba : bbattributes) {
switch (bba.getAttributeType().getTypeName()) {
case "TSK_GEO_LATITUDE":
latitude = bba.getValueDouble();
break;
case "TSK_GEO_LONGITUDE":
longitude = bba.getValueDouble();
break;
case "TSK_GEO_ALTITUDE":
altitude = bba.getValueDouble();
break;
case "TSK_DATETIME":
dateTime = bba.getValueLong();
break;
case "TSK_NAME":
segmentName = bba.getValueString();
break;
case "TSK_TEXT_FILE":
sourceFile = bba.getValueString();
break;
case "TSK_COMMENT":
comment = bba.getValueString();
otherAttributes.add(bba);
break;
default:
otherAttributes.add(bba);
break;
}
}
absFile = findAbstractFile(dataSource, sourceFile);
if (absFile == null) {
absFile = (AbstractFile) dataSource;
}
if ((trackpointSegmentName == null) || (trackpointSegmentName == segmentName)) {
trackpointSegmentName = segmentName;
pointList.addPoint(new TrackPoint(latitude, longitude, altitude, segmentName, zeroValue, zeroValue, zeroValue, dateTime));
} else {
(new GeoArtifactsHelper(Case.getCurrentCaseThrows().getSleuthkitCase(), moduleName, comment, absFile)).addTrack(segmentName, pointList, new ArrayList<>());
trackpointSegmentName = segmentName;
pointList = new GeoTrackPoints();
pointList.addPoint(new TrackPoint(latitude, longitude, altitude, segmentName, zeroValue, zeroValue, zeroValue, dateTime));
}
} catch (NoCurrentCaseException | TskCoreException | BlackboardException ex) {
throw new IngestModuleException(Bundle.LeappFileProcessor_cannot_create_trackpoint_relationship() + ex.getLocalizedMessage(), ex); //NON-NLS
}
return absFile;
}
@NbBundle.Messages({ @NbBundle.Messages({
"LeappFileProcessor.cannot.create.message.relationship=Cannot create TSK_MESSAGE Relationship.", "LeappFileProcessor.cannot.create.message.relationship=Cannot create TSK_MESSAGE Relationship.",
@ -381,6 +563,7 @@ public final class LeappFileProcessor {
private void createMessageRelationship(Collection<BlackboardAttribute> bbattributes, Content dataSource, String fileName) throws IngestModuleException { private void createMessageRelationship(Collection<BlackboardAttribute> bbattributes, Content dataSource, String fileName) throws IngestModuleException {
String messageType = null; String messageType = null;
String alternateId = null;
CommunicationDirection communicationDirection = CommunicationDirection.UNKNOWN; CommunicationDirection communicationDirection = CommunicationDirection.UNKNOWN;
String senderId = null; String senderId = null;
String receipentId = null; String receipentId = null;
@ -442,6 +625,10 @@ public final class LeappFileProcessor {
case "TSK_SUBJECT": case "TSK_SUBJECT":
subject = bba.getValueString(); subject = bba.getValueString();
break; break;
case "TSK_ID":
alternateId = bba.getValueString();
otherAttributes.add(bba);
break;
default: default:
otherAttributes.add(bba); otherAttributes.add(bba);
break; break;
@ -450,10 +637,15 @@ public final class LeappFileProcessor {
AbstractFile absFile = findAbstractFile(dataSource, sourceFile); AbstractFile absFile = findAbstractFile(dataSource, sourceFile);
if (absFile == null) { if (absFile == null) {
absFile = (AbstractFile) dataSource; absFile = (AbstractFile) dataSource;
} Account.Type accountType = getAccountType(fileName); }
Account.Type accountType = getAccountType(fileName);
if ((absFile != null) || (accountType != null)) { if ((absFile != null) || (accountType != null)) {
CommunicationArtifactsHelper accountArtifact = new CommunicationArtifactsHelper(Case.getCurrentCaseThrows().getSleuthkitCase(), CommunicationArtifactsHelper accountArtifact = new CommunicationArtifactsHelper(Case.getCurrentCaseThrows().getSleuthkitCase(),
moduleName, absFile, accountType); moduleName, absFile, accountType);
} else {
accountArtifact = new CommunicationArtifactsHelper(Case.getCurrentCaseThrows().getSleuthkitCase(),
moduleName, absFile, accountType, accountType, alternateId);
}
BlackboardArtifact messageArtifact = accountArtifact.addMessage(messageType, communicationDirection, senderId, BlackboardArtifact messageArtifact = accountArtifact.addMessage(messageType, communicationDirection, senderId,
receipentId, dateTime, messageStatus, subject, receipentId, dateTime, messageStatus, subject,
messageText, threadId, otherAttributes); messageText, threadId, otherAttributes);
@ -468,6 +660,9 @@ public final class LeappFileProcessor {
} }
@NbBundle.Messages({
"LeappFileProcessor.cannot.create.contact.relationship=Cannot create TSK_CONTACT Relationship.",
})
private void createContactRelationship(Collection<BlackboardAttribute> bbattributes, Content dataSource, String fileName) throws IngestModuleException { private void createContactRelationship(Collection<BlackboardAttribute> bbattributes, Content dataSource, String fileName) throws IngestModuleException {
String alternateId = null; String alternateId = null;
@ -506,6 +701,7 @@ public final class LeappFileProcessor {
break; break;
case "TSK_ID": case "TSK_ID":
alternateId = bba.getValueString(); alternateId = bba.getValueString();
otherAttributes.add(bba);
break; break;
default: default:
otherAttributes.add(bba); otherAttributes.add(bba);
@ -513,8 +709,11 @@ public final class LeappFileProcessor {
} }
} }
AbstractFile absFile = findAbstractFile(dataSource, sourceFile); AbstractFile absFile = findAbstractFile(dataSource, sourceFile);
if (absFile == null) {
absFile = (AbstractFile) dataSource;
}
Account.Type accountType = getAccountType(fileName); Account.Type accountType = getAccountType(fileName);
if ((absFile != null) || (accountType != null)) { if (accountType != null) {
CommunicationArtifactsHelper accountArtifact; CommunicationArtifactsHelper accountArtifact;
if (alternateId == null) { if (alternateId == null) {
@ -527,14 +726,18 @@ public final class LeappFileProcessor {
BlackboardArtifact messageArtifact = accountArtifact.addContact(contactName, phoneNumber, homePhoneNumber, mobilePhoneNumber, emailAddr, otherAttributes); BlackboardArtifact messageArtifact = accountArtifact.addContact(contactName, phoneNumber, homePhoneNumber, mobilePhoneNumber, emailAddr, otherAttributes);
} }
} catch (NoCurrentCaseException | TskCoreException | BlackboardException ex) { } catch (NoCurrentCaseException | TskCoreException | BlackboardException ex) {
throw new IngestModuleException(Bundle.LeappFileProcessor_cannot_create_message_relationship() + ex.getLocalizedMessage(), ex); //NON-NLS throw new IngestModuleException(Bundle.LeappFileProcessor_cannot_create_contact_relationship() + ex.getLocalizedMessage(), ex); //NON-NLS
}
} }
} @NbBundle.Messages({
"LeappFileProcessor.cannot.create.calllog.relationship=Cannot create TSK_CALLLOG Relationship.",
})
private void createCalllogRelationship(Collection<BlackboardAttribute> bbattributes, Content dataSource, String fileName) throws IngestModuleException { private void createCalllogRelationship(Collection<BlackboardAttribute> bbattributes, Content dataSource, String fileName) throws IngestModuleException {
String callerId = null; String callerId = null;
String alternateId = null;
List<String> calleeId = Arrays.asList(); List<String> calleeId = Arrays.asList();
CommunicationDirection communicationDirection = CommunicationDirection.UNKNOWN; CommunicationDirection communicationDirection = CommunicationDirection.UNKNOWN;
Long startDateTime = Long.valueOf(0); Long startDateTime = Long.valueOf(0);
@ -573,6 +776,10 @@ public final class LeappFileProcessor {
calleeId = Arrays.asList(calleeTempList); calleeId = Arrays.asList(calleeTempList);
} }
break; break;
case "TSK_ID":
alternateId = bba.getValueString();
otherAttributes.add(bba);
break;
default: default:
otherAttributes.add(bba); otherAttributes.add(bba);
break; break;
@ -585,14 +792,21 @@ public final class LeappFileProcessor {
callerId = null; callerId = null;
} }
AbstractFile absFile = findAbstractFile(dataSource, sourceFile); AbstractFile absFile = findAbstractFile(dataSource, sourceFile);
Account.Type accountType = getAccountType(fileName); if (absFile == null) {
if ((absFile != null) || (accountType != null)) { absFile = (AbstractFile) dataSource;
CommunicationArtifactsHelper accountArtifact = new CommunicationArtifactsHelper(Case.getCurrentCaseThrows().getSleuthkitCase(),
moduleName, absFile, accountType);
BlackboardArtifact callLogArtifact = accountArtifact.addCalllog(communicationDirection, callerId, calleeId, startDateTime, endDateTime, mediaType, otherAttributes);
} }
Account.Type accountType = getAccountType(fileName);
CommunicationArtifactsHelper accountArtifact;
if (accountType != null) {
accountArtifact = new CommunicationArtifactsHelper(Case.getCurrentCaseThrows().getSleuthkitCase(),
moduleName, absFile, accountType);
} else {
accountArtifact = new CommunicationArtifactsHelper(Case.getCurrentCaseThrows().getSleuthkitCase(),
moduleName, absFile, accountType, accountType, alternateId);
}
BlackboardArtifact callLogArtifact = accountArtifact.addCalllog(communicationDirection, callerId, calleeId, startDateTime, endDateTime, mediaType, otherAttributes);
} catch (NoCurrentCaseException | TskCoreException | BlackboardException ex) { } catch (NoCurrentCaseException | TskCoreException | BlackboardException ex) {
throw new IngestModuleException(Bundle.LeappFileProcessor_cannot_create_message_relationship() + ex.getLocalizedMessage(), ex); //NON-NLS throw new IngestModuleException(Bundle.LeappFileProcessor_cannot_create_calllog_relationship() + ex.getLocalizedMessage(), ex); //NON-NLS
} }
} }
@ -609,6 +823,10 @@ public final class LeappFileProcessor {
return Account.Type.IMO; return Account.Type.IMO;
case "imo - messages.tsv": case "imo - messages.tsv":
return Account.Type.IMO; return Account.Type.IMO;
case "textnow - contacts.tsv":
return Account.Type.TEXTNOW;
case "textnow - messages.tsv":
return Account.Type.TEXTNOW;
case "mms messages.tsv": case "mms messages.tsv":
return Account.Type.PHONE; return Account.Type.PHONE;
case "viber - call logs.tsv": case "viber - call logs.tsv":
@ -619,6 +837,8 @@ public final class LeappFileProcessor {
return Account.Type.VIBER; return Account.Type.VIBER;
case "xender file transfer - messages.tsv": case "xender file transfer - messages.tsv":
return Account.Type.XENDER; return Account.Type.XENDER;
case "xender file transfer - contacts.tsv":
return Account.Type.XENDER;
case "whatsapp - single call logs.tsv": case "whatsapp - single call logs.tsv":
return Account.Type.WHATSAPP; return Account.Type.WHATSAPP;
case "whatsapp - messages logs.tsv": case "whatsapp - messages logs.tsv":
@ -631,6 +851,28 @@ public final class LeappFileProcessor {
return Account.Type.TANGO; return Account.Type.TANGO;
case "shareit file transfer.tsv": case "shareit file transfer.tsv":
return Account.Type.SHAREIT; return Account.Type.SHAREIT;
case "line - calllogs.tsv":
return Account.Type.LINE;
case "line - contacts.tsv":
return Account.Type.LINE;
case "line - messages.tsv":
return Account.Type.LINE;
case "skype - call logs.tsv":
return Account.Type.SKYPE;
case "skype - contacts.tsv":
return Account.Type.SKYPE;
case "skype - messages logs.tsv":
return Account.Type.SKYPE;
case "facebook messenger - calls.tsv":
return Account.Type.FACEBOOK;
case "facebook messenger - contacts.tsv":
return Account.Type.FACEBOOK;
case "facebook messenger - chats.tsv":
return Account.Type.FACEBOOK;
case "call logs2.tsv":
return Account.Type.PHONE;
case "call logs.tsv":
return Account.Type.PHONE;
case "sms - imessage.tsv": case "sms - imessage.tsv":
return Account.Type.PHONE; return Account.Type.PHONE;
default: default:

300
Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/aleap-artifact-attribute-reference.xml
View File

@ -396,8 +396,8 @@
<FileName filename="Viber - Contacts.tsv" description="Viber"> <FileName filename="Viber - Contacts.tsv" description="Viber">
<ArtifactName artifactname="TSK_CONTACT" comment="Viber Contacts"> <ArtifactName artifactname="TSK_CONTACT" comment="Viber Contacts">
<AttributeName attributename="TSK_NAME" columnName="display name" required="yes" /> <AttributeName attributename="TSK_NAME" columnName="Display Name" required="yes" />
<AttributeName attributename="TSK_PHONE_NUMBER" columnName="phone number" required="yes"/> <AttributeName attributename="TSK_PHONE_NUMBER" columnName="Phone Number" required="yes"/>
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/> <AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName> </ArtifactName>
</FileName> </FileName>
@ -405,7 +405,7 @@
<FileName filename="Viber - Call Logs.tsv" description="Viber"> <FileName filename="Viber - Call Logs.tsv" description="Viber">
<ArtifactName artifactname="TSK_CALLLOG" comment="Viber Contacts"> <ArtifactName artifactname="TSK_CALLLOG" comment="Viber Contacts">
<AttributeName attributename="TSK_DATETIME_START" columnName="Call Start Time" required="yes" /> <AttributeName attributename="TSK_DATETIME_START" columnName="Call Start Time" required="yes" />
<AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="phone number" required="yes"/> <AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="Phone Number" required="yes"/>
<AttributeName attributename="TSK_DIRECTION" columnName="Call Direction" required="yes"/> <AttributeName attributename="TSK_DIRECTION" columnName="Call Direction" required="yes"/>
<AttributeName attributename="TSK_DATETIME_END" columnName="Call End Time" required="yes"/> <AttributeName attributename="TSK_DATETIME_END" columnName="Call End Time" required="yes"/>
<AttributeName attributename="null" columnName="Call Type" required="no"/> <AttributeName attributename="null" columnName="Call Type" required="no"/>
@ -447,45 +447,56 @@
<FileName filename="Whatsapp - Single Call Logs.tsv" description="Whatsapp"> <FileName filename="Whatsapp - Single Call Logs.tsv" description="Whatsapp">
<ArtifactName artifactname="TSK_CALLLOG" comment="Whatsapp Single Call Log"> <ArtifactName artifactname="TSK_CALLLOG" comment="Whatsapp Single Call Log">
<AttributeName attributename="TSK_DATETIME_START" columnName="start_time" required="yes" /> <AttributeName attributename="TSK_DATETIME_START" columnName="Start Time" required="yes" />
<AttributeName attributename="null" columnName="call_type" required="no"/> <AttributeName attributename="null" columnName="Call Type" required="no"/>
<AttributeName attributename="TSK_DATETIME_END" columnName="end_time" required="yes"/> <AttributeName attributename="TSK_DATETIME_END" columnName="End Time" required="yes"/>
<AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="num" required="yes"/> <AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="Number" required="yes"/>
<AttributeName attributename="TSK_DIRECTION" columnName="call_direction" required="yes"/> <AttributeName attributename="TSK_DIRECTION" columnName="Call Direction" required="yes"/>
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/> <AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName> </ArtifactName>
</FileName> </FileName>
<FileName filename="Whatsapp - Group Call Logs.tsv" description="Whatsapp"> <FileName filename="Whatsapp - Group Call Logs.tsv" description="Whatsapp">
<ArtifactName artifactname="TSK_CALLLOG" comment="Whatsapp Group Call Log"> <ArtifactName artifactname="TSK_CALLLOG" comment="Whatsapp Group Call Log">
<AttributeName attributename="null" columnName="call_type" required="no"/> <AttributeName attributename="TSK_DATETIME_START" columnName="Start Time" required="yes" />
<AttributeName attributename="TSK_DATETIME_START" columnName="start_time" required="yes" /> <AttributeName attributename="TSK_DATETIME_END" columnName="End Time" required="yes"/>
<AttributeName attributename="TSK_DATETIME_END" columnName="end_time" required="yes"/> <AttributeName attributename="null" columnName="Call Type" required="no"/>
<AttributeName attributename="TSK_DIRECTION" columnName="call_direction" required="yes"/> <AttributeName attributename="TSK_DIRECTION" columnName="Call Direction" required="yes"/>
<AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="from_id" required="yes"/> <AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="From ID" required="yes"/>
<AttributeName attributename="TSK_PHONE_NUMBER_TO" columnName="group_members" required="yes"/> <AttributeName attributename="TSK_PHONE_NUMBER_TO" columnName="Group Members" required="yes"/>
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Line - Calllogs.tsv" description="Line - Calllogs">
<ArtifactName artifactname="TSK_CALLLOG" comment="LineCall Log">
<AttributeName attributename="TSK_DATETIME_START" columnName="Start Time" required="yes" />
<AttributeName attributename="TSK_DATETIME_END" columnName="End Time" required="yes"/>
<AttributeName attributename="TSK_PHONE_NUMBER_TO" columnName="To ID" required="yes"/>
<AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="From ID" required="yes"/>
<AttributeName attributename="TSK_DIRECTION" columnName="Direction" required="yes"/>
<AttributeName attributename="null" columnName="Call Type" required="no"/>
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/> <AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName> </ArtifactName>
</FileName> </FileName>
<FileName filename="Whatsapp - Contacts.tsv" description="Whatsapp"> <FileName filename="Whatsapp - Contacts.tsv" description="Whatsapp">
<ArtifactName artifactname="TSK_CONTACT" comment="Whatsapp Contacts"> <ArtifactName artifactname="TSK_CONTACT" comment="Whatsapp Contacts">
<AttributeName attributename="TSK_EMAIL" columnName="number" required="yes"/> <AttributeName attributename="TSK_ID" columnName="Number" required="yes"/>
<AttributeName attributename="TSK_NAME" columnName="name" required="yes" /> <AttributeName attributename="TSK_NAME" columnName="Name" required="yes" />
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/> <AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName> </ArtifactName>
</FileName> </FileName>
<FileName filename="Whatsapp - Messages.tsv" description="Whatsapp"> <FileName filename="Whatsapp - Messages Logs.tsv" description="Whatsapp">
<ArtifactName artifactname="TSK_MESSAGE" comment="Whatsapp Messages"> <ArtifactName artifactname="TSK_MESSAGE" comment="Whatsapp Messages">
<AttributeName attributename="TSK_THREAD_ID" columnName="messages_id" required="yes"/> <AttributeName attributename="TSK_DATETIME" columnName="Send Timestamp" required="yes" />
<AttributeName attributename="TSK_PHONE_NUMBER_TO" columnName="recipients" required="yes"/> <AttributeName attributename="TSK_THREAD_ID" columnName="Message ID" required="yes"/>
<AttributeName attributename="TSK_DIRECTION" columnName="direction" required="yes"/> <AttributeName attributename="TSK_PHONE_NUMBER_TO" columnName="Recipients" required="yes"/>
<AttributeName attributename="TSK_TEXT" columnName="content" required="yes"/> <AttributeName attributename="TSK_DIRECTION" columnName="Direction" required="yes"/>
<AttributeName attributename="TSK_DATETIME" columnName="send_timestamp" required="yes" /> <AttributeName attributename="TSK_TEXT" columnName="Content" required="yes"/>
<AttributeName attributename="null" columnName="received_timestamp" required="no"/> <AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="Group Sender" required="yes"/>
<AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="number" required="yes"/> <AttributeName attributename="TSK_ATTACHMENTS" columnName="Attachment" required="yes" />
<AttributeName attributename="TSK_ATTACHMENTS" columnName="name" required="yes" />
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/> <AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName> </ArtifactName>
</FileName> </FileName>
@ -501,4 +512,243 @@
</ArtifactName> </ArtifactName>
</FileName> </FileName>
<FileName filename="Textnow - Contacts.tsv" description="Textnow - Contacts">
<ArtifactName artifactname="TSK_CONTACT" comment="Textnow Contacts">
<AttributeName attributename="TSK_PHONE_NUMBER" columnName="number" required="yes"/>
<AttributeName attributename="TSK_NAME" columnName="name" required="yes" />
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Textnow - Messages.tsv" description="Textnow - Messages">
<ArtifactName artifactname="TSK_MESSAGE" comment="Textnow Messages">
<AttributeName attributename="TSK_DATETIME_START" columnName="Send T imestamp" required="yes" />
<AttributeName attributename="TSK_THREAD_ID" columnName="Message ID" required="yes"/>
<AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="From ID" required="yes"/>
<AttributeName attributename="TSK_PHONE_NUMBER_TO" columnName="To ID" required="yes"/>
<AttributeName attributename="TSK_DIRECTION" columnName="Direction" required="yes"/>
<AttributeName attributename="TSK_TEXT" columnName="Message" required="yes"/>
<AttributeName attributename="TSK_READ_STATUS" columnName="Read" required="yes"/>
<AttributeName attributename="TSK_ATTACHMENTS" columnName="Attachment" required="yes" />
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Shareit file transfer.tsv" description="Shareit - Messages">
<ArtifactName artifactname="TSK_MESSAGE" comment="Shareit Messages">
<AttributeName attributename="TSK_DIRECTION" columnName="direction" required="yes"/>
<AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="from_id" required="yes"/>
<AttributeName attributename="TSK_PHONE_NUMBER_TO" columnName="to_id" required="yes"/>
<AttributeName attributename="null" columnName="device_name" required="no"/>
<AttributeName attributename="null" columnName="description" required="no"/>
<AttributeName attributename="TSK_DATETIME_START" columnName="timestamp" required="yes" />
<AttributeName attributename="TSK_ATTACHMENTS" columnName="file_path" required="yes" />
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Xender file transfer - contacts.tsv" description="Xender file transfer - contacts">
<ArtifactName artifactname="TSK_CONTACT" comment="Xender Contacts">
<AttributeName attributename="TSK_ID" columnName="device_id" required="yes"/>
<AttributeName attributename="TSK_NAME" columnName="nick_name" required="yes" />
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="IMO - AccountId.tsv" description="IMO - Contacts">
<ArtifactName artifactname="TSK_CONTACT" comment="IMO Contacts">
<AttributeName attributename="TSK_ID" columnName="Account ID" required="yes"/>
<AttributeName attributename="TSK_NAME" columnName="Name" required="yes" />
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="IMO - Messages.tsv" description="IMO - Messages">
<ArtifactName artifactname="TSK_MESSAGE" comment="IMO Messages">
<AttributeName attributename="TSK_DATETIME_START" columnName="Timestamp" required="yes" />
<AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="From ID" required="yes"/>
<AttributeName attributename="TSK_PHONE_NUMBER_TO" columnName="To ID" required="yes"/>
<AttributeName attributename="TSK_TEXT" columnName="Last Message" required="yes"/>
<AttributeName attributename="TSK_DIRECTION" columnName="Direction" required="yes"/>
<AttributeName attributename="TSK_READ_STATUS" columnName="Message Read" required="yes"/>
<AttributeName attributename="TSK_ATTACHMENTS" columnName="Attachment" required="yes" />
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="tangomessages messages.tsv" description="tangomessages messages">
<ArtifactName artifactname="TSK_MESSAGE" comment="Tango Messages">
<AttributeName attributename="TSK_DATETIME_START" columnName="Create Time" required="yes" />
<AttributeName attributename="TSK_DIRECTION" columnName="Direction" required="yes"/>
<AttributeName attributename="TSK_TEXT" columnName="Message" required="yes"/>
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Line - messages.tsv" description="Line - Messages">
<ArtifactName artifactname="TSK_MESSAGE" comment="Line Messages">
<AttributeName attributename="TSK_DATETIME_START" columnName="Start Time" required="yes" />
<AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="From ID" required="yes"/>
<AttributeName attributename="TSK_PHONE_NUMBER_TO" columnName="To ID" required="yes"/>
<AttributeName attributename="TSK_DIRECTION" columnName="Direction" required="yes"/>
<AttributeName attributename="TSK_THREAD_ID" columnName="Thread ID" required="yes"/>
<AttributeName attributename="TSK_TEXT" columnName="Message" required="yes"/>
<AttributeName attributename="TSK_ATTACHMENTS" columnName="Attachments" required="yes" />
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Line - Contacts.tsv" description="Line - Contacts">
<ArtifactName artifactname="TSK_CONTACT" comment="Line Contacts">
<AttributeName attributename="TSK_ID" columnName="user_id" required="yes"/>
<AttributeName attributename="TSK_NAME" columnName="user_name" required="yes" />
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Skype - Contacts.tsv" description="Skype - Contacts">
<ArtifactName artifactname="TSK_CONTACT" comment="Skype Contacts">
<AttributeName attributename="TSK_ID" columnName="Entry ID" required="yes"/>
<AttributeName attributename="TSK_NAME" columnName="Name" required="yes" />
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Skype - Call Logs.tsv" description="Skype - Calllogs">
<ArtifactName artifactname="TSK_CALLLOG" comment="Skype Call Log">
<AttributeName attributename="TSK_DATETIME_START" columnName="Start Time" required="yes" />
<AttributeName attributename="TSK_DATETIME_END" columnName="End Time" required="yes"/>
<AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="From ID" required="yes"/>
<AttributeName attributename="TSK_PHONE_NUMBER_TO" columnName="To Id" required="yes"/>
<AttributeName attributename="TSK_DIRECTION" columnName="Call Direction" required="yes"/>
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Skype - Messages Logs.tsv" description="Skype - Messages">
<ArtifactName artifactname="TSK_MESSAGE" comment="Skype Messages">
<AttributeName attributename="TSK_DATETIME_START" columnName="Send Time" required="yes" />
<AttributeName attributename="TSK_THREAD_ID" columnName="Thread ID" required="yes"/>
<AttributeName attributename="TSK_TEXT" columnName="Content" required="yes"/>
<AttributeName attributename="TSK_DIRECTION" columnName="Direction" required="yes"/>
<AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="From ID" required="yes"/>
<AttributeName attributename="TSK_PHONE_NUMBER_TO" columnName="To ID" required="yes"/>
<AttributeName attributename="TSK_ATTACHMENTS" columnName="Attachment" required="yes" />
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Facebook Messenger - Contacts.tsv" description="Facebook Messenger - Contacts">
<ArtifactName artifactname="TSK_CONTACT" comment="Facebook Messenger - Contacts">
<AttributeName attributename="TSK_ID" columnName="User ID" required="yes"/>
<AttributeName attributename="null" columnName="First Name" required="no"/>
<AttributeName attributename="null" columnName="Last Name" required="no"/>
<AttributeName attributename="TSK_NAME" columnName="Username" required="yes" />
<AttributeName attributename="null" columnName="Profile Pic URL" required="no"/>
<AttributeName attributename="null" columnName="Is App User" required="no"/>
<AttributeName attributename="null" columnName="Is Friend" required="no"/>
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Facebook Messenger - Calls.tsv" description="Facebook Messenger - Calls">
<ArtifactName artifactname="TSK_CALLLOG" comment="Facebook Messenger - Calls">
<AttributeName attributename="TSK_DATETIME_START" columnName="Timestamp" required="yes" />
<AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="Caller ID" required="no"/>
<AttributeName attributename="null" columnName="Receiver Name" required="no"/>
<AttributeName attributename="TSK_PHONE_NUMBER_TO" columnName="Receiver ID" required="yes"/>
<AttributeName attributename="null" columnName="Call Duration" required="no"/>
<AttributeName attributename="null" columnName="Video Call" required="no"/>
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Facebook Messenger - Chats.tsv" description="Facebook Messenger - Chats">
<ArtifactName artifactname="TSK_MESSAGE" comment="Facebook Messenger - Chats">
<AttributeName attributename="TSK_DATETIME_START" columnName="Timestamp" required="yes" />
<AttributeName attributename="null" columnName="Sender Name" required="no"/>
<AttributeName attributename="TSK_ID" columnName="Sender ID" required="yes"/>
<AttributeName attributename="TSK_THREAD_ID" columnName="Thread Key" required="yes"/>
<AttributeName attributename="TSK_TEXT" columnName="Message" required="yes"/>
<AttributeName attributename="null" columnName="Snippet" required="no"/>
<AttributeName attributename="TSK_ATTACHMENTS" columnName="Attachment Name" required="yes" />
<AttributeName attributename="null" columnName="Share Name" required="no"/>
<AttributeName attributename="null" columnName="Share Description" required="no"/>
<AttributeName attributename="null" columnName="Share Link" required="no"/>
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Call Logs2.tsv" description="Call Logs.tsv">
<ArtifactName artifactname="TSK_CALLLOG" comment="Call Logs">
<AttributeName attributename="TSK_PHONE_NUMBER_FROM" columnName="from_id" required="no"/>
<AttributeName attributename="TSK_PHONE_NUMBER_TO" columnName="to_id" required="yes"/>
<AttributeName attributename="TSK_DATETIME_START" columnName="start_date" required="yes" />
<AttributeName attributename="TSK_DATETIME_END" columnName="end_date" required="yes" />
<AttributeName attributename="TSK_DIRECTION" columnName="direction" required="no"/>
<AttributeName attributename="null" columnName="name" required="no"/>
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Cache Locations.tsv" description="Browser Locations.tsv">
<ArtifactName artifactname="TSK_GPS_BOOKMARK" comment="Cache Location">
<AttributeName attributename="null" columnName="accuracy" required="no" />
<AttributeName attributename="null" columnName="confidence" required="no" />
<AttributeName attributename="TSK_GEO_LATITUDE" columnName="latitude" required="yes"/>
<AttributeName attributename="TSK_GEO_LONGITUDE" columnName="longitude" required="yes"/>
<AttributeName attributename="TSK_DATETIME" columnName="readtime" required="yes" />
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Browser Locations.tsv" description="Browser Locations.tsv">
<ArtifactName artifactname="TSK_GPS_BOOKMARK" comment="Browser Location">
<AttributeName attributename="TSK_DATETIME" columnName="timestamp" required="yes" />
<AttributeName attributename="TSK_GEO_LATITUDE" columnName="latitude" required="yes"/>
<AttributeName attributename="TSK_GEO_LONGITUDE" columnName="longitude" required="yes"/>
<AttributeName attributename="null" columnName="accuracy" required="no" />
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Oruxmaps POI.tsv" description="Oruxmaps POI.tsv">
<ArtifactName artifactname="TSK_GPS_BOOKMARK" comment="Oruxmaps POI">
<AttributeName attributename="TSK_GEO_LATITUDE" columnName="poilat" required="yes"/>
<AttributeName attributename="TSK_GEO_LONGITUDE" columnName="poilon" required="yes"/>
<AttributeName attributename="TSK_GEO_ALTITUDE" columnName="poialt" required="yes" />
<AttributeName attributename="TSK_DATETIME" columnName="poitime" required="yes" />
<AttributeName attributename="TSK_NAME" columnName="poiname" required="yes"/>
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Oruxmaps Tracks.tsv" description="Oruxmaps Tracks">
<ArtifactName artifactname="TSK_GPS_TRACK" comment="Oruxmaps Tracks">
<AttributeName attributename="null" columnName="track id" required="no"/>
<AttributeName attributename="null" columnName="track name" required="no"/>
<AttributeName attributename="null" columnName="track description" required="no"/>
<AttributeName attributename="TSK_NAME" columnName="segment name" required="yes"/>
<AttributeName attributename="TSK_GEO_LATITUDE" columnName="latitude" required="yes"/>
<AttributeName attributename="TSK_GEO_LONGITUDE" columnName="longitude" required="yes"/>
<AttributeName attributename="TSK_GEO_ALTITUDE" columnName="altimeter" required="yes" />
<AttributeName attributename="TSK_DATETIME" columnName="datetime" required="yes" />
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
<FileName filename="Google Map Locations.tsv" description="Google Map Locations">
<ArtifactName artifactname="TSK_GPS_ROUTE" comment="Google Map Locations">
<AttributeName attributename="TSK_DATETIME" columnName="timestamp" required="yes" />
<AttributeName attributename="TSK_GEO_LATITUDE_END" columnName="destination_latitude" required="yes"/>
<AttributeName attributename="TSK_GEO_LONGITUDE_END" columnName="destination_longitude" required="yes"/>
<AttributeName attributename="TSK_NAME" columnName="destination_title" required="yes"/>
<AttributeName attributename="TSK_LOCATION" columnName="destination_address" required="yes"/>
<AttributeName attributename="TSK_GEO_LATITUDE_START" columnName="source_latitude" required="yes"/>
<AttributeName attributename="TSK_GEO_LONGITUDE_START" columnName="source_longitude" required="yes"/>
<AttributeName attributename="TSK_TEXT_FILE" columnName="source file" required="yes"/>
</ArtifactName>
</FileName>
</aLeap_Files_To_Process> </aLeap_Files_To_Process>

BIN
thirdparty/aLeapp/aleapp.exe vendored
View File

Binary file not shown.