From 59d177ece730484500aa47c91b95ef2fd801aaa2 Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Wed, 2 May 2012 09:21:43 -0700 Subject: [PATCH 01/22] Critical fixes to last update. Signed-off-by: Alex Ebadirad --- .../recentactivity/ExtractRegistry.java | 57 +++++++++++++------ .../autopsy/recentactivity/Firefox.java | 7 ++- .../recentactivity/RAImageIngestService.java | 30 +++++----- .../autopsy/recentactivity/Util.java | 18 ++++++ .../autopsy/report/ReportConfiguration.java | 25 +++++++- .../autopsy/report/reportFilter.java | 10 +++- 6 files changed, 108 insertions(+), 39 deletions(-) diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java index 251c1f68fa..5ad3a1f5b5 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java @@ -43,16 +43,16 @@ public class ExtractRegistry { } else { rrFound = true; } - try { - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - ResultSet artset = tempDb.runQuery("SELECT * from blackboard_artifact_types WHERE type_name = 'TSK_SYS_INFO'"); - - while (artset.next()) { - sysid = artset.getInt("artifact_type_id"); - } - } catch (Exception e) { - } +// try { +// Case currentCase = Case.getCurrentCase(); // get the most updated case +// SleuthkitCase tempDb = currentCase.getSleuthkitCase(); +// ResultSet artset = tempDb.runQuery("SELECT * from blackboard_artifact_types WHERE type_name = 'TSK_SYS_INFO'"); +// +// while (artset.next()) { +// sysid = artset.getInt("artifact_type_id"); +// } +// } catch (Exception e) { +// } final String rrHome = rrRoot.getAbsolutePath(); logger.log(Level.INFO, "RegRipper home: " + rrHome); @@ -191,10 +191,10 @@ public class ExtractRegistry { etime = timenode.getTextTrim(); Long time = null; try { - Long epochtime = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'").parse(etime).getTime(); + Long epochtime = new SimpleDateFormat("EEE MMM d HH:mm:ss yyyy").parse(etime).getTime(); time = epochtime.longValue(); } catch (ParseException e) { - logger.log(Level.SEVERE, "ExtractIE::parsePascosResults() -> ", e.getMessage()); + logger.log(Level.SEVERE, "RegRipper::Conversion on DateTime -> ", e.getMessage()); } Element artroot = tempnode.getChild("artifacts"); List artlist = artroot.getChildren(); @@ -216,16 +216,32 @@ public class ExtractRegistry { // bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_VALUE.getTypeID(), "RecentActivity", context, value)); // bbart.addAttributes(bbattributes); } else if ("usb".equals(context)) { + + Long utime = null; + try { + + utime = Long.parseLong(name); + } catch (Exception e) { + logger.log(Level.SEVERE, "RegRipper::Conversion on DateTime -> ", e.getMessage()); + } + BlackboardArtifact bbart = tempDb.getContentById(orgId).newArtifact(ARTIFACT_TYPE.TSK_DEVICE_ATTACHED); - bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID(), "RecentActivity", context, name)); + bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID(), "RecentActivity", context, utime)); String dev = artnode.getAttributeValue("dev"); bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DEVICE_MODEL.getTypeID(), "RecentActivity", context, dev)); bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DEVICE_ID.getTypeID(), "RecentActivity", context, value)); bbart.addAttributes(bbattributes); } else if ("uninstall".equals(context)) { + Long ftime = null; + try { + Long epochtime = new SimpleDateFormat("EEE MMM d HH:mm:ss yyyy").parse(name).getTime(); + ftime = epochtime.longValue(); + } catch (ParseException e) { + logger.log(Level.SEVERE, "RegRipper::Conversion on DateTime -> ", e.getMessage()); + } bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID(), "RecentActivity", context, time)); bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID(), "RecentActivity", context, value)); - bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID(), "RecentActivity", context, name)); + bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID(), "RecentActivity", context, ftime)); BlackboardArtifact bbart = tempDb.getContentById(orgId).newArtifact(ARTIFACT_TYPE.TSK_INSTALLED_PROG); bbart.addAttributes(bbattributes); } else if ("WinVersion".equals(context)) { @@ -238,15 +254,22 @@ public class ExtractRegistry { } if (name.contains("InstallDate")) { installdate = value; + Long installtime = null; + try { + Long epochtime = new SimpleDateFormat("EEE MMM d HH:mm:ss yyyy").parse(value).getTime(); + installtime = epochtime.longValue(); + } catch (ParseException e) { + logger.log(Level.SEVERE, "RegRipper::Conversion on DateTime -> ", e.getMessage()); + } bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID(), "RecentActivity", context, winver)); - bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID(), "RecentActivity", context, installdate)); + bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID(), "RecentActivity", context, installtime)); BlackboardArtifact bbart = tempDb.getContentById(orgId).newArtifact(ARTIFACT_TYPE.TSK_INSTALLED_PROG); bbart.addAttributes(bbattributes); } } else { - BlackboardArtifact bbart = tempDb.getContentById(orgId).newArtifact(sysid); - bbart.addAttributes(bbattributes); +// BlackboardArtifact bbart = tempDb.getContentById(orgId).newArtifact(sysid); +// bbart.addAttributes(bbattributes); } } } diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java index 3b4b2c9110..2a9aab42ac 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java @@ -108,8 +108,8 @@ public class Firefox { dbFile.delete(); break; } - - ResultSet temprs = Util.runQuery(ffquery, connectionString); + dbconnect tempdbconnect = new dbconnect("org.sqlite.JDBC", connectionString); + ResultSet temprs = tempdbconnect.executeQry(ffquery); while (temprs.next()) { try { BlackboardArtifact bbart = FFSqlitedb.get(j).newArtifact(ARTIFACT_TYPE.TSK_WEB_HISTORY); @@ -126,6 +126,7 @@ public class Firefox { } } temprs.close(); + tempdbconnect.closeConnection(); @@ -225,7 +226,7 @@ public class Firefox { bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_VALUE.getTypeID(), "RecentActivity", "", temprs.getString("value"))); bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME.getTypeID(), "RecentActivity", "Title", ((temprs.getString("name") != null) ? temprs.getString("name") : ""))); bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID(), "RecentActivity", "", "FireFox")); - bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DOMAIN.getTypeID(), "RecentActivity", "", temprs.getString("host"))); + bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DOMAIN.getTypeID(), "RecentActivity", "", Util.getBaseDomain(temprs.getString("host")))); bbart.addAttributes(bbattributes); } catch (Exception ex) { logger.log(Level.WARNING, "Error while trying to read into a sqlite db.{0}", ex); diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/RAImageIngestService.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/RAImageIngestService.java index c2c0c773bd..354fc82514 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/RAImageIngestService.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/RAImageIngestService.java @@ -79,21 +79,21 @@ public final class RAImageIngestService implements IngestServiceImage { try { //do the work for(FileSystem img : imageFS ) - try { - ResultSet artset = sCurrentCase.runQuery("SELECT * from blackboard_artifact_types WHERE type_name = 'TSK_SYS_INFO'"); - int artcount = 0; - while (artset.next()) { - artcount++; - } - - // artset.beforeFirst(); - if (artcount > 0) { - } else { - int artint = sCurrentCase.addArtifactType("TSK_SYS_INFO", "System Information"); - } - - } catch (Exception e) { - } +// try { +// ResultSet artset = sCurrentCase.runQuery("SELECT * from blackboard_artifact_types WHERE type_name = 'TSK_SYS_INFO'"); +// int artcount = 0; +// while (artset.next()) { +// artcount++; +// } +// +// // artset.beforeFirst(); +// if (artcount > 0) { +// } else { +// int artint = sCurrentCase.addArtifactType("TSK_SYS_INFO", "System Information"); +// } +// +// } catch (Exception e) { +// } ext.extractToBlackboard(controller, fsIds); diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Util.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Util.java index 0d9bc2b17b..28c27199ef 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Util.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Util.java @@ -105,6 +105,24 @@ public class Util { return rt; } + public static String getBaseDomain(String url) { + String host = url; + + int startIndex = 0; + int nextIndex = host.indexOf('.'); + int lastIndex = host.lastIndexOf('.'); + while (nextIndex < lastIndex) { + startIndex = nextIndex + 1; + nextIndex = host.indexOf('.', startIndex); + } + if (startIndex > 0) { + return host.substring(startIndex); + } else { + return host; + } +} + + public static String extractDomain(String value) { if (value == null) { throw new java.lang.NullPointerException("domains to extract"); diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java b/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java index 6ca6a47df7..c705b8753f 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java @@ -60,8 +60,29 @@ class ReportConfiguration { } ; - //setters for generally supported report parts - public void setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE type, Boolean value) throws ReportModuleException { + + //regets everything that occurs in the constructor normally + public void getAllTypes() throws ReportModuleException { + config.clear(); + //now lets get the list from the tsk and current case + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase skCase = currentCase.getSleuthkitCase(); + try { + ArrayList arttypes = skCase.getBlackboardArtifactTypes(); + for (BlackboardArtifact.ARTIFACT_TYPE type : arttypes) { + config.put(type, Boolean.FALSE); + } + + } catch (Exception ex) { + logger.log(Level.WARNING, "Error while trying to retrieve list of artifact types from the TSK case .", ex); + } + + } + + ; + +//setters for generally supported report parts +public void setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE type, Boolean value) throws ReportModuleException { if (config.containsKey(type)) { config.put(type, value); } else { diff --git a/Report/src/org/sleuthkit/autopsy/report/reportFilter.java b/Report/src/org/sleuthkit/autopsy/report/reportFilter.java index e369a4caab..6b5d308baf 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportFilter.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportFilter.java @@ -37,7 +37,7 @@ import org.sleuthkit.datamodel.SleuthkitCase; public class reportFilter extends javax.swing.JPanel { public static ArrayList filters = new ArrayList(); - public static ReportConfiguration config = new ReportConfiguration(); + public static ReportConfiguration config = new ReportConfiguration(); private final Logger logger = Logger.getLogger(this.getClass().getName()); public final reportFilter panel = this; reportPanelAction rpa = new reportPanelAction(); @@ -51,7 +51,13 @@ public class reportFilter extends javax.swing.JPanel { public reportFilter() { initComponents(); cancel = false; - + try{ + config.getAllTypes(); + } + catch(ReportModuleException ex) + { + Logger.getLogger(report.class.getName()).log(Level.SEVERE, "Exception occurred", ex); + } } /** From 36aef683ca96cd3ed8ced51e81fa3f8526e9a565 Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Wed, 2 May 2012 11:56:50 -0700 Subject: [PATCH 02/22] Date fixes for milliseconds on epoch times. Signed-off-by: Alex Ebadirad --- .../src/org/sleuthkit/autopsy/recentactivity/Chrome.java | 5 ++++- .../org/sleuthkit/autopsy/recentactivity/ExtractIE.java | 6 ++++++ .../sleuthkit/autopsy/recentactivity/ExtractRegistry.java | 7 +++++++ 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chrome.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chrome.java index 0025df247b..b02082f2da 100755 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chrome.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chrome.java @@ -346,7 +346,10 @@ public class Chrome { BlackboardArtifact bbart = FFSqlitedb.get(j).newArtifact(ARTIFACT_TYPE.TSK_WEB_DOWNLOAD); Collection bbattributes = new ArrayList(); String domain = Util.extractDomain(temprs.getString("url")); - bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID(), "RecentActivity", "Last Visited", (temprs.getLong("start_time") / 10000))); + Long time = temprs.getLong("start_time"); + String Tempdate = time.toString() + "000"; + time = Long.valueOf(Tempdate); + bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID(), "RecentActivity", "Last Visited", time)); bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_URL.getTypeID(), "RecentActivity", "", ((temprs.getString("url") != null) ? temprs.getString("url") : ""))); //bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME.getTypeID(), "RecentActivity","", ((temprs.getString("title") != null) ? temprs.getString("title").replaceAll("'", "''") : ""))); bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PATH.getTypeID(), "Recent Activity", "", temprs.getString("full_path"))); diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java index 483a302d18..015fda17fa 100755 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java @@ -127,6 +127,8 @@ public class ExtractIE { // implements BrowserActivity { } String name = Favorite.getName(); Long datetime = Favorite.getCrtime(); + String Tempdate = datetime.toString() + "000"; + datetime = Long.valueOf(Tempdate); String domain = Util.extractDomain(url); try { BlackboardArtifact bbart = Favorite.newArtifact(ARTIFACT_TYPE.TSK_WEB_BOOKMARK); @@ -187,6 +189,8 @@ public class ExtractIE { // implements BrowserActivity { String value = values.length > 1 ? values[1] : ""; String name = values.length > 0 ? values[0] : ""; Long datetime = Cookie.getCrtime(); + String Tempdate = datetime.toString() + "000"; + datetime = Long.valueOf(Tempdate); String domain = Util.extractDomain(url); try { BlackboardArtifact bbart = Cookie.newArtifact(ARTIFACT_TYPE.TSK_WEB_COOKIE); @@ -264,6 +268,8 @@ public class ExtractIE { // implements BrowserActivity { String path = Util.getPath(recentString); String name = Util.getFileName(path); Long datetime = Recent.getCrtime(); + String Tempdate = datetime.toString() + "000"; + datetime = Long.valueOf(Tempdate); try { BlackboardArtifact bbart = Recent.newArtifact(ARTIFACT_TYPE.TSK_RECENT_OBJECT); Collection bbattributes = new ArrayList(); diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java index 5ad3a1f5b5..4015ed6455 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java @@ -193,6 +193,8 @@ public class ExtractRegistry { try { Long epochtime = new SimpleDateFormat("EEE MMM d HH:mm:ss yyyy").parse(etime).getTime(); time = epochtime.longValue(); + String Tempdate = time.toString() + "000"; + time = Long.valueOf(Tempdate); } catch (ParseException e) { logger.log(Level.SEVERE, "RegRipper::Conversion on DateTime -> ", e.getMessage()); } @@ -221,6 +223,8 @@ public class ExtractRegistry { try { utime = Long.parseLong(name); + String Tempdate = utime.toString() + "000"; + utime = Long.valueOf(Tempdate); } catch (Exception e) { logger.log(Level.SEVERE, "RegRipper::Conversion on DateTime -> ", e.getMessage()); } @@ -236,6 +240,7 @@ public class ExtractRegistry { try { Long epochtime = new SimpleDateFormat("EEE MMM d HH:mm:ss yyyy").parse(name).getTime(); ftime = epochtime.longValue(); + } catch (ParseException e) { logger.log(Level.SEVERE, "RegRipper::Conversion on DateTime -> ", e.getMessage()); } @@ -258,6 +263,8 @@ public class ExtractRegistry { try { Long epochtime = new SimpleDateFormat("EEE MMM d HH:mm:ss yyyy").parse(value).getTime(); installtime = epochtime.longValue(); + String Tempdate = installtime.toString() + "000"; + installtime = Long.valueOf(Tempdate); } catch (ParseException e) { logger.log(Level.SEVERE, "RegRipper::Conversion on DateTime -> ", e.getMessage()); } From 15136d3a61a7a2a815eb8b4b0894c70f453caa53 Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Wed, 2 May 2012 15:01:29 -0700 Subject: [PATCH 03/22] Readdition of merged files. --- .../autopsy/report/ReportModuleException.java | 33 + .../org/sleuthkit/autopsy/report/report.java | 489 ++++++------- .../autopsy/report/reportAction.java | 119 +-- .../autopsy/report/reportFilter.form | 31 +- .../autopsy/report/reportFilterAction.java | 13 +- .../sleuthkit/autopsy/report/reportHTML.java | 656 ++++++++--------- .../sleuthkit/autopsy/report/reportPanel.form | 2 +- .../sleuthkit/autopsy/report/reportPanel.java | 158 ++-- .../autopsy/report/reportPanelAction.java | 69 +- .../sleuthkit/autopsy/report/reportUtils.java | 76 +- .../sleuthkit/autopsy/report/reportXLS.java | 692 +++++++++--------- .../sleuthkit/autopsy/report/reportXML.java | 292 ++++---- 12 files changed, 1324 insertions(+), 1306 deletions(-) create mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportModuleException.java diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportModuleException.java b/Report/src/org/sleuthkit/autopsy/report/ReportModuleException.java new file mode 100644 index 0000000000..93d61f990b --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/ReportModuleException.java @@ -0,0 +1,33 @@ + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.sleuthkit.autopsy.report; + +//exception thrown by a reporting module when report generation failed +class ReportModuleException extends Exception { + + public ReportModuleException(String msg) { + super(msg); + } + + public ReportModuleException(String msg, Exception ex) { + super(msg, ex); + } +} diff --git a/Report/src/org/sleuthkit/autopsy/report/report.java b/Report/src/org/sleuthkit/autopsy/report/report.java index 1c95b969d0..16f6578383 100644 --- a/Report/src/org/sleuthkit/autopsy/report/report.java +++ b/Report/src/org/sleuthkit/autopsy/report/report.java @@ -1,12 +1,29 @@ -/* - * To change this template, choose Tools | Templates - * and open the template in the editor. + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ package org.sleuthkit.autopsy.report; import java.sql.ResultSet; import java.util.ArrayList; import java.util.HashMap; +import java.util.Map; import java.util.logging.Level; import java.util.logging.Logger; import org.sleuthkit.autopsy.casemodule.Case; @@ -18,278 +35,242 @@ import org.sleuthkit.datamodel.SleuthkitCase; * * @author Alex */ -public class report implements reportInterface { - -private void report(){ +public class report { -} -@Override -public HashMap> getGenInfo() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try - { - ArrayList bbart = tempDb.getBlackboardArtifacts(1); - for (BlackboardArtifact artifact : bbart) - { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } + private void report() { } - catch (Exception e) - { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; -} -@Override -public HashMap> getWebHistory() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try - { - ArrayList bbart = tempDb.getBlackboardArtifacts(4); - for (BlackboardArtifact artifact : bbart) - { + public HashMap> getGenInfo() { + HashMap> reportMap = new HashMap>(); + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase tempDb = currentCase.getSleuthkitCase(); + try { + ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO); + for (BlackboardArtifact artifact : bbart) { ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); + reportMap.put(artifact, attributes); } - } - catch (Exception e) - { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; -} -@Override -public HashMap> getWebCookie() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try - { - ArrayList bbart = tempDb.getBlackboardArtifacts(3); - for (BlackboardArtifact artifact : bbart) - { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } - } - catch (Exception e) - { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; -} -@Override -public HashMap> getWebBookmark() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try - { - ArrayList bbart = tempDb.getBlackboardArtifacts(2); - for (BlackboardArtifact artifact : bbart) - { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } - } - catch (Exception e) - { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; -} + } catch (Exception e) { + Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); + } -@Override -public HashMap> getWebDownload() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try - { - ArrayList bbart = tempDb.getBlackboardArtifacts(5); - for (BlackboardArtifact artifact : bbart) - { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } + return reportMap; } - catch (Exception e) - { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; -} -@Override -public HashMap> getRecentObject() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try - { - ArrayList bbart = tempDb.getBlackboardArtifacts(6); - for (BlackboardArtifact artifact : bbart) - { + public HashMap> getWebHistory() { + HashMap> reportMap = new HashMap>(); + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase tempDb = currentCase.getSleuthkitCase(); + try { + ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY); + for (BlackboardArtifact artifact : bbart) { ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); + reportMap.put(artifact, attributes); } - } - catch (Exception e) - { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; -} + } catch (Exception e) { + Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); + } -@Override -public HashMap> getKeywordHit() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try - { - ArrayList bbart = tempDb.getBlackboardArtifacts(9); - for (BlackboardArtifact artifact : bbart) - { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } + return reportMap; } - catch (Exception e) - { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; -} -@Override -public HashMap> getHashHit() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try - { - ArrayList bbart = tempDb.getBlackboardArtifacts(10); - for (BlackboardArtifact artifact : bbart) - { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } - } - catch (Exception e) - { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; -} -@Override -public HashMap> getInstalledProg() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try - { - ArrayList bbart = tempDb.getBlackboardArtifacts(8); - for (BlackboardArtifact artifact : bbart) - { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } - } - catch (Exception e) - { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; -} -@Override -public HashMap> getDevices() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try - { - ArrayList bbart = tempDb.getBlackboardArtifacts(11); - for (BlackboardArtifact artifact : bbart) - { + public HashMap> getWebCookie() { + HashMap> reportMap = new HashMap>(); + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase tempDb = currentCase.getSleuthkitCase(); + try { + ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE); + for (BlackboardArtifact artifact : bbart) { ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); + reportMap.put(artifact, attributes); } - } - catch (Exception e) - { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; -} + } catch (Exception e) { + Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); + } -@Override -public String getGroupedKeywordHit() { - StringBuilder table = new StringBuilder(); - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try - { - ResultSet uniqueresults = tempDb.runQuery("SELECT DISTINCT value_text from blackboard_attributes where attribute_type_id = '10' order by value_text ASC"); - while(uniqueresults.next()) - { - table.append("").append(uniqueresults.getString("value_text")).append(""); - table.append(""); - ArrayList artlist = new ArrayList(); - ResultSet tempresults = tempDb.runQuery("select DISTINCT artifact_id from blackboard_attributes where attribute_type_id = '10' and value_text = '" + uniqueresults.getString("value_text") +"'"); - while(tempresults.next()) - { - artlist.add(tempDb.getBlackboardArtifact(tempresults.getLong("artifact_id"))); + return reportMap; + } + + public HashMap> getWebBookmark() { + HashMap> reportMap = new HashMap>(); + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase tempDb = currentCase.getSleuthkitCase(); + try { + ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK); + for (BlackboardArtifact artifact : bbart) { + ArrayList attributes = artifact.getAttributes(); + reportMap.put(artifact, attributes); } - for(BlackboardArtifact art : artlist) - { - String filename = tempDb.getFsContentById(art.getObjectID()).getName(); - String preview = ""; - String set = ""; - table.append(""); - ArrayList tempatts = art.getAttributes(); - for(BlackboardAttribute att : tempatts) - { - if(att.getAttributeTypeID() == 12) - { - preview = ""; + } catch (Exception e) { + Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); + } + + return reportMap; + } + + public HashMap> getWebDownload() { + HashMap> reportMap = new HashMap>(); + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase tempDb = currentCase.getSleuthkitCase(); + try { + ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD); + for (BlackboardArtifact artifact : bbart) { + ArrayList attributes = artifact.getAttributes(); + reportMap.put(artifact, attributes); + } + } catch (Exception e) { + Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); + } + + return reportMap; + } + + public HashMap> getRecentObject() { + HashMap> reportMap = new HashMap>(); + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase tempDb = currentCase.getSleuthkitCase(); + try { + ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT); + for (BlackboardArtifact artifact : bbart) { + ArrayList attributes = artifact.getAttributes(); + reportMap.put(artifact, attributes); + } + } catch (Exception e) { + Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); + } + + return reportMap; + } + + public HashMap> getKeywordHit() { + HashMap> reportMap = new HashMap>(); + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase tempDb = currentCase.getSleuthkitCase(); + try { + ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT); + for (BlackboardArtifact artifact : bbart) { + ArrayList attributes = artifact.getAttributes(); + reportMap.put(artifact, attributes); + } + } catch (Exception e) { + Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); + } + + return reportMap; + } + + public HashMap> getHashHit() { + HashMap> reportMap = new HashMap>(); + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase tempDb = currentCase.getSleuthkitCase(); + try { + ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT); + for (BlackboardArtifact artifact : bbart) { + ArrayList attributes = artifact.getAttributes(); + reportMap.put(artifact, attributes); + } + } catch (Exception e) { + Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); + } + + return reportMap; + } + + public HashMap> getInstalledProg() { + HashMap> reportMap = new HashMap>(); + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase tempDb = currentCase.getSleuthkitCase(); + try { + ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG); + for (BlackboardArtifact artifact : bbart) { + ArrayList attributes = artifact.getAttributes(); + reportMap.put(artifact, attributes); + } + } catch (Exception e) { + Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); + } + + return reportMap; + } + + public HashMap> getDevices() { + HashMap> reportMap = new HashMap>(); + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase tempDb = currentCase.getSleuthkitCase(); + try { + ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED); + for (BlackboardArtifact artifact : bbart) { + ArrayList attributes = artifact.getAttributes(); + reportMap.put(artifact, attributes); + } + } catch (Exception e) { + Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); + } + + return reportMap; + } + + public String getGroupedKeywordHit() { + StringBuilder table = new StringBuilder(); + HashMap> reportMap = new HashMap>(); + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase tempDb = currentCase.getSleuthkitCase(); + try { + ResultSet uniqueresults = tempDb.runQuery("SELECT DISTINCT value_text from blackboard_attributes where attribute_type_id = '10' order by value_text ASC"); + while (uniqueresults.next()) { + table.append("").append(uniqueresults.getString("value_text")).append(""); + table.append("
").append("File Name").append("PreviewKeyword List
").append(filename).append("" + att.getValueString() + "
"); + ArrayList artlist = new ArrayList(); + ResultSet tempresults = tempDb.runQuery("select DISTINCT artifact_id from blackboard_attributes where attribute_type_id = '10' and value_text = '" + uniqueresults.getString("value_text") + "'"); + while (tempresults.next()) { + artlist.add(tempDb.getBlackboardArtifact(tempresults.getLong("artifact_id"))); + } + for (BlackboardArtifact art : artlist) { + String filename = tempDb.getFsContentById(art.getObjectID()).getName(); + String preview = ""; + String set = ""; + table.append(""); + ArrayList tempatts = art.getAttributes(); + for (BlackboardAttribute att : tempatts) { + if (att.getAttributeTypeID() == 12) { + preview = ""; + } + if (att.getAttributeTypeID() == 13) { + set = ""; + } } - if(att.getAttributeTypeID() == 13) - { - set = ""; + table.append(preview).append(set).append(""); + } + + + table.append("
").append("File Name").append("PreviewKeyword List
").append(filename).append("" + att.getValueString() + "" + att.getValueString() + "" + att.getValueString() + "


"); + } + } catch (Exception e) { + Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); + } + + String result = table.toString(); + return result; + } + + public HashMap> getAllTypes(ReportConfiguration config) { + HashMap> reportMap = new HashMap>(); + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase tempDb = currentCase.getSleuthkitCase(); + try { + for (Map.Entry entry : config.config.entrySet()) { + if (entry.getValue()) { + ArrayList bbart = tempDb.getBlackboardArtifacts(entry.getKey()); + for (BlackboardArtifact artifact : bbart) { + ArrayList attributes = artifact.getAttributes(); + reportMap.put(artifact, attributes); } } - table.append(preview).append(set).append(""); } - - - table.append("

"); + } catch (Exception e) { + Logger.getLogger(report.class.getName()).log(Level.INFO, "Exception occurred", e); } - } - catch (Exception e) - { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - String result = table.toString(); - return result; -} + return reportMap; + } } \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/reportAction.java b/Report/src/org/sleuthkit/autopsy/report/reportAction.java index dbdd86f698..afde5e4c52 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportAction.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportAction.java @@ -1,6 +1,22 @@ -/* - * To change this template, choose Tools | Templates - * and open the template in the editor. + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ package org.sleuthkit.autopsy.report; @@ -12,22 +28,22 @@ import java.awt.event.ActionListener; import java.beans.PropertyChangeEvent; import java.beans.PropertyChangeListener; import java.io.File; +import java.util.logging.Level; +import java.util.logging.Logger; +import javax.swing.ImageIcon; import javax.swing.JButton; import javax.swing.JDialog; import javax.swing.JFrame; -import org.openide.awt.ActionRegistration; +import org.openide.awt.ActionID; import org.openide.awt.ActionReference; import org.openide.awt.ActionReferences; -import org.openide.awt.ActionID; +import org.openide.awt.ActionRegistration; import org.openide.util.HelpCtx; import org.openide.util.NbBundle.Messages; import org.openide.util.actions.CallableSystemAction; import org.openide.util.actions.Presenter; import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.autopsy.coreutils.Log; -import java.util.logging.Level; -import java.util.logging.Logger; -import javax.swing.ImageIcon; @ActionID(category = "Tools", id = "org.sleuthkit.autopsy.report.reportAction") @@ -36,53 +52,50 @@ id = "org.sleuthkit.autopsy.report.reportAction") @ActionReference(path = "Menu/Tools", position = 80) }) @Messages("CTL_reportAction=Run Report") -public final class reportAction extends CallableSystemAction implements Presenter.Toolbar{ - +public final class reportAction extends CallableSystemAction implements Presenter.Toolbar { + private JButton toolbarButton = new JButton(); private static final String ACTION_NAME = "Generate Report"; - Logger logger = Logger.getLogger(reportAction.class.getName()); - + static final Logger logger = Logger.getLogger(reportAction.class.getName()); + public reportAction() { setEnabled(false); Case.addPropertyChangeListener(new PropertyChangeListener() { @Override public void propertyChange(PropertyChangeEvent evt) { - if(evt.getPropertyName().equals(Case.CASE_CURRENT_CASE)){ + if (evt.getPropertyName().equals(Case.CASE_CURRENT_CASE)) { setEnabled(evt.getNewValue() != null); } } - }); //attempt to create a report folder if a case is active - Case.addPropertyChangeListener(new PropertyChangeListener () { + Case.addPropertyChangeListener(new PropertyChangeListener() { - @Override - public void propertyChange(PropertyChangeEvent evt) { - String changed = evt.getPropertyName(); + @Override + public void propertyChange(PropertyChangeEvent evt) { + String changed = evt.getPropertyName(); - //case has been changed - if (changed.equals(Case.CASE_CURRENT_CASE)) { - Case newCase = (Case)evt.getNewValue(); + //case has been changed + if (changed.equals(Case.CASE_CURRENT_CASE)) { + Case newCase = (Case) evt.getNewValue(); - if (newCase != null) { - boolean exists = (new File(newCase.getCaseDirectory() + "\\Reports")).exists(); - if (exists) { - // report directory exists -- don't need to do anything - - } else { - // report directory does not exist -- create it - boolean reportCreate = (new File(newCase.getCaseDirectory() + "\\Reports")).mkdirs(); - if(!reportCreate){ - logger.log(Level.WARNING, "Could not create Reports directory for case. It does not exist."); + if (newCase != null) { + boolean exists = (new File(newCase.getCaseDirectory() + "\\Reports")).exists(); + if (exists) { + // report directory exists -- don't need to do anything + } else { + // report directory does not exist -- create it + boolean reportCreate = (new File(newCase.getCaseDirectory() + "\\Reports")).mkdirs(); + if (!reportCreate) { + logger.log(Level.WARNING, "Could not create Reports directory for case. It does not exist."); + } } } - } + } } - } + }); -}); - // set action of the toolbar button toolbarButton.addActionListener(new ActionListener() { @@ -93,24 +106,25 @@ public final class reportAction extends CallableSystemAction implements Presente }); } - + @Override public void actionPerformed(ActionEvent e) { try { - + // create the popUp window for it final JFrame frame = new JFrame(ACTION_NAME); final JDialog popUpWindow = new JDialog(frame, ACTION_NAME, true); // to make the popUp Window to be modal // initialize panel with loaded settings - final reportFilter panel = new reportFilter(); - panel.setjButton2ActionListener(new ActionListener() { - @Override - public void actionPerformed(ActionEvent e) { - popUpWindow.dispose(); - } - }); - + final reportFilter panel = new reportFilter(); + panel.setjButton2ActionListener(new ActionListener() { + + @Override + public void actionPerformed(ActionEvent e) { + popUpWindow.dispose(); + } + }); + // add the panel to the popup window popUpWindow.add(panel); popUpWindow.pack(); @@ -125,16 +139,15 @@ public final class reportAction extends CallableSystemAction implements Presente // display the window popUpWindow.setVisible(true); // add the command to close the window to the button on the Case Properties form / panel - - + + } catch (Exception ex) { Log.get(reportFilterAction.class).log(Level.WARNING, "Error displaying " + ACTION_NAME + " window.", ex); } } - + @Override public void performAction() { - } @Override @@ -146,11 +159,11 @@ public final class reportAction extends CallableSystemAction implements Presente public HelpCtx getHelpCtx() { return HelpCtx.DEFAULT_HELP; } - + /** * Returns the toolbar component of this action * - * @return component the toolbar button + * @return component the toolbar button */ @Override public Component getToolbarPresenter() { @@ -163,10 +176,10 @@ public final class reportAction extends CallableSystemAction implements Presente /** * Set this action to be enabled/disabled * - * @param value whether to enable this action or not + * @param value whether to enable this action or not */ @Override - public void setEnabled(boolean value){ + public void setEnabled(boolean value) { super.setEnabled(value); toolbarButton.setEnabled(value); } diff --git a/Report/src/org/sleuthkit/autopsy/report/reportFilter.form b/Report/src/org/sleuthkit/autopsy/report/reportFilter.form index 7b3e65968b..6f51b2114a 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportFilter.form +++ b/Report/src/org/sleuthkit/autopsy/report/reportFilter.form @@ -1,4 +1,4 @@ - +
@@ -39,29 +39,24 @@ - - - - - - - - - - - - - - - - - + + + + + + + + + + + + diff --git a/Report/src/org/sleuthkit/autopsy/report/reportFilterAction.java b/Report/src/org/sleuthkit/autopsy/report/reportFilterAction.java index 304b204f91..f6346a4ee2 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportFilterAction.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportFilterAction.java @@ -16,7 +16,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.sleuthkit.autopsy.report; import java.awt.Container; @@ -31,6 +30,7 @@ import org.sleuthkit.autopsy.coreutils.Log; /** * The reportFilterAction opens the reportFilterPanel in a dialog, and saves the * settings of the panel if the Apply button is clicked. + * * @author pmartel */ class reportFilterAction { @@ -44,10 +44,10 @@ class reportFilterAction { try { // create the popUp window for it - Container cpane; + Container cpane; final JFrame frame = new JFrame(ACTION_NAME); final JDialog popUpWindow = new JDialog(frame, ACTION_NAME, true); // to make the popUp Window to be modal - cpane = frame.getContentPane(); + cpane = frame.getContentPane(); // initialize panel with loaded settings final reportFilter panel = new reportFilter(); @@ -64,8 +64,8 @@ class reportFilterAction { // display the window popUpWindow.setVisible(true); - - + + } catch (Exception ex) { Log.get(reportFilterAction.class).log(Level.WARNING, "Error displaying " + ACTION_NAME + " window.", ex); } @@ -76,9 +76,8 @@ class reportFilterAction { return ACTION_NAME; } - // @Override + // @Override public HelpCtx getHelpCtx() { return HelpCtx.DEFAULT_HELP; } } - diff --git a/Report/src/org/sleuthkit/autopsy/report/reportHTML.java b/Report/src/org/sleuthkit/autopsy/report/reportHTML.java index b9d086c5eb..f1fc88bf56 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportHTML.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportHTML.java @@ -1,6 +1,22 @@ -/* - * To change this template, choose Tools | Templates - * and open the template in the editor. + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ package org.sleuthkit.autopsy.report; @@ -30,383 +46,369 @@ import org.sleuthkit.datamodel.TskData; * @author Alex */ public class reportHTML { - + //Declare our publically accessible formatted report, this will change everytime they run a report public static StringBuilder formatted_Report = new StringBuilder(); public static StringBuilder unformatted_header = new StringBuilder(); public static StringBuilder formatted_header = new StringBuilder(); public static String htmlPath = ""; -public reportHTML (HashMap> report, reportFilter rr){ - - //This is literally a terrible way to count up all the types of artifacts, and doesn't include any added ones. - //Unlike the XML report, which is dynamic, this is formatted and needs to be redone later instead of being hardcoded. - //Also, clearing variables to generate new report. - formatted_Report.setLength(0); - unformatted_header.setLength(0); - formatted_header.setLength(0); - - int countGen = 0; - int countWebBookmark = 0; - int countWebCookie = 0; - int countWebHistory = 0; - int countWebDownload = 0; - int countRecentObjects = 0; - int countTrackPoint = 0; - int countInstalled = 0; - int countKeyword = 0; - int countHash = 0; - int countDevice = 0; - for (Entry> entry : report.entrySet()) { - if(entry.getKey().getArtifactTypeID() == 1){ - countGen++; - } - if(entry.getKey().getArtifactTypeID() == 2){ - countWebBookmark++; - } - if(entry.getKey().getArtifactTypeID() == 3){ - countWebCookie++; - } - if(entry.getKey().getArtifactTypeID() == 4){ + public reportHTML(HashMap> report, reportFilter rr) { - countWebHistory++; - } - if(entry.getKey().getArtifactTypeID() == 5){ - countWebDownload++; - } - if(entry.getKey().getArtifactTypeID() == 6){ - countRecentObjects++; - } - if(entry.getKey().getArtifactTypeID() == 7){ - countTrackPoint++; - } - if(entry.getKey().getArtifactTypeID() == 8){ - countInstalled++; - } - if(entry.getKey().getArtifactTypeID() == 9){ - countKeyword++; - } - if(entry.getKey().getArtifactTypeID() == 10){ - countHash++; - } - if(entry.getKey().getArtifactTypeID() == 11){ - countDevice++; - } - } - - try{ - String ingestwarning = "

Warning, this report was run before ingest services completed!

"; - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase skCase = currentCase.getSleuthkitCase(); - String caseName = currentCase.getName(); - Integer imagecount = currentCase.getImageIDs().length; - Integer totalfiles = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_REG); - Integer totaldirs = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_DIR); - int reportsize = report.size(); - Integer filesystemcount = currentCase.getRootObjectsCount(); - DateFormat datetimeFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); - DateFormat dateFormat = new SimpleDateFormat("MM-dd-yyyy"); - Date date = new Date(); - String datetime = datetimeFormat.format(date); - String datenotime = dateFormat.format(date); - String CSS = ""; - //Add additional header information - String header = "Autopsy Report for Case: " + caseName + ""; - formatted_header.append(header); - formatted_header.append(CSS); - - //do for unformatted + + "h3 {font-size: 16px;color: #0077aa; margin: 40px 0 10px 0;} " + + "p {margin: 0 0 20px 0;} table {width: 100%; padding: 0; margin: 0; border-collapse: collapse; border-bottom: 1px solid #e5e5e5;} " + + "table thead th {display: table-cell; text-align: left; padding: 8px 16px; background: #e5e5e5; color: #777;font-size: 11px;text-shadow: #e9f9fd 0 1px 0; border-top: 1px solid #dedede; border-bottom: 2px solid #dedede;} " + + "table tr th:nth-child(1) {text-align: center; width: 60px;} " + + "table td {display: table-cell; padding: 8px 16px; font: 13px/20px Arial, Helvetica, sans-serif;} " + + "table tr:nth-child(even) td {background: #f3f3f3;} " + + "table tr td:nth-child(1) {text-align: left; width: 60px; background: #f3f3f3;} " + + "table tr:nth-child(even) td:nth-child(1) {background: #eaeaea;}" + + ""; + //Add additional header information + String header = "Autopsy Report for Case: " + caseName + ""; + formatted_header.append(header); + formatted_header.append(CSS); + + //do for unformatted String simpleCSS = ""; - unformatted_header.append(header); - unformatted_header.append(simpleCSS); + + ""; + unformatted_header.append(header); + unformatted_header.append(simpleCSS); //formatted_Report.append(""); formatted_Report.append("
"); // Add summary information now - + formatted_Report.append("

Report for Case: ").append(caseName).append("

"); - if(IngestManager.getDefault().isIngestRunning()) - { + if (IngestManager.getDefault().isIngestRunning()) { formatted_Report.append(ingestwarning); } - formatted_Report.append("

Case Summary

HTML Report Generated by Autopsy 3 on ").append(datetime).append("

"); - formatted_header.append(formatted_Report); - // unformatted_header.append(formatted_Report); - htmlPath = currentCase.getCaseDirectory()+"/Reports/" + caseName + "-" + datenotime + ".html"; - Writer out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(htmlPath), "UTF-8")); - out.write(formatted_header.toString()); - - out.flush(); - out.close(); - - } - catch(Exception e) - { - Logger.getLogger(reportHTML.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - } + formatted_Report.append(""); + formatted_header.append(formatted_Report); + // unformatted_header.append(formatted_Report); + htmlPath = currentCase.getCaseDirectory() + "/Reports/" + caseName + "-" + datenotime + ".html"; + Writer out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(htmlPath), "UTF-8")); + out.write(formatted_header.toString()); - + out.flush(); + out.close(); + + } catch (Exception e) { + + Logger.getLogger(reportHTML.class.getName()).log(Level.WARNING, "Exception occurred", e); + } + } } \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/reportPanel.form b/Report/src/org/sleuthkit/autopsy/report/reportPanel.form index 25b5456d3b..813c576b43 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportPanel.form +++ b/Report/src/org/sleuthkit/autopsy/report/reportPanel.form @@ -1,4 +1,4 @@ - + diff --git a/Report/src/org/sleuthkit/autopsy/report/reportPanel.java b/Report/src/org/sleuthkit/autopsy/report/reportPanel.java index ff67e76400..337c9012ff 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportPanel.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportPanel.java @@ -1,20 +1,27 @@ -/* - * To change this template, choose Tools | Templates - * and open the template in the editor. - */ - -/* - * reportPanel.java + /* * - * Created on Feb 21, 2012, 12:13:14 PM + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ package org.sleuthkit.autopsy.report; + import java.awt.event.ActionListener; -import java.io.BufferedWriter; -import java.io.FileOutputStream; -import java.io.IOException; -import java.io.OutputStreamWriter; -import java.io.Writer; +import java.io.*; import java.text.DateFormat; import java.text.SimpleDateFormat; import java.util.Date; @@ -30,16 +37,17 @@ import org.jdom.output.XMLOutputter; */ public class reportPanel extends javax.swing.JPanel { - /** Creates new form reportPanel */ - public reportPanel(String report) { + /** + * Creates new form reportPanel + */ + public reportPanel() { initComponents(); - setReportWindow(report); } - /** This method is called from within the constructor to - * initialize the form. - * WARNING: Do NOT modify this code. The content of this method is - * always regenerated by the Form Editor. + /** + * This method is called from within the constructor to initialize the form. + * WARNING: Do NOT modify this code. The content of this method is always + * regenerated by the Form Editor. */ @SuppressWarnings("unchecked") // //GEN-BEGIN:initComponents @@ -94,86 +102,64 @@ public class reportPanel extends javax.swing.JPanel { }// //GEN-END:initComponents private void saveReportActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_saveReportActionPerformed - + saveReportAction(); }//GEN-LAST:event_saveReportActionPerformed - /** + /** * Sets the listener for the OK button * - * @param e The action listener + * @param e The action listener */ - public void setjButton1ActionListener(ActionListener e){ - jButton1.addActionListener(e); + public void setjButton1ActionListener(ActionListener e) { + jButton1.addActionListener(e); } - public void getLink(HyperlinkEvent evt){ - try{ - - String str = evt.getDescription(); - // jEditorPane1.scrollToReference(str.substring(1)); - } - catch(Exception e){ - String whater = ""; - } - } - public void setjEditorPane1EventListener(HyperlinkListener evt){ - // jEditorPane1.addHyperlinkListener(evt); - } - - private void setReportWindow(String report) - { - // jEditorPane1.setText(report); - // jEditorPane1.setCaretPosition(0); - } - - public void setFinishedReportText(){ + + public void setFinishedReportText() { DateFormat dateFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); Date date = new Date(); String reportText = "Report was sucessfully generated at " + dateFormat.format(date) + "."; jLabel1.setText(reportText); } - - - private void saveReportAction(){ - + + private void saveReportAction() { + int option = jFileChooser1.showSaveDialog(this); - if(option == JFileChooser.APPROVE_OPTION){ - if(jFileChooser1.getSelectedFile()!=null){ - String path = jFileChooser1.getSelectedFile().toString(); - exportReport(path); + if (option == JFileChooser.APPROVE_OPTION) { + if (jFileChooser1.getSelectedFile() != null) { + String path = jFileChooser1.getSelectedFile().toString(); + exportReport(path); + } } - } - } - - private void exportReport(String path){ - - String htmlpath = reportUtils.changeExtension(path, ".html"); - String xmlpath = reportUtils.changeExtension(path, ".xml"); - String xlspath = reportUtils.changeExtension(path, ".xlsx"); - try { - Writer out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(htmlpath), "UTF-8")); - - // FileOutputStream out = new FileOutputStream(htmlpath); - out.write(reportHTML.formatted_header.toString()); - out.flush(); - out.close(); - - //xls report - FileOutputStream fos = new FileOutputStream(xlspath); - reportXLS.wb.write(fos); - fos.close(); - - FileOutputStream xmlout = new FileOutputStream(xmlpath); - XMLOutputter serializer = new XMLOutputter(); - serializer.output(reportXML.xmldoc, xmlout); - xmlout.flush(); - xmlout.close(); - JOptionPane.showMessageDialog(this, "Report has been successfully saved!"); - } - catch (IOException e) { - System.err.println(e); - } } + private void exportReport(String path) { + + String htmlpath = reportUtils.changeExtension(path, ".html"); + String xmlpath = reportUtils.changeExtension(path, ".xml"); + String xlspath = reportUtils.changeExtension(path, ".xlsx"); + try { + Writer out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(htmlpath), "UTF-8")); + + // FileOutputStream out = new FileOutputStream(htmlpath); + out.write(reportHTML.formatted_header.toString()); + out.flush(); + out.close(); + + //xls report + FileOutputStream fos = new FileOutputStream(xlspath); + reportXLS.wb.write(fos); + fos.close(); + + FileOutputStream xmlout = new FileOutputStream(xmlpath); + XMLOutputter serializer = new XMLOutputter(); + serializer.output(reportXML.xmldoc, xmlout); + xmlout.flush(); + xmlout.close(); + JOptionPane.showMessageDialog(this, "Report has been successfully saved!"); + } catch (IOException e) { + System.err.println(e); + } + } // Variables declaration - do not modify//GEN-BEGIN:variables private javax.swing.JButton jButton1; private javax.swing.JFileChooser jFileChooser1; @@ -181,6 +167,4 @@ private void saveReportActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FI private javax.swing.JOptionPane jOptionPane1; private javax.swing.JButton saveReport; // End of variables declaration//GEN-END:variables - - } diff --git a/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java b/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java index 8496b1541b..72077c11df 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java @@ -1,6 +1,22 @@ -/* - * To change this template, choose Tools | Templates - * and open the template in the editor. + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ package org.sleuthkit.autopsy.report; @@ -8,18 +24,11 @@ import java.awt.Dimension; import java.awt.Toolkit; import java.awt.event.ActionEvent; import java.awt.event.ActionListener; -import java.net.URL; -import java.util.ArrayList; -import java.util.HashMap; import java.util.logging.Level; import javax.swing.JDialog; import javax.swing.JFrame; import javax.swing.SwingUtilities; -import javax.swing.event.HyperlinkEvent; -import javax.swing.event.HyperlinkListener; import org.sleuthkit.autopsy.coreutils.Log; -import org.sleuthkit.datamodel.BlackboardArtifact; -import org.sleuthkit.datamodel.BlackboardAttribute; /** * @@ -32,15 +41,14 @@ public class reportPanelAction { } - public void reportGenerate(ArrayList reportlist, final reportFilter rr){ + public void reportGenerate(ReportConfiguration reportconfig, final reportFilter rr){ try { //Clear any old reports in the string viewReport.setLength(0); // Generate the reports and create the hashmap - final HashMap> Results = new HashMap>(); - report bbreport = new report(); + final ReportGen report = new ReportGen(); //see what reports we need to run and run them //Set progress bar to move while doing this SwingUtilities.invokeLater(new Runnable() { @@ -48,21 +56,11 @@ public class reportPanelAction { public void run() { rr.progBarStartText(); }}); - if(reportlist.contains(1)){Results.putAll(bbreport.getGenInfo());} - if(reportlist.contains(2)){Results.putAll(bbreport.getWebBookmark());} - if(reportlist.contains(3)){Results.putAll(bbreport.getWebCookie());} - if(reportlist.contains(4)){Results.putAll(bbreport.getWebHistory());} - if(reportlist.contains(5)){Results.putAll(bbreport.getWebDownload());} - if(reportlist.contains(6)){Results.putAll(bbreport.getRecentObject());} - // if(reportlist.contains(7)){Results.putAll(bbreport.getGenInfo());} - if(reportlist.contains(8)){Results.putAll(bbreport.getInstalledProg());} - if(reportlist.contains(9)){Results.putAll(bbreport.getKeywordHit());} - if(reportlist.contains(10)){Results.putAll(bbreport.getHashHit());} - if(reportlist.contains(11)){Results.putAll(bbreport.getDevices());} + report.populateReport(reportconfig); SwingUtilities.invokeLater(new Runnable() { @Override public void run() { - rr.progBarCount(2*Results.size()); + rr.progBarCount(2*report.Results.size()); }}); //Turn our results into the appropriate xml/html reports //TODO: add a way for users to select what they will run when @@ -71,7 +69,7 @@ public class reportPanelAction { @Override public void run() { - reportXML xmlReport = new reportXML(Results, rr); + reportXML xmlReport = new reportXML(report.Results, rr); } }); Thread htmlthread = new Thread(new Runnable() @@ -79,7 +77,7 @@ public class reportPanelAction { @Override public void run() { - reportHTML htmlReport = new reportHTML(Results,rr); + reportHTML htmlReport = new reportHTML(report.Results,rr); BrowserControl.openUrl(reportHTML.htmlPath); } }); @@ -88,7 +86,7 @@ public class reportPanelAction { @Override public void run() { - reportXLS xlsReport = new reportXLS(Results,rr); + reportXLS xlsReport = new reportXLS(report.Results,rr); // } }); @@ -110,7 +108,7 @@ public class reportPanelAction { htmlthread.join(); //Set the temporary label to let the user know its done and is waiting on the report rr.progBarText(); - final reportPanel panel = new reportPanel(viewReport.toString()); + final reportPanel panel = new reportPanel(); panel.setjButton1ActionListener(new ActionListener() { @@ -120,19 +118,6 @@ public class reportPanelAction { popUpWindow.dispose(); } }); - panel.setjEditorPane1EventListener(new HyperlinkListener(){ - @Override - public void hyperlinkUpdate(HyperlinkEvent hev) { - try { - if (hev.getEventType() == HyperlinkEvent.EventType.ACTIVATED) - - panel.getLink(hev); - } - catch (Exception e) { - // Exceptions thrown............... - } - } - }); // add the panel to the popup window popUpWindow.add(panel); diff --git a/Report/src/org/sleuthkit/autopsy/report/reportUtils.java b/Report/src/org/sleuthkit/autopsy/report/reportUtils.java index eb2ce020a1..c07f277da8 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportUtils.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportUtils.java @@ -1,6 +1,22 @@ -/* - * To change this template, choose Tools | Templates - * and open the template in the editor. + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ package org.sleuthkit.autopsy.report; @@ -9,34 +25,32 @@ package org.sleuthkit.autopsy.report; * @author Alex */ public class reportUtils { - -static String changeExtension(String originalName, String newExtension) { - int lastDot = originalName.lastIndexOf("."); - if (lastDot != -1) { - return originalName.substring(0, lastDot) + newExtension; - } else { - return originalName + newExtension; - } -} -public static String insertPeriodically( - String text, String insert, int period) -{ - StringBuilder builder = new StringBuilder( - text.length() + insert.length() * (text.length()/period)+1); - - int index = 0; - String prefix = ""; - while (index < text.length()) - { - // Don't put the insert in the very first iteration. - // This is easier than appending it *after* each substring - builder.append(prefix); - prefix = insert; - builder.append(text.substring(index, - Math.min(index + period, text.length()))); - index += period; + static String changeExtension(String originalName, String newExtension) { + int lastDot = originalName.lastIndexOf("."); + if (lastDot != -1) { + return originalName.substring(0, lastDot) + newExtension; + } else { + return originalName + newExtension; + } + } + + public static String insertPeriodically( + String text, String insert, int period) { + StringBuilder builder = new StringBuilder( + text.length() + insert.length() * (text.length() / period) + 1); + + int index = 0; + String prefix = ""; + while (index < text.length()) { + // Don't put the insert in the very first iteration. + // This is easier than appending it *after* each substring + builder.append(prefix); + prefix = insert; + builder.append(text.substring(index, + Math.min(index + period, text.length()))); + index += period; + } + return builder.toString(); } - return builder.toString(); -} } \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/reportXLS.java b/Report/src/org/sleuthkit/autopsy/report/reportXLS.java index 3d9f785a55..bff3e66243 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportXLS.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportXLS.java @@ -1,11 +1,26 @@ -/* - * To change this template, choose Tools | Templates - * and open the template in the editor. + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ package org.sleuthkit.autopsy.report; import java.io.FileOutputStream; - import java.io.IOException; import java.text.DateFormat; import java.text.SimpleDateFormat; @@ -14,362 +29,343 @@ import java.util.Date; import java.util.HashMap; import java.util.Map.Entry; import java.util.TreeMap; -import org.apache.poi.ss.usermodel.Cell; -import org.apache.poi.ss.usermodel.CellStyle; -import org.apache.poi.ss.usermodel.Font; -import org.apache.poi.ss.usermodel.Row; -import org.apache.poi.ss.usermodel.Sheet; -import org.apache.poi.ss.usermodel.Workbook; +import org.apache.poi.ss.usermodel.*; import org.apache.poi.xssf.usermodel.XSSFWorkbook; import org.sleuthkit.autopsy.casemodule.Case; -import org.sleuthkit.datamodel.BlackboardArtifact; -import org.sleuthkit.datamodel.BlackboardAttribute; -import org.sleuthkit.datamodel.FsContent; -import org.sleuthkit.datamodel.SleuthkitCase; -import org.sleuthkit.datamodel.TskData; +import org.sleuthkit.datamodel.*; /** * * @author Alex */ public class reportXLS { - public static Workbook wb = new XSSFWorkbook(); - public reportXLS(HashMap> report, reportFilter rr){ - //Empty the workbook first - Workbook wbtemp = new XSSFWorkbook(); - - int countGen = 0; - int countBookmark = 0; - int countCookie = 0; - int countHistory = 0; - int countDownload = 0; - int countRecentObjects = 0; - int countTrackPoint = 0; - int countInstalled = 0; - int countKeyword = 0; - int countHash = 0; - int countDevice = 0; - for (Entry> entry : report.entrySet()) { - if(entry.getKey().getArtifactTypeID() == 1){ - countGen++; - } - if(entry.getKey().getArtifactTypeID() == 2){ - countBookmark++; - } - if(entry.getKey().getArtifactTypeID() == 3){ - countCookie++; - } - if(entry.getKey().getArtifactTypeID() == 4){ + public static Workbook wb = new XSSFWorkbook(); - countHistory++; + public reportXLS(HashMap> report, reportFilter rr) { + //Empty the workbook first + Workbook wbtemp = new XSSFWorkbook(); + + int countGen = 0; + int countBookmark = 0; + int countCookie = 0; + int countHistory = 0; + int countDownload = 0; + int countRecentObjects = 0; + int countTrackPoint = 0; + int countInstalled = 0; + int countKeyword = 0; + int countHash = 0; + int countDevice = 0; + for (Entry> entry : report.entrySet()) { + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getTypeID()) { + countGen++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID()) { + countBookmark++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getTypeID()) { + + countCookie++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID()) { + + countHistory++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getTypeID()) { + countDownload++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getTypeID()) { + countRecentObjects++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getTypeID()) { + countTrackPoint++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getTypeID()) { + countInstalled++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) { + countKeyword++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()) { + countHash++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID()) { + countDevice++; + } + } + + try { + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase skCase = currentCase.getSleuthkitCase(); + String caseName = currentCase.getName(); + Integer imagecount = currentCase.getImageIDs().length; + Integer filesystemcount = currentCase.getRootObjectsCount(); + Integer totalfiles = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_REG); + Integer totaldirs = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_DIR); + DateFormat datetimeFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); + DateFormat dateFormat = new SimpleDateFormat("MM-dd-yyyy-HH-mm-ss"); + Date date = new Date(); + String datetime = datetimeFormat.format(date); + String datenotime = dateFormat.format(date); + + //The first summary report page + Sheet sheetSummary = wbtemp.createSheet("Summary"); + //Generate a sheet per artifact type + // Sheet sheetGen = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getDisplayName()); + Sheet sheetHash = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getDisplayName()); + Sheet sheetDevice = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getDisplayName()); + Sheet sheetInstalled = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getDisplayName()); + Sheet sheetKeyword = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getDisplayName()); + // Sheet sheetTrackpoint = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getDisplayName()); + Sheet sheetRecent = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getDisplayName()); + Sheet sheetCookie = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getDisplayName()); + Sheet sheetBookmark = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getDisplayName()); + Sheet sheetDownload = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getDisplayName()); + Sheet sheetHistory = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getDisplayName()); + + //Bold/underline cell style for the top header rows + CellStyle style = wbtemp.createCellStyle(); + style.setBorderBottom((short) 2); + Font font = wbtemp.createFont(); + font.setFontHeightInPoints((short) 16); + font.setFontName("Courier New"); + font.setBoldweight((short) 2); + style.setFont(font); + //create the rows in the worksheet for our records + //Create first row and header + // sheetGen.createRow(0); + // sheetGen.getRow(0).createCell(0).setCellValue("Name"); + // sheetGen.getRow(0).createCell(1).setCellValue("Value"); + // sheetGen.getRow(0).createCell(2).setCellValue("Date/Time"); + + sheetSummary.createRow(0).setRowStyle(style); + sheetSummary.getRow(0).createCell(0).setCellValue("Summary Information"); + sheetSummary.getRow(0).createCell(1).setCellValue(caseName); + //add some basic information + sheetSummary.createRow(1); + sheetSummary.getRow(1).createCell(0).setCellValue("# of Images"); + sheetSummary.getRow(1).createCell(1).setCellValue(imagecount); + sheetSummary.createRow(2); + sheetSummary.getRow(2).createCell(0).setCellValue("Filesystems found"); + sheetSummary.getRow(2).createCell(1).setCellValue(imagecount); + sheetSummary.createRow(3); + sheetSummary.getRow(3).createCell(0).setCellValue("# of Files"); + sheetSummary.getRow(3).createCell(1).setCellValue(totalfiles); + sheetSummary.createRow(4); + sheetSummary.getRow(4).createCell(0).setCellValue("# of Directories"); + sheetSummary.getRow(4).createCell(1).setCellValue(totaldirs); + sheetSummary.createRow(5); + sheetSummary.getRow(5).createCell(0).setCellValue("Date/Time"); + sheetSummary.getRow(5).createCell(1).setCellValue(datetime); + + + + sheetHash.createRow(0).setRowStyle(style); + sheetHash.getRow(0).createCell(0).setCellValue("Name"); + sheetHash.getRow(0).createCell(1).setCellValue("Size"); + sheetHash.getRow(0).createCell(2).setCellValue("Hashset Name"); + + sheetDevice.createRow(0).setRowStyle(style); + sheetDevice.getRow(0).createCell(0).setCellValue("Name"); + sheetDevice.getRow(0).createCell(1).setCellValue("Serial #"); + sheetDevice.getRow(0).createCell(2).setCellValue("Time"); + + sheetInstalled.createRow(0).setRowStyle(style); + sheetInstalled.getRow(0).createCell(0).setCellValue("Program Name"); + sheetInstalled.getRow(0).createCell(1).setCellValue("Install Date/Time"); + + sheetKeyword.createRow(0).setRowStyle(style); + sheetKeyword.getRow(0).createCell(0).setCellValue("Keyword"); + sheetKeyword.getRow(0).createCell(1).setCellValue("File Name"); + sheetKeyword.getRow(0).createCell(2).setCellValue("Preview"); + sheetKeyword.getRow(0).createCell(3).setCellValue("Keyword LIst"); + + sheetRecent.createRow(0).setRowStyle(style); + sheetRecent.getRow(0).createCell(0).setCellValue("Name"); + sheetRecent.getRow(0).createCell(1).setCellValue("Path"); + sheetRecent.getRow(0).createCell(2).setCellValue("Related Shortcut"); + + sheetCookie.createRow(0).setRowStyle(style); + sheetCookie.getRow(0).createCell(0).setCellValue("URL"); + sheetCookie.getRow(0).createCell(1).setCellValue("Date"); + sheetCookie.getRow(0).createCell(2).setCellValue("Name"); + sheetCookie.getRow(0).createCell(3).setCellValue("Value"); + sheetCookie.getRow(0).createCell(4).setCellValue("Program"); + + sheetBookmark.createRow(0).setRowStyle(style); + sheetBookmark.getRow(0).createCell(0).setCellValue("URL"); + sheetBookmark.getRow(0).createCell(1).setCellValue("Title"); + sheetBookmark.getRow(0).createCell(2).setCellValue("Program"); + + sheetDownload.createRow(0).setRowStyle(style); + sheetDownload.getRow(0).createCell(0).setCellValue("File"); + sheetDownload.getRow(0).createCell(1).setCellValue("Source"); + sheetDownload.getRow(0).createCell(2).setCellValue("Time"); + sheetDownload.getRow(0).createCell(3).setCellValue("Program"); + + sheetHistory.createRow(0).setRowStyle(style); + sheetHistory.getRow(0).createCell(0).setCellValue("URL"); + sheetHistory.getRow(0).createCell(1).setCellValue("Date"); + sheetHistory.getRow(0).createCell(2).setCellValue("Referrer"); + sheetHistory.getRow(0).createCell(3).setCellValue("Title"); + sheetHistory.getRow(0).createCell(4).setCellValue("Program"); + + for (int i = 0; i < wbtemp.getNumberOfSheets(); i++) { + Sheet tempsheet = wbtemp.getSheetAt(i); + tempsheet.setAutobreaks(true); + + for (Row temprow : tempsheet) { + for (Cell cell : temprow) { + cell.setCellStyle(style); + tempsheet.autoSizeColumn(cell.getColumnIndex()); } - if(entry.getKey().getArtifactTypeID() == 5){ - countDownload++; + } + } + + int countedGen = 0; + int countedBookmark = 0; + int countedCookie = 0; + int countedHistory = 0; + int countedDownload = 0; + int countedRecentObjects = 0; + int countedTrackPoint = 0; + int countedInstalled = 0; + int countedKeyword = 0; + int countedHash = 0; + int countedDevice = 0; + + //start populating the sheets in the workbook + for (Entry> entry : report.entrySet()) { + if (reportFilter.cancel == true) { + break; + } + int cc = 0; + Long objId = entry.getKey().getObjectID(); + FsContent file = skCase.getFsContentById(objId); + Long filesize = file.getSize(); + TreeMap attributes = new TreeMap(); + // Get all the attributes, line them up to be added. Place empty string placeholders for each attribute type + int n; + for (n = 1; n <= 36; n++) { + attributes.put(n, ""); + + } + for (BlackboardAttribute tempatt : entry.getValue()) { + if (reportFilter.cancel == true) { + break; } - if(entry.getKey().getArtifactTypeID() == 6){ - countRecentObjects++; + String value = ""; + int type = tempatt.getAttributeTypeID(); + if (tempatt.getValueString() == null || "null".equals(tempatt.getValueString())) { + } else if (type == 2 || type == 33) { + value = new java.text.SimpleDateFormat("MM/dd/yyyy HH:mm:ss").format(new java.util.Date((tempatt.getValueLong()) * 1000)); + } else { + value = tempatt.getValueString(); } - if(entry.getKey().getArtifactTypeID() == 7){ - countTrackPoint++; - } - if(entry.getKey().getArtifactTypeID() == 8){ - countInstalled++; - } - if(entry.getKey().getArtifactTypeID() == 9){ - countKeyword++; - } - if(entry.getKey().getArtifactTypeID() == 10){ - countHash++; - } - if(entry.getKey().getArtifactTypeID() == 11){ - countDevice++; - } + + attributes.put(type, value); + cc++; + } + + + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getTypeID()) { + countedGen++; + // Row temp = sheetGen.getRow(countedGen); + + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID()) { + countedBookmark++; + Row temp = sheetBookmark.createRow(countedBookmark); + temp.createCell(0).setCellValue(attributes.get(1)); + temp.createCell(1).setCellValue(attributes.get(3)); + temp.createCell(2).setCellValue(attributes.get(4)); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getTypeID()) { + countedCookie++; + Row temp = sheetCookie.createRow(countedCookie); + temp.createCell(0).setCellValue(attributes.get(1)); + temp.createCell(1).setCellValue(attributes.get(2)); + temp.createCell(2).setCellValue(attributes.get(3)); + temp.createCell(3).setCellValue(attributes.get(6)); + temp.createCell(4).setCellValue(attributes.get(4)); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID()) { + countedHistory++; + Row temp = sheetHistory.createRow(countedHistory); + temp.createCell(0).setCellValue(attributes.get(1)); + temp.createCell(1).setCellValue(attributes.get(33)); + temp.createCell(2).setCellValue(attributes.get(32)); + temp.createCell(3).setCellValue(attributes.get(3)); + temp.createCell(4).setCellValue(attributes.get(4)); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getTypeID()) { + countedDownload++; + Row temp = sheetDownload.createRow(countedDownload); + temp.createCell(0).setCellValue(attributes.get(8)); + temp.createCell(1).setCellValue(attributes.get(1)); + temp.createCell(2).setCellValue(attributes.get(33)); + temp.createCell(3).setCellValue(attributes.get(4)); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getTypeID()) { + countedRecentObjects++; + Row temp = sheetRecent.createRow(countedRecentObjects); + temp.createCell(0).setCellValue(attributes.get(3)); + temp.createCell(1).setCellValue(attributes.get(8)); + temp.createCell(2).setCellValue(file.getName()); + temp.createCell(3).setCellValue(attributes.get(4)); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getTypeID()) { + // sheetTrackpoint.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getTypeID()) { + countedInstalled++; + Row temp = sheetInstalled.createRow(countedInstalled); + temp.createCell(0).setCellValue(attributes.get(4)); + temp.createCell(1).setCellValue(attributes.get(2)); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) { + countedKeyword++; + Row temp = sheetKeyword.createRow(countedKeyword); + temp.createCell(0).setCellValue(attributes.get(10)); + temp.createCell(1).setCellValue(attributes.get(3)); + temp.createCell(2).setCellValue(attributes.get(12)); + temp.createCell(3).setCellValue(attributes.get(13)); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()) { + countedHash++; + Row temp = sheetHash.createRow(countedHash); + temp.createCell(0).setCellValue(file.getName().toString()); + temp.createCell(1).setCellValue(filesize.toString()); + temp.createCell(2).setCellValue(attributes.get(30)); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID()) { + countedDevice++; + Row temp = sheetDevice.createRow(countedDevice); + temp.createCell(0).setCellValue(attributes.get(18)); + temp.createCell(1).setCellValue(attributes.get(20)); + temp.createCell(2).setCellValue(attributes.get(2)); + } + + + cc++; + rr.progBarSet(cc); + } + + + //write out the report to the reports folder + try { + FileOutputStream fos = new FileOutputStream(currentCase.getCaseDirectory() + "/Reports/" + caseName + "-" + datenotime + ".xlsx"); + wbtemp.write(fos); + fos.close(); + wb = wbtemp; + } catch (IOException e) { + System.err.println(e); + } + + } catch (Exception E) { + String test = E.toString(); + } + } - - try{ - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase skCase = currentCase.getSleuthkitCase(); - String caseName = currentCase.getName(); - Integer imagecount = currentCase.getImageIDs().length; - Integer filesystemcount = currentCase.getRootObjectsCount(); - Integer totalfiles = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_REG); - Integer totaldirs = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_DIR); - DateFormat datetimeFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); - DateFormat dateFormat = new SimpleDateFormat("MM-dd-yyyy-HH-mm-ss"); - Date date = new Date(); - String datetime = datetimeFormat.format(date); - String datenotime = dateFormat.format(date); - - //The first summary report page - Sheet sheetSummary = wbtemp.createSheet("Summary"); - //Generate a sheet per artifact type - // Sheet sheetGen = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getDisplayName()); - Sheet sheetHash = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getDisplayName()); - Sheet sheetDevice = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getDisplayName()); - Sheet sheetInstalled = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getDisplayName()); - Sheet sheetKeyword = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getDisplayName()); - // Sheet sheetTrackpoint = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getDisplayName()); - Sheet sheetRecent = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getDisplayName()); - Sheet sheetCookie = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getDisplayName()); - Sheet sheetBookmark = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getDisplayName()); - Sheet sheetDownload = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getDisplayName()); - Sheet sheetHistory = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getDisplayName()); - - //Bold/underline cell style for the top header rows - CellStyle style = wbtemp.createCellStyle(); - style.setBorderBottom((short) 2); - Font font = wbtemp.createFont(); - font.setFontHeightInPoints((short)16); - font.setFontName("Courier New"); - font.setBoldweight((short)2); - style.setFont(font); - //create the rows in the worksheet for our records - //Create first row and header - // sheetGen.createRow(0); - // sheetGen.getRow(0).createCell(0).setCellValue("Name"); - // sheetGen.getRow(0).createCell(1).setCellValue("Value"); - // sheetGen.getRow(0).createCell(2).setCellValue("Date/Time"); - - sheetSummary.createRow(0).setRowStyle(style); - sheetSummary.getRow(0).createCell(0).setCellValue("Summary Information"); - sheetSummary.getRow(0).createCell(1).setCellValue(caseName); - //add some basic information - sheetSummary.createRow(1); - sheetSummary.getRow(1).createCell(0).setCellValue("# of Images"); - sheetSummary.getRow(1).createCell(1).setCellValue(imagecount); - sheetSummary.createRow(2); - sheetSummary.getRow(2).createCell(0).setCellValue("Filesystems found"); - sheetSummary.getRow(2).createCell(1).setCellValue(imagecount); - sheetSummary.createRow(3); - sheetSummary.getRow(3).createCell(0).setCellValue("# of Files"); - sheetSummary.getRow(3).createCell(1).setCellValue(totalfiles); - sheetSummary.createRow(4); - sheetSummary.getRow(4).createCell(0).setCellValue("# of Directories"); - sheetSummary.getRow(4).createCell(1).setCellValue(totaldirs); - sheetSummary.createRow(5); - sheetSummary.getRow(5).createCell(0).setCellValue("Date/Time"); - sheetSummary.getRow(5).createCell(1).setCellValue(datetime); - - - - sheetHash.createRow(0).setRowStyle(style); - sheetHash.getRow(0).createCell(0).setCellValue("Name"); - sheetHash.getRow(0).createCell(1).setCellValue("Size"); - sheetHash.getRow(0).createCell(2).setCellValue("Hashset Name"); - - sheetDevice.createRow(0).setRowStyle(style); - sheetDevice.getRow(0).createCell(0).setCellValue("Name"); - sheetDevice.getRow(0).createCell(1).setCellValue("Serial #"); - sheetDevice.getRow(0).createCell(2).setCellValue("Time"); - - sheetInstalled.createRow(0).setRowStyle(style); - sheetInstalled.getRow(0).createCell(0).setCellValue("Program Name"); - sheetInstalled.getRow(0).createCell(1).setCellValue("Install Date/Time"); - - sheetKeyword.createRow(0).setRowStyle(style); - sheetKeyword.getRow(0).createCell(0).setCellValue("Keyword"); - sheetKeyword.getRow(0).createCell(1).setCellValue("File Name"); - sheetKeyword.getRow(0).createCell(2).setCellValue("Preview"); - sheetKeyword.getRow(0).createCell(3).setCellValue("Keyword LIst"); - - sheetRecent.createRow(0).setRowStyle(style); - sheetRecent.getRow(0).createCell(0).setCellValue("Name"); - sheetRecent.getRow(0).createCell(1).setCellValue("Path"); - sheetRecent.getRow(0).createCell(2).setCellValue("Related Shortcut"); - - sheetCookie.createRow(0).setRowStyle(style); - sheetCookie.getRow(0).createCell(0).setCellValue("URL"); - sheetCookie.getRow(0).createCell(1).setCellValue("Date"); - sheetCookie.getRow(0).createCell(2).setCellValue("Name"); - sheetCookie.getRow(0).createCell(3).setCellValue("Value"); - sheetCookie.getRow(0).createCell(4).setCellValue("Program"); - - sheetBookmark.createRow(0).setRowStyle(style); - sheetBookmark.getRow(0).createCell(0).setCellValue("URL"); - sheetBookmark.getRow(0).createCell(1).setCellValue("Title"); - sheetBookmark.getRow(0).createCell(2).setCellValue("Program"); - - sheetDownload.createRow(0).setRowStyle(style); - sheetDownload.getRow(0).createCell(0).setCellValue("File"); - sheetDownload.getRow(0).createCell(1).setCellValue("Source"); - sheetDownload.getRow(0).createCell(2).setCellValue("Time"); - sheetDownload.getRow(0).createCell(3).setCellValue("Program"); - - sheetHistory.createRow(0).setRowStyle(style); - sheetHistory.getRow(0).createCell(0).setCellValue("URL"); - sheetHistory.getRow(0).createCell(1).setCellValue("Date"); - sheetHistory.getRow(0).createCell(2).setCellValue("Referrer"); - sheetHistory.getRow(0).createCell(3).setCellValue("Title"); - sheetHistory.getRow(0).createCell(4).setCellValue("Program"); - - for(int i = 0;i < wbtemp.getNumberOfSheets();i++){ - Sheet tempsheet = wbtemp.getSheetAt(i); - tempsheet.setAutobreaks(true); - - for (Row temprow : tempsheet){ - for (Cell cell : temprow) { - cell.setCellStyle(style); - tempsheet.autoSizeColumn(cell.getColumnIndex()); - } - } - } - - int countedGen = 0; - int countedBookmark = 0; - int countedCookie = 0; - int countedHistory = 0; - int countedDownload = 0; - int countedRecentObjects = 0; - int countedTrackPoint = 0; - int countedInstalled = 0; - int countedKeyword = 0; - int countedHash = 0; - int countedDevice = 0; - - //start populating the sheets in the workbook - for (Entry> entry : report.entrySet()) { - if(reportFilter.cancel == true){ - break; - } - int cc = 0; - Long objId = entry.getKey().getObjectID(); - FsContent file = skCase.getFsContentById(objId); - Long filesize = file.getSize(); - TreeMap attributes = new TreeMap(); - // Get all the attributes, line them up to be added. Place empty string placeholders for each attribute type - int n; - for(n=1;n<=36;n++) - { - attributes.put(n, ""); - - } - for (BlackboardAttribute tempatt : entry.getValue()) - { - if(reportFilter.cancel == true){ - break; - } - String value = ""; - int type = tempatt.getAttributeTypeID(); - if(tempatt.getValueString() == null || "null".equals(tempatt.getValueString())){ - - } - else if(type == 2){ - value = new java.text.SimpleDateFormat("MM/dd/yyyy HH:mm:ss").format(new java.util.Date ((tempatt.getValueLong())*1000)); - } - else - { - value = tempatt.getValueString(); - } - - attributes.put(type, value); - cc++; - } - - - if(entry.getKey().getArtifactTypeID() == 1){ - countedGen++; - // Row temp = sheetGen.getRow(countedGen); - - } - if(entry.getKey().getArtifactTypeID() == 2){ - countedBookmark++; - Row temp = sheetBookmark.createRow(countedBookmark); - temp.createCell(0).setCellValue(attributes.get(1)); - temp.createCell(1).setCellValue(attributes.get(3)); - temp.createCell(2).setCellValue(attributes.get(4)); - } - if(entry.getKey().getArtifactTypeID() == 3){ - countedCookie++; - Row temp = sheetCookie.createRow(countedCookie); - temp.createCell(0).setCellValue(attributes.get(1)); - temp.createCell(1).setCellValue(attributes.get(2)); - temp.createCell(2).setCellValue(attributes.get(3)); - temp.createCell(3).setCellValue(attributes.get(6)); - temp.createCell(4).setCellValue(attributes.get(4)); - } - if(entry.getKey().getArtifactTypeID() == 4){ - countedHistory++; - Row temp = sheetHistory.createRow(countedHistory); - temp.createCell(0).setCellValue(attributes.get(1)); - temp.createCell(1).setCellValue(attributes.get(33)); - temp.createCell(2).setCellValue(attributes.get(32)); - temp.createCell(3).setCellValue(attributes.get(3)); - temp.createCell(4).setCellValue(attributes.get(4)); - } - if(entry.getKey().getArtifactTypeID() == 5){ - countedDownload++; - Row temp = sheetDownload.createRow(countedDownload); - temp.createCell(0).setCellValue(attributes.get(8)); - temp.createCell(1).setCellValue(attributes.get(1)); - temp.createCell(2).setCellValue(attributes.get(33)); - temp.createCell(3).setCellValue(attributes.get(4)); - } - if(entry.getKey().getArtifactTypeID() == 6){ - countedRecentObjects++; - Row temp = sheetRecent.createRow(countedRecentObjects); - temp.createCell(0).setCellValue(attributes.get(3)); - temp.createCell(1).setCellValue(attributes.get(8)); - temp.createCell(2).setCellValue(file.getName()); - temp.createCell(3).setCellValue(attributes.get(4)); - } - if(entry.getKey().getArtifactTypeID() == 7){ - // sheetTrackpoint.addContent(artifact); - } - if(entry.getKey().getArtifactTypeID() == 8){ - countedInstalled++; - Row temp = sheetInstalled.createRow(countedInstalled); - temp.createCell(0).setCellValue(attributes.get(4)); - temp.createCell(1).setCellValue(attributes.get(2)); - } - if(entry.getKey().getArtifactTypeID() == 9){ - countedKeyword++; - Row temp = sheetKeyword.createRow(countedKeyword); - temp.createCell(0).setCellValue(attributes.get(10)); - temp.createCell(1).setCellValue(attributes.get(3)); - temp.createCell(2).setCellValue(attributes.get(12)); - temp.createCell(3).setCellValue(attributes.get(13)); - } - if(entry.getKey().getArtifactTypeID() == 10){ - countedHash++; - Row temp = sheetHash.createRow(countedHash); - temp.createCell(0).setCellValue(file.getName().toString()); - temp.createCell(1).setCellValue(filesize.toString()); - temp.createCell(2).setCellValue(attributes.get(30)); - } - if(entry.getKey().getArtifactTypeID() == 11){ - countedDevice++; - Row temp = sheetDevice.createRow(countedDevice); - temp.createCell(0).setCellValue(attributes.get(18)); - temp.createCell(1).setCellValue(attributes.get(20)); - temp.createCell(2).setCellValue(attributes.get(2)); - } - - - cc++; - rr.progBarSet(cc); - } - - - //write out the report to the reports folder - try { - FileOutputStream fos = new FileOutputStream(currentCase.getCaseDirectory()+"/Reports/" + caseName + "-" + datenotime + ".xlsx"); - wbtemp.write(fos); - fos.close(); - wb = wbtemp; - } - catch (IOException e) { - System.err.println(e); - } - - } - - catch(Exception E) - { - String test = E.toString(); - } - - } - - } diff --git a/Report/src/org/sleuthkit/autopsy/report/reportXML.java b/Report/src/org/sleuthkit/autopsy/report/reportXML.java index c8d9d0335a..eb03ff140f 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportXML.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportXML.java @@ -1,8 +1,25 @@ -/* - * To change this template, choose Tools | Templates - * and open the template in the editor. + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ package org.sleuthkit.autopsy.report; + import java.io.FileOutputStream; import java.io.IOException; import java.text.DateFormat; @@ -31,128 +48,129 @@ import org.sleuthkit.datamodel.File; import org.sleuthkit.datamodel.Image; import org.sleuthkit.datamodel.SleuthkitCase; import org.sleuthkit.datamodel.TskData; + public class reportXML { + public static Document xmldoc = new Document(); - public reportXML (HashMap> report, reportFilter rr){ - try{ - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase skCase = currentCase.getSleuthkitCase(); - String caseName = currentCase.getName(); - Integer imagecount = currentCase.getImageIDs().length; - Integer filesystemcount = currentCase.getRootObjectsCount(); - Integer totalfiles = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_REG); - Integer totaldirs = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_DIR); - Element root = new Element("Case"); - xmldoc = new Document(root); - DateFormat datetimeFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); - DateFormat dateFormat = new SimpleDateFormat("MM-dd-yyyy-HH-mm-ss"); - Date date = new Date(); - String datetime = datetimeFormat.format(date); - String datenotime = dateFormat.format(date); - Comment comment = new Comment("XML Report Generated by Autopsy 3 on " + datetime); - root.addContent(comment); - //Create summary node involving how many of each type - Element summary = new Element("Summary"); - if(IngestManager.getDefault().isIngestRunning()) - { - summary.addContent(new Element("Warning").setText("Report was run before ingest services completed!")); + + public reportXML(HashMap> report, reportFilter rr) { + try { + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase skCase = currentCase.getSleuthkitCase(); + String caseName = currentCase.getName(); + Integer imagecount = currentCase.getImageIDs().length; + Integer filesystemcount = currentCase.getRootObjectsCount(); + Integer totalfiles = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_REG); + Integer totaldirs = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_DIR); + Element root = new Element("Case"); + xmldoc = new Document(root); + DateFormat datetimeFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); + DateFormat dateFormat = new SimpleDateFormat("MM-dd-yyyy-HH-mm-ss"); + Date date = new Date(); + String datetime = datetimeFormat.format(date); + String datenotime = dateFormat.format(date); + Comment comment = new Comment("XML Report Generated by Autopsy 3 on " + datetime); + root.addContent(comment); + //Create summary node involving how many of each type + Element summary = new Element("Summary"); + if (IngestManager.getDefault().isIngestRunning()) { + summary.addContent(new Element("Warning").setText("Report was run before ingest services completed!")); } - summary.addContent(new Element("Name").setText(caseName)); - summary.addContent(new Element("Total-Images").setText(imagecount.toString())); - summary.addContent(new Element("Total-FileSystems").setText(filesystemcount.toString())); - summary.addContent(new Element("Total-Files").setText(totalfiles.toString())); - summary.addContent(new Element("Total-Directories").setText(totaldirs.toString())); - root.addContent(summary); - //generate the nodes for each of the types so we can use them later - Element nodeGen = new Element("General-Information"); - Element nodeWebBookmark = new Element("Web-Bookmarks"); - Element nodeWebCookie = new Element("Web-Cookies"); - Element nodeWebHistory = new Element("Web-History"); - Element nodeWebDownload = new Element("Web-Downloads"); - Element nodeRecentObjects = new Element("Recent-Documents"); - Element nodeTrackPoint = new Element("Track-Points"); - Element nodeInstalled = new Element("Installed-Programfiles"); - Element nodeKeyword = new Element("Keyword-Search-Hits"); - Element nodeHash = new Element("Hashset-Hits"); - Element nodeDevice = new Element("Attached-Devices"); - //remove bytes - Pattern INVALID_XML_CHARS = Pattern.compile("[^\\u0009\\u000A\\u000D\\u0020-\\uD7FF\\uE000-\\uFFFD\uD800\uDC00-\uDBFF\uDFFF]"); - for (Entry> entry : report.entrySet()) { - if(reportFilter.cancel == true){ - break; - } - int cc = 0; - Element artifact = new Element("Artifact"); - Long objId = entry.getKey().getObjectID(); - Content cont = skCase.getContentById(objId); - Long filesize = cont.getSize(); - artifact.setAttribute("ID", objId.toString()); - artifact.setAttribute("Name", cont.accept(new NameVisitor())); - artifact.setAttribute("Size", filesize.toString()); - - // Get all the attributes for this guy - for (BlackboardAttribute tempatt : entry.getValue()) - { - if(reportFilter.cancel == true){ - break; - } - Element attribute = new Element("Attribute").setAttribute("Type",tempatt.getAttributeTypeDisplayName()); - String tempvalue = tempatt.getValueString(); - //INVALID_XML_CHARS.matcher(tempvalue).replaceAll(""); - Element value = new Element("Value").setText(tempvalue); - attribute.addContent(value); - Element context = new Element("Context").setText(StringEscapeUtils.escapeXml(tempatt.getContext())); - attribute.addContent(context); - artifact.addContent(attribute); - cc++; - } - - if(entry.getKey().getArtifactTypeID() == 1){ - //while (entry.getValue().iterator().hasNext()) - // { - // } - nodeGen.addContent(artifact); + summary.addContent(new Element("Name").setText(caseName)); + summary.addContent(new Element("Total-Images").setText(imagecount.toString())); + summary.addContent(new Element("Total-FileSystems").setText(filesystemcount.toString())); + summary.addContent(new Element("Total-Files").setText(totalfiles.toString())); + summary.addContent(new Element("Total-Directories").setText(totaldirs.toString())); + root.addContent(summary); + //generate the nodes for each of the types so we can use them later + Element nodeGen = new Element("General-Information"); + Element nodeWebBookmark = new Element("Web-Bookmarks"); + Element nodeWebCookie = new Element("Web-Cookies"); + Element nodeWebHistory = new Element("Web-History"); + Element nodeWebDownload = new Element("Web-Downloads"); + Element nodeRecentObjects = new Element("Recent-Documents"); + Element nodeTrackPoint = new Element("Track-Points"); + Element nodeInstalled = new Element("Installed-Programfiles"); + Element nodeKeyword = new Element("Keyword-Search-Hits"); + Element nodeHash = new Element("Hashset-Hits"); + Element nodeDevice = new Element("Attached-Devices"); + //remove bytes + Pattern INVALID_XML_CHARS = Pattern.compile("[^\\u0009\\u000A\\u000D\\u0020-\\uD7FF\\uE000-\\uFFFD\uD800\uDC00-\uDBFF\uDFFF]"); + for (Entry> entry : report.entrySet()) { + if (reportFilter.cancel == true) { + break; + } + int cc = 0; + Element artifact = new Element("Artifact"); + Long objId = entry.getKey().getObjectID(); + Content cont = skCase.getContentById(objId); + Long filesize = cont.getSize(); + artifact.setAttribute("ID", objId.toString()); + artifact.setAttribute("Name", cont.accept(new NameVisitor())); + artifact.setAttribute("Size", filesize.toString()); + + // Get all the attributes for this guy + for (BlackboardAttribute tempatt : entry.getValue()) { + if (reportFilter.cancel == true) { + break; + } + Element attribute = new Element("Attribute").setAttribute("Type", tempatt.getAttributeTypeDisplayName()); + String tempvalue = tempatt.getValueString(); + //INVALID_XML_CHARS.matcher(tempvalue).replaceAll(""); + Element value = new Element("Value").setText(tempvalue); + attribute.addContent(value); + Element context = new Element("Context").setText(StringEscapeUtils.escapeXml(tempatt.getContext())); + attribute.addContent(context); + artifact.addContent(attribute); + cc++; + } + + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getTypeID()) { + //while (entry.getValue().iterator().hasNext()) + // { + // } + nodeGen.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID()) { + + + nodeWebBookmark.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getTypeID()) { + + nodeWebCookie.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID()) { + + nodeWebHistory.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getTypeID()) { + nodeWebDownload.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getTypeID()) { + nodeRecentObjects.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getTypeID()) { + nodeTrackPoint.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getTypeID()) { + nodeInstalled.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) { + nodeKeyword.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()) { + nodeHash.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID()) { + nodeDevice.addContent(artifact); + } + cc++; + rr.progBarSet(cc); + //end of master loop } - if(entry.getKey().getArtifactTypeID() == 2){ - - - nodeWebBookmark.addContent(artifact); - } - if(entry.getKey().getArtifactTypeID() == 3){ - - nodeWebCookie.addContent(artifact); - } - if(entry.getKey().getArtifactTypeID() == 4){ - - nodeWebHistory.addContent(artifact); - } - if(entry.getKey().getArtifactTypeID() == 5){ - nodeWebDownload.addContent(artifact); - } - if(entry.getKey().getArtifactTypeID() == 6){ - nodeRecentObjects.addContent(artifact); - } - if(entry.getKey().getArtifactTypeID() == 7){ - nodeTrackPoint.addContent(artifact); - } - if(entry.getKey().getArtifactTypeID() == 8){ - nodeInstalled.addContent(artifact); - } - if(entry.getKey().getArtifactTypeID() == 9){ - nodeKeyword.addContent(artifact); - } - if(entry.getKey().getArtifactTypeID() == 10){ - nodeHash.addContent(artifact); - } - if(entry.getKey().getArtifactTypeID() == 11){ - nodeDevice.addContent(artifact); - } - cc++; - rr.progBarSet(cc); - //end of master loop - } - - //add them in the order we want them to the document + + //add them in the order we want them to the document root.addContent(nodeGen); root.addContent(nodeWebBookmark); root.addContent(nodeWebCookie); @@ -162,26 +180,24 @@ public class reportXML { root.addContent(nodeTrackPoint); root.addContent(nodeInstalled); root.addContent(nodeKeyword); - root.addContent(nodeHash); + root.addContent(nodeHash); root.addContent(nodeDevice); - - try { - FileOutputStream out = new FileOutputStream(currentCase.getCaseDirectory()+"/Reports/" + caseName + "-" + datenotime + ".xml"); - XMLOutputter serializer = new XMLOutputter(); - serializer.output(xmldoc, out); - out.flush(); - out.close(); - } - catch (IOException e) { - System.err.println(e); - } - } - catch (Exception e){ - Logger.getLogger(reportXML.class.getName()).log(Level.WARNING, "Exception occurred", e); + try { + FileOutputStream out = new FileOutputStream(currentCase.getCaseDirectory() + "/Reports/" + caseName + "-" + datenotime + ".xml"); + XMLOutputter serializer = new XMLOutputter(); + serializer.output(xmldoc, out); + out.flush(); + out.close(); + } catch (IOException e) { + System.err.println(e); + } + + } catch (Exception e) { + Logger.getLogger(reportXML.class.getName()).log(Level.WARNING, "Exception occurred", e); + } } - } - + private class NameVisitor extends ContentVisitor.Default { @Override From 539ba214daf98609eb65699903872b5225d58671 Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Wed, 2 May 2012 15:22:20 -0700 Subject: [PATCH 04/22] date tweak to ExtractRegistry.java Signed-off-by: Alex Ebadirad --- .../org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java | 4 ++-- .../src/org/sleuthkit/autopsy/recentactivity/Firefox.java | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java index 4015ed6455..94b27c0041 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java @@ -193,7 +193,7 @@ public class ExtractRegistry { try { Long epochtime = new SimpleDateFormat("EEE MMM d HH:mm:ss yyyy").parse(etime).getTime(); time = epochtime.longValue(); - String Tempdate = time.toString() + "000"; + String Tempdate = time.toString(); time = Long.valueOf(Tempdate); } catch (ParseException e) { logger.log(Level.SEVERE, "RegRipper::Conversion on DateTime -> ", e.getMessage()); @@ -263,7 +263,7 @@ public class ExtractRegistry { try { Long epochtime = new SimpleDateFormat("EEE MMM d HH:mm:ss yyyy").parse(value).getTime(); installtime = epochtime.longValue(); - String Tempdate = installtime.toString() + "000"; + String Tempdate = installtime.toString(); installtime = Long.valueOf(Tempdate); } catch (ParseException e) { logger.log(Level.SEVERE, "RegRipper::Conversion on DateTime -> ", e.getMessage()); diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java index 2a9aab42ac..8af063c670 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java @@ -61,7 +61,7 @@ public class Firefox { public Firefox() { } - public void getffdb(List image, IngestImageWorkerController controller) throws SQLException { + public void getffdb(List image, IngestImageWorkerController controller) { //Make these seperate, this is for history try { Case currentCase = Case.getCurrentCase(); // get the most updated case From d9e95a98be7e779c24bcb5a084f23678e4d8188f Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Wed, 2 May 2012 16:37:46 -0700 Subject: [PATCH 05/22] Clean up on the reporting displaying of dates to match GUI. Signed-off-by: Alex Ebadirad --- .../sleuthkit/autopsy/report/reportHTML.java | 20 ++++++++++++------- .../sleuthkit/autopsy/report/reportUtils.java | 3 +-- 2 files changed, 14 insertions(+), 9 deletions(-) diff --git a/Report/src/org/sleuthkit/autopsy/report/reportHTML.java b/Report/src/org/sleuthkit/autopsy/report/reportHTML.java index f1fc88bf56..7bee690727 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportHTML.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportHTML.java @@ -251,16 +251,22 @@ public class reportHTML { break; } String value = ""; - int type = tempatt.getAttributeTypeID(); - if (tempatt.getValueString() == null || "null".equals(tempatt.getValueString())) { - } else if (type == 2 || type == 33) { - value = new java.text.SimpleDateFormat("MM/dd/yyyy HH:mm:ss").format(new java.util.Date((tempatt.getValueLong()))); - if (value == null || "".equals(value)) { - value = tempatt.getValueString(); - } + Integer type = tempatt.getAttributeTypeID(); + if (type.equals(2) || type.equals(33)) { + try{ + SimpleDateFormat sdf = new java.text.SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); + value = sdf.format(new java.util.Date((tempatt.getValueLong()))); + } + catch(Exception ex){ + + } } else { value = tempatt.getValueString(); } + if(value == null || value.isEmpty()) + { + value = ""; + } value = reportUtils.insertPeriodically(value, "
", 30); attributes.put(type, value); cc++; diff --git a/Report/src/org/sleuthkit/autopsy/report/reportUtils.java b/Report/src/org/sleuthkit/autopsy/report/reportUtils.java index c07f277da8..e5fd9414c1 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportUtils.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportUtils.java @@ -35,8 +35,7 @@ public class reportUtils { } } - public static String insertPeriodically( - String text, String insert, int period) { + public static String insertPeriodically(String text, String insert, int period) { StringBuilder builder = new StringBuilder( text.length() + insert.length() * (text.length() / period) + 1); From 7e07f94d7f7ec0be504557156cf795e913b78b4d Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Fri, 4 May 2012 10:15:25 -0700 Subject: [PATCH 06/22] Bug fixes to hardcoded attribute types for reports, domain's having leading periods, and domain now displays for IE. --- .../autopsy/recentactivity/Chrome.java | 1 + .../autopsy/recentactivity/ExtractIE.java | 8 +- .../autopsy/recentactivity/Firefox.java | 6 +- .../autopsy/recentactivity/Util.java | 4 +- .../sleuthkit/autopsy/report/reportHTML.java | 54 +++++------ .../sleuthkit/autopsy/report/reportPanel.java | 2 - .../sleuthkit/autopsy/report/reportXLS.java | 92 +++++++++++-------- .../sleuthkit/autopsy/report/reportXML.java | 11 +-- 8 files changed, 94 insertions(+), 84 deletions(-) diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chrome.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chrome.java index b02082f2da..09e122d799 100755 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chrome.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chrome.java @@ -190,6 +190,7 @@ public class Chrome { BlackboardArtifact bbart = FFSqlitedb.get(j).newArtifact(ARTIFACT_TYPE.TSK_WEB_COOKIE); Collection bbattributes = new ArrayList(); String domain = temprs.getString("host_key"); + domain = domain.replaceFirst("^\\.+(?!$)", ""); bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_URL.getTypeID(), "RecentActivity", "", temprs.getString("host_key"))); bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID(), "RecentActivity", "Last Visited", (temprs.getLong("last_access_utc") / 10000))); bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_VALUE.getTypeID(), "RecentActivity", "", temprs.getString("value"))); diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java index 015fda17fa..d7072e8221 100755 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java @@ -191,7 +191,9 @@ public class ExtractIE { // implements BrowserActivity { Long datetime = Cookie.getCrtime(); String Tempdate = datetime.toString() + "000"; datetime = Long.valueOf(Tempdate); - String domain = Util.extractDomain(url); + String domain = url; + domain = domain.replaceFirst("^\\.+(?!$)", ""); + domain = domain.replaceFirst("/", ""); try { BlackboardArtifact bbart = Cookie.newArtifact(ARTIFACT_TYPE.TSK_WEB_COOKIE); Collection bbattributes = new ArrayList(); @@ -253,10 +255,8 @@ public class ExtractIE { // implements BrowserActivity { if (fav.getSize() > 0) { bytesRead = fav.read(t, 0, fav.getSize()); // read the data } - - + // set the data on the bottom and show it - String recentString = new String(); diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java index 8af063c670..dca64be7f7 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java @@ -21,7 +21,6 @@ package org.sleuthkit.autopsy.recentactivity; import java.io.File; -import java.io.IOException; import java.net.URLDecoder; import java.sql.ResultSet; import java.sql.SQLException; @@ -31,7 +30,6 @@ import java.util.Collection; import java.util.List; import java.util.logging.Level; import java.util.logging.Logger; -import org.openide.util.Exceptions; import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.autopsy.datamodel.ContentUtils; import org.sleuthkit.autopsy.ingest.IngestImageWorkerController; @@ -226,7 +224,9 @@ public class Firefox { bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_VALUE.getTypeID(), "RecentActivity", "", temprs.getString("value"))); bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME.getTypeID(), "RecentActivity", "Title", ((temprs.getString("name") != null) ? temprs.getString("name") : ""))); bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID(), "RecentActivity", "", "FireFox")); - bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DOMAIN.getTypeID(), "RecentActivity", "", Util.getBaseDomain(temprs.getString("host")))); + String domain = Util.getBaseDomain(temprs.getString("host")); + domain = domain.replaceFirst("^\\.+(?!$)", ""); + bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DOMAIN.getTypeID(), "RecentActivity", "", domain)); bbart.addAttributes(bbattributes); } catch (Exception ex) { logger.log(Level.WARNING, "Error while trying to read into a sqlite db.{0}", ex); diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Util.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Util.java index 28c27199ef..e52a1a2b9e 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Util.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Util.java @@ -137,7 +137,9 @@ public class Util { try { URL url = new URL(value); result = url.getHost(); - } catch (Exception e) { + } catch (Exception e) + { + logger.log(Level.WARNING, "Error while trying to convert url to domain." + value, e); } return result; diff --git a/Report/src/org/sleuthkit/autopsy/report/reportHTML.java b/Report/src/org/sleuthkit/autopsy/report/reportHTML.java index 7bee690727..25932bdca3 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportHTML.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportHTML.java @@ -252,7 +252,7 @@ public class reportHTML { } String value = ""; Integer type = tempatt.getAttributeTypeID(); - if (type.equals(2) || type.equals(33)) { + if (type.equals(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID()) || type.equals(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID())) { try{ SimpleDateFormat sdf = new java.text.SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); value = sdf.format(new java.util.Date((tempatt.getValueLong()))); @@ -279,42 +279,42 @@ public class reportHTML { nodeGen.append(artifact); } if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID()) { - artifact.append("").append(attributes.get(1)).append(""); - artifact.append("").append(attributes.get(3)).append(""); - artifact.append("").append(attributes.get(4)).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())).append(""); artifact.append(""); nodeWebBookmark.append(artifact); } if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getTypeID()) { - artifact.append("").append(attributes.get(1)).append(""); - artifact.append("").append(attributes.get(2)).append(""); - artifact.append("").append(attributes.get(3)).append(""); - artifact.append("").append(attributes.get(6)).append(""); - artifact.append("").append(attributes.get(4)).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_VALUE.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())).append(""); artifact.append(""); nodeWebCookie.append(artifact); } if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID()) { - artifact.append("").append(attributes.get(1)).append(""); - artifact.append("").append(attributes.get(33)).append(""); - artifact.append("").append(attributes.get(32)).append(""); - artifact.append("").append(attributes.get(3)).append(""); - artifact.append("").append(attributes.get(4)).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_REFERRER.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())).append(""); artifact.append(""); nodeWebHistory.append(artifact); } if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getTypeID()) { - artifact.append("").append(attributes.get(8)).append(""); - artifact.append("").append(attributes.get(1)).append(""); - artifact.append("").append(attributes.get(33)).append(""); - artifact.append("").append(attributes.get(4)).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())).append(""); artifact.append(""); nodeWebDownload.append(artifact); } if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getTypeID()) { //artifact.append("").append(objId.toString()); - artifact.append("").append(attributes.get(3)).append(""); - artifact.append("").append(attributes.get(8)).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH.getTypeID())).append(""); artifact.append("").append(file.getName()).append(""); artifact.append(""); nodeRecentObjects.append(artifact); @@ -327,8 +327,8 @@ public class reportHTML { nodeTrackPoint.append(artifact); } if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getTypeID()) { - artifact.append("").append(attributes.get(4)).append(""); - artifact.append("").append(attributes.get(2)).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())).append(""); artifact.append(""); nodeInstalled.append(artifact); } @@ -341,15 +341,15 @@ public class reportHTML { // artifact.append("").append(objId.toString()); artifact.append("").append(file.getName().toString()).append(""); artifact.append("").append(filesize.toString()).append(""); - //artifact.append("").append(attributes.get(31)).append(""); - artifact.append("").append(attributes.get(30)).append(""); + //artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_INTERESTING_FILE.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_HASHSET_NAME.getTypeID())).append(""); artifact.append(""); nodeHash.append(artifact); } if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID()) { - artifact.append("").append(attributes.get(18)).append(""); - artifact.append("").append(attributes.get(20)).append(""); - artifact.append("").append(attributes.get(2)).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DEVICE_MODEL.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DEVICE_ID.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())).append(""); artifact.append(""); nodeDevice.append(artifact); } diff --git a/Report/src/org/sleuthkit/autopsy/report/reportPanel.java b/Report/src/org/sleuthkit/autopsy/report/reportPanel.java index 337c9012ff..667ccde9a9 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportPanel.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportPanel.java @@ -27,8 +27,6 @@ import java.text.SimpleDateFormat; import java.util.Date; import javax.swing.JFileChooser; import javax.swing.JOptionPane; -import javax.swing.event.HyperlinkEvent; -import javax.swing.event.HyperlinkListener; import org.jdom.output.XMLOutputter; /** diff --git a/Report/src/org/sleuthkit/autopsy/report/reportXLS.java b/Report/src/org/sleuthkit/autopsy/report/reportXLS.java index bff3e66243..1c162277d3 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportXLS.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportXLS.java @@ -45,7 +45,7 @@ public class reportXLS { public reportXLS(HashMap> report, reportFilter rr) { //Empty the workbook first Workbook wbtemp = new XSSFWorkbook(); - + int countGen = 0; int countBookmark = 0; int countCookie = 0; @@ -111,6 +111,7 @@ public class reportXLS { //The first summary report page Sheet sheetSummary = wbtemp.createSheet("Summary"); + //Generate a sheet per artifact type // Sheet sheetGen = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getDisplayName()); Sheet sheetHash = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getDisplayName()); @@ -128,22 +129,31 @@ public class reportXLS { CellStyle style = wbtemp.createCellStyle(); style.setBorderBottom((short) 2); Font font = wbtemp.createFont(); - font.setFontHeightInPoints((short) 16); - font.setFontName("Courier New"); + font.setFontHeightInPoints((short) 14); + font.setFontName("Arial"); font.setBoldweight((short) 2); style.setFont(font); + + //create 'default' style + CellStyle defaultstyle = wbtemp.createCellStyle(); + defaultstyle.setBorderBottom((short) 2); + Font defaultfont = wbtemp.createFont(); + defaultfont.setFontHeightInPoints((short) 14); + defaultfont.setFontName("Arial"); + defaultfont.setBoldweight((short) 2); + defaultstyle.setFont(defaultfont); //create the rows in the worksheet for our records //Create first row and header // sheetGen.createRow(0); // sheetGen.getRow(0).createCell(0).setCellValue("Name"); // sheetGen.getRow(0).createCell(1).setCellValue("Value"); // sheetGen.getRow(0).createCell(2).setCellValue("Date/Time"); - + sheetSummary.setDefaultColumnStyle(1, defaultstyle); sheetSummary.createRow(0).setRowStyle(style); sheetSummary.getRow(0).createCell(0).setCellValue("Summary Information"); sheetSummary.getRow(0).createCell(1).setCellValue(caseName); //add some basic information - sheetSummary.createRow(1); + sheetSummary.createRow(1).setRowStyle(defaultstyle); sheetSummary.getRow(1).createCell(0).setCellValue("# of Images"); sheetSummary.getRow(1).createCell(1).setCellValue(imagecount); sheetSummary.createRow(2); @@ -160,32 +170,37 @@ public class reportXLS { sheetSummary.getRow(5).createCell(1).setCellValue(datetime); - + sheetHash.setDefaultColumnStyle(1, defaultstyle); sheetHash.createRow(0).setRowStyle(style); sheetHash.getRow(0).createCell(0).setCellValue("Name"); sheetHash.getRow(0).createCell(1).setCellValue("Size"); sheetHash.getRow(0).createCell(2).setCellValue("Hashset Name"); - + + sheetDevice.setDefaultColumnStyle(1, defaultstyle); sheetDevice.createRow(0).setRowStyle(style); sheetDevice.getRow(0).createCell(0).setCellValue("Name"); sheetDevice.getRow(0).createCell(1).setCellValue("Serial #"); sheetDevice.getRow(0).createCell(2).setCellValue("Time"); + sheetInstalled.setDefaultColumnStyle(1, defaultstyle); sheetInstalled.createRow(0).setRowStyle(style); sheetInstalled.getRow(0).createCell(0).setCellValue("Program Name"); sheetInstalled.getRow(0).createCell(1).setCellValue("Install Date/Time"); + sheetKeyword.setDefaultColumnStyle(1, defaultstyle); sheetKeyword.createRow(0).setRowStyle(style); sheetKeyword.getRow(0).createCell(0).setCellValue("Keyword"); sheetKeyword.getRow(0).createCell(1).setCellValue("File Name"); sheetKeyword.getRow(0).createCell(2).setCellValue("Preview"); sheetKeyword.getRow(0).createCell(3).setCellValue("Keyword LIst"); + sheetRecent.setDefaultColumnStyle(1, defaultstyle); sheetRecent.createRow(0).setRowStyle(style); sheetRecent.getRow(0).createCell(0).setCellValue("Name"); sheetRecent.getRow(0).createCell(1).setCellValue("Path"); sheetRecent.getRow(0).createCell(2).setCellValue("Related Shortcut"); + sheetCookie.setDefaultColumnStyle(1, defaultstyle); sheetCookie.createRow(0).setRowStyle(style); sheetCookie.getRow(0).createCell(0).setCellValue("URL"); sheetCookie.getRow(0).createCell(1).setCellValue("Date"); @@ -193,17 +208,20 @@ public class reportXLS { sheetCookie.getRow(0).createCell(3).setCellValue("Value"); sheetCookie.getRow(0).createCell(4).setCellValue("Program"); + sheetBookmark.setDefaultColumnStyle(1, defaultstyle); sheetBookmark.createRow(0).setRowStyle(style); sheetBookmark.getRow(0).createCell(0).setCellValue("URL"); sheetBookmark.getRow(0).createCell(1).setCellValue("Title"); sheetBookmark.getRow(0).createCell(2).setCellValue("Program"); + sheetDownload.setDefaultColumnStyle(1, defaultstyle); sheetDownload.createRow(0).setRowStyle(style); sheetDownload.getRow(0).createCell(0).setCellValue("File"); sheetDownload.getRow(0).createCell(1).setCellValue("Source"); sheetDownload.getRow(0).createCell(2).setCellValue("Time"); sheetDownload.getRow(0).createCell(3).setCellValue("Program"); + sheetHistory.setDefaultColumnStyle(1, defaultstyle); sheetHistory.createRow(0).setRowStyle(style); sheetHistory.getRow(0).createCell(0).setCellValue("URL"); sheetHistory.getRow(0).createCell(1).setCellValue("Date"); @@ -277,43 +295,43 @@ public class reportXLS { if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID()) { countedBookmark++; Row temp = sheetBookmark.createRow(countedBookmark); - temp.createCell(0).setCellValue(attributes.get(1)); - temp.createCell(1).setCellValue(attributes.get(3)); - temp.createCell(2).setCellValue(attributes.get(4)); + temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())); + temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())); + temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); } if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getTypeID()) { countedCookie++; Row temp = sheetCookie.createRow(countedCookie); - temp.createCell(0).setCellValue(attributes.get(1)); - temp.createCell(1).setCellValue(attributes.get(2)); - temp.createCell(2).setCellValue(attributes.get(3)); - temp.createCell(3).setCellValue(attributes.get(6)); - temp.createCell(4).setCellValue(attributes.get(4)); + temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())); + temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())); + temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())); + temp.createCell(3).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_VALUE.getTypeID())); + temp.createCell(4).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); } if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID()) { countedHistory++; Row temp = sheetHistory.createRow(countedHistory); - temp.createCell(0).setCellValue(attributes.get(1)); - temp.createCell(1).setCellValue(attributes.get(33)); - temp.createCell(2).setCellValue(attributes.get(32)); - temp.createCell(3).setCellValue(attributes.get(3)); - temp.createCell(4).setCellValue(attributes.get(4)); + temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())); + temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID())); + temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_REFERRER.getTypeID())); + temp.createCell(3).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())); + temp.createCell(4).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); } if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getTypeID()) { countedDownload++; Row temp = sheetDownload.createRow(countedDownload); - temp.createCell(0).setCellValue(attributes.get(8)); - temp.createCell(1).setCellValue(attributes.get(1)); - temp.createCell(2).setCellValue(attributes.get(33)); - temp.createCell(3).setCellValue(attributes.get(4)); + temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH.getTypeID())); + temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())); + temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID())); + temp.createCell(3).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); } if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getTypeID()) { countedRecentObjects++; Row temp = sheetRecent.createRow(countedRecentObjects); - temp.createCell(0).setCellValue(attributes.get(3)); - temp.createCell(1).setCellValue(attributes.get(8)); + temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())); + temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH.getTypeID())); temp.createCell(2).setCellValue(file.getName()); - temp.createCell(3).setCellValue(attributes.get(4)); + temp.createCell(3).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); } if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getTypeID()) { // sheetTrackpoint.addContent(artifact); @@ -321,30 +339,30 @@ public class reportXLS { if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getTypeID()) { countedInstalled++; Row temp = sheetInstalled.createRow(countedInstalled); - temp.createCell(0).setCellValue(attributes.get(4)); - temp.createCell(1).setCellValue(attributes.get(2)); + temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); + temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())); } if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) { countedKeyword++; Row temp = sheetKeyword.createRow(countedKeyword); - temp.createCell(0).setCellValue(attributes.get(10)); - temp.createCell(1).setCellValue(attributes.get(3)); - temp.createCell(2).setCellValue(attributes.get(12)); - temp.createCell(3).setCellValue(attributes.get(13)); + temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD.getTypeID())); + temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())); + temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_PREVIEW.getTypeID())); + temp.createCell(3).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_SET.getTypeID())); } if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()) { countedHash++; Row temp = sheetHash.createRow(countedHash); temp.createCell(0).setCellValue(file.getName().toString()); temp.createCell(1).setCellValue(filesize.toString()); - temp.createCell(2).setCellValue(attributes.get(30)); + temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_HASHSET_NAME.getTypeID())); } if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID()) { countedDevice++; Row temp = sheetDevice.createRow(countedDevice); - temp.createCell(0).setCellValue(attributes.get(18)); - temp.createCell(1).setCellValue(attributes.get(20)); - temp.createCell(2).setCellValue(attributes.get(2)); + temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DEVICE_MODEL.getTypeID())); + temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DEVICE_ID.getTypeID())); + temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())); } diff --git a/Report/src/org/sleuthkit/autopsy/report/reportXML.java b/Report/src/org/sleuthkit/autopsy/report/reportXML.java index eb03ff140f..ec9837b7fe 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportXML.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportXML.java @@ -34,20 +34,11 @@ import java.util.regex.Pattern; import org.apache.commons.lang3.StringEscapeUtils; import org.jdom.Comment; import org.jdom.Document; -import org.jdom.Document.*; import org.jdom.Element; import org.jdom.output.XMLOutputter; import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.autopsy.ingest.IngestManager; -import org.sleuthkit.datamodel.BlackboardArtifact; -import org.sleuthkit.datamodel.BlackboardAttribute; -import org.sleuthkit.datamodel.Content; -import org.sleuthkit.datamodel.ContentVisitor; -import org.sleuthkit.datamodel.Directory; -import org.sleuthkit.datamodel.File; -import org.sleuthkit.datamodel.Image; -import org.sleuthkit.datamodel.SleuthkitCase; -import org.sleuthkit.datamodel.TskData; +import org.sleuthkit.datamodel.*; public class reportXML { From 03fb435f73686787741db5aed6e2a4d3cc721b8f Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Tue, 8 May 2012 16:02:04 -0700 Subject: [PATCH 07/22] Reporting framework change and addition. --- .../autopsy/report/ReportModule.java | 3 + .../org/sleuthkit/autopsy/report/report.java | 187 +----------------- .../sleuthkit/autopsy/report/reportHTML.java | 68 ++++++- .../autopsy/report/reportPanelAction.java | 74 ++++--- .../sleuthkit/autopsy/report/reportXLS.java | 69 +++++-- .../sleuthkit/autopsy/report/reportXML.java | 59 +++++- 6 files changed, 226 insertions(+), 234 deletions(-) diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportModule.java b/Report/src/org/sleuthkit/autopsy/report/ReportModule.java index adeb12867c..635c38560d 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportModule.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportModule.java @@ -33,6 +33,9 @@ public interface ReportModule { * @throws ReportModuleException if report generation failed */ public String generateReport() throws ReportModuleException; + + //If it uses a report configuration and reports back to the gui its progress + public String generateReport(ReportConfiguration config, reportFilter rr) throws ReportModuleException; /** * This saves a copy of the report (current one) to another place specified diff --git a/Report/src/org/sleuthkit/autopsy/report/report.java b/Report/src/org/sleuthkit/autopsy/report/report.java index 16f6578383..e2ad90b02f 100644 --- a/Report/src/org/sleuthkit/autopsy/report/report.java +++ b/Report/src/org/sleuthkit/autopsy/report/report.java @@ -40,184 +40,16 @@ public class report { private void report() { } - public HashMap> getGenInfo() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try { - ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO); - for (BlackboardArtifact artifact : bbart) { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } - } catch (Exception e) { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; - } - - public HashMap> getWebHistory() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try { - ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY); - for (BlackboardArtifact artifact : bbart) { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } - } catch (Exception e) { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; - } - - public HashMap> getWebCookie() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try { - ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE); - for (BlackboardArtifact artifact : bbart) { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } - } catch (Exception e) { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; - } - - public HashMap> getWebBookmark() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try { - ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK); - for (BlackboardArtifact artifact : bbart) { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } - } catch (Exception e) { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; - } - - public HashMap> getWebDownload() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try { - ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD); - for (BlackboardArtifact artifact : bbart) { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } - } catch (Exception e) { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; - } - - public HashMap> getRecentObject() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try { - ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT); - for (BlackboardArtifact artifact : bbart) { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } - } catch (Exception e) { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; - } - - public HashMap> getKeywordHit() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try { - ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT); - for (BlackboardArtifact artifact : bbart) { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } - } catch (Exception e) { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; - } - - public HashMap> getHashHit() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try { - ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT); - for (BlackboardArtifact artifact : bbart) { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } - } catch (Exception e) { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; - } - - public HashMap> getInstalledProg() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try { - ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG); - for (BlackboardArtifact artifact : bbart) { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } - } catch (Exception e) { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; - } - - public HashMap> getDevices() { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try { - ArrayList bbart = tempDb.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED); - for (BlackboardArtifact artifact : bbart) { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } - } catch (Exception e) { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return reportMap; - } - public String getGroupedKeywordHit() { StringBuilder table = new StringBuilder(); HashMap> reportMap = new HashMap>(); Case currentCase = Case.getCurrentCase(); // get the most updated case SleuthkitCase tempDb = currentCase.getSleuthkitCase(); try { + ResultSet uniqueresults = tempDb.runQuery("SELECT DISTINCT value_text from blackboard_attributes where attribute_type_id = '10' order by value_text ASC"); - while (uniqueresults.next()) { + + while (uniqueresults.next()) { table.append("").append(uniqueresults.getString("value_text")).append(""); table.append(""); ArrayList artlist = new ArrayList(); @@ -225,6 +57,7 @@ public class report { while (tempresults.next()) { artlist.add(tempDb.getBlackboardArtifact(tempresults.getLong("artifact_id"))); } + for (BlackboardArtifact art : artlist) { String filename = tempDb.getFsContentById(art.getObjectID()).getName(); String preview = ""; @@ -232,25 +65,23 @@ public class report { table.append(""); ArrayList tempatts = art.getAttributes(); for (BlackboardAttribute att : tempatts) { - if (att.getAttributeTypeID() == 12) { + if (att.getAttributeTypeID() == BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_REGEXP.getTypeID()) { preview = ""; } - if (att.getAttributeTypeID() == 13) { + if (att.getAttributeTypeID() == BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_PREVIEW.getTypeID()) { set = ""; } } table.append(preview).append(set).append(""); } - - + table.append("
").append("File Name").append("PreviewKeyword List
").append(filename).append("" + att.getValueString() + "" + att.getValueString() + "


"); } } catch (Exception e) { Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); } - - String result = table.toString(); - return result; + + return table.toString(); } public HashMap> getAllTypes(ReportConfiguration config) { diff --git a/Report/src/org/sleuthkit/autopsy/report/reportHTML.java b/Report/src/org/sleuthkit/autopsy/report/reportHTML.java index 25932bdca3..7926c55d91 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportHTML.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportHTML.java @@ -22,6 +22,7 @@ package org.sleuthkit.autopsy.report; import java.io.BufferedWriter; import java.io.FileOutputStream; +import java.io.IOException; import java.io.OutputStreamWriter; import java.io.Writer; import java.text.DateFormat; @@ -45,16 +46,24 @@ import org.sleuthkit.datamodel.TskData; * * @author Alex */ -public class reportHTML { - +public class reportHTML implements ReportModule{ //Declare our publically accessible formatted report, this will change everytime they run a report public static StringBuilder formatted_Report = new StringBuilder(); public static StringBuilder unformatted_header = new StringBuilder(); public static StringBuilder formatted_header = new StringBuilder(); public static String htmlPath = ""; + ReportConfiguration config = new ReportConfiguration(); - public reportHTML(HashMap> report, reportFilter rr) { - + reportHTML(){ + + } + + @Override + public String generateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException { + config = reportconfig; + ReportGen reportobj = new ReportGen(); + reportobj.populateReport(reportconfig); + HashMap> report = reportobj.Results; //This is literally a terrible way to count up all the types of artifacts, and doesn't include any added ones. //Unlike the XML report, which is dynamic, this is formatted and needs to be redone later instead of being hardcoded. //Also, clearing variables to generate new report. @@ -359,6 +368,7 @@ public class reportHTML { //Add them back in order //formatted_Report.append(nodeGen); // formatted_Report.append(""); + if (countWebBookmark > 0) { formatted_Report.append(nodeWebBookmark); formatted_Report.append(""); @@ -406,15 +416,53 @@ public class reportHTML { formatted_header.append(formatted_Report); // unformatted_header.append(formatted_Report); htmlPath = currentCase.getCaseDirectory() + "/Reports/" + caseName + "-" + datenotime + ".html"; - Writer out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(htmlPath), "UTF-8")); - out.write(formatted_header.toString()); - - out.flush(); - out.close(); - + this.save(htmlPath); + } catch (Exception e) { Logger.getLogger(reportHTML.class.getName()).log(Level.WARNING, "Exception occurred", e); } + return htmlPath; } + + + @Override + public void save(String path) + { + try{ + Writer out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(htmlPath), "UTF-8")); + out.write(formatted_header.toString()); + out.flush(); + out.close(); + } + catch(IOException e){ + Logger.getLogger(reportHTML.class.getName()).log(Level.SEVERE, "Could not write out HTML report!", e); + } + + } + + @Override + public String getReportType(){ + String type = "HTML"; + return type; + } + + + @Override + public ReportConfiguration getReportConfiguration(){ + return config; + } + + + @Override + public String getReportTypeDescription(){ + String desc = "This is an html formatted report that is meant to be viewed in a modern browser."; + return desc; + } + + @Override + public String generateReport() throws ReportModuleException { + throw new UnsupportedOperationException("Not supported yet."); + } + } \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java b/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java index 72077c11df..6f3e9bfd9f 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java @@ -25,6 +25,7 @@ import java.awt.Toolkit; import java.awt.event.ActionEvent; import java.awt.event.ActionListener; import java.util.logging.Level; +import java.util.logging.Logger; import javax.swing.JDialog; import javax.swing.JFrame; import javax.swing.SwingUtilities; @@ -41,7 +42,7 @@ public class reportPanelAction { } - public void reportGenerate(ReportConfiguration reportconfig, final reportFilter rr){ + public void reportGenerate(final ReportConfiguration reportconfig, final reportFilter rr){ try { //Clear any old reports in the string viewReport.setLength(0); @@ -64,37 +65,54 @@ public class reportPanelAction { }}); //Turn our results into the appropriate xml/html reports //TODO: add a way for users to select what they will run when - Thread xmlthread = new Thread(new Runnable() + Thread reportThread = new Thread(new Runnable() { @Override public void run() - { - reportXML xmlReport = new reportXML(report.Results, rr); - } - }); - Thread htmlthread = new Thread(new Runnable() - { - @Override - public void run() - { - reportHTML htmlReport = new reportHTML(report.Results,rr); + { + StopWatch a = new StopWatch(); + a.start(); + reportHTML htmlReport = new reportHTML(); + try{ + htmlReport.generateReport(reportconfig, rr); BrowserControl.openUrl(reportHTML.htmlPath); + } + catch(ReportModuleException e){ + Logger.getLogger(reportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the htmlReport", e); + } + a.stop(); + System.out.println("html in milliseconds: " + a.getElapsedTime()); + + StopWatch s = new StopWatch(); + s.start(); + reportXLS xlsReport = new reportXLS(); + try{ + xlsReport.generateReport(reportconfig,rr); + } + catch(ReportModuleException e){ + Logger.getLogger(reportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the XLS Report", e); + } + s.stop(); + System.out.println("xls in milliseconds: " + s.getElapsedTime()); + + StopWatch S = new StopWatch(); + S.start(); + reportXML xmlReport = new reportXML(); + try{ + xmlReport.generateReport(reportconfig,rr); + } + catch(ReportModuleException e){ + Logger.getLogger(reportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the XML Report", e); + } + S.stop(); + System.out.println("xml in milliseconds: " + S.getElapsedTime()); } }); - Thread xlsthread = new Thread(new Runnable() - { - @Override - public void run() - { - reportXLS xlsReport = new reportXLS(report.Results,rr); - // - } - }); + // start our threads - xmlthread.start(); - htmlthread.start(); - xlsthread.start(); + reportThread.start(); + // display the window // create the popUp window for it @@ -105,7 +123,7 @@ public class reportPanelAction { // initialize panel with loaded settings - htmlthread.join(); + //Set the temporary label to let the user know its done and is waiting on the report rr.progBarText(); final reportPanel panel = new reportPanel(); @@ -128,11 +146,13 @@ public class reportPanelAction { double w = popUpWindow.getSize().getWidth(); double h = popUpWindow.getSize().getHeight(); popUpWindow.setLocation((int) ((screenDimension.getWidth() - w) / 2), (int) ((screenDimension.getHeight() - h) / 2)); + + reportThread.join(); rr.progBarDone(); panel.setFinishedReportText(); popUpWindow.setVisible(true); - xmlthread.join(); - xlsthread.join(); + + } diff --git a/Report/src/org/sleuthkit/autopsy/report/reportXLS.java b/Report/src/org/sleuthkit/autopsy/report/reportXLS.java index 1c162277d3..83e46ba2dc 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportXLS.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportXLS.java @@ -29,6 +29,8 @@ import java.util.Date; import java.util.HashMap; import java.util.Map.Entry; import java.util.TreeMap; +import java.util.logging.Level; +import java.util.logging.Logger; import org.apache.poi.ss.usermodel.*; import org.apache.poi.xssf.usermodel.XSSFWorkbook; import org.sleuthkit.autopsy.casemodule.Case; @@ -38,14 +40,23 @@ import org.sleuthkit.datamodel.*; * * @author Alex */ -public class reportXLS { +public class reportXLS implements ReportModule { public static Workbook wb = new XSSFWorkbook(); + static String xlsPath = ""; + ReportConfiguration config = new ReportConfiguration(); - public reportXLS(HashMap> report, reportFilter rr) { + public reportXLS() { //Empty the workbook first - Workbook wbtemp = new XSSFWorkbook(); + } + @Override + public String generateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException { + config = reportconfig; + ReportGen reportobj = new ReportGen(); + reportobj.populateReport(reportconfig); + HashMap> report = reportobj.Results; + Workbook wbtemp = new XSSFWorkbook(); int countGen = 0; int countBookmark = 0; int countCookie = 0; @@ -371,19 +382,53 @@ public class reportXLS { } - //write out the report to the reports folder - try { - FileOutputStream fos = new FileOutputStream(currentCase.getCaseDirectory() + "/Reports/" + caseName + "-" + datenotime + ".xlsx"); - wbtemp.write(fos); - fos.close(); - wb = wbtemp; - } catch (IOException e) { - System.err.println(e); - } + //write out the report to the reports folder, set the wbtemp to the primary wb object + wb = wbtemp; + xlsPath = currentCase.getCaseDirectory() + "/Reports/" + caseName + "-" + datenotime + ".xlsx"; + this.save(xlsPath); } catch (Exception E) { String test = E.toString(); } + return xlsPath; + } + + @Override + public void save(String path) + { + try{ + FileOutputStream fos = new FileOutputStream(path); + wb.write(fos); + fos.close(); + } + catch(IOException e){ + Logger.getLogger(reportHTML.class.getName()).log(Level.SEVERE, "Could not write out XLS report!", e); + } + + } + + @Override + public String getReportType(){ + String type = "XLS"; + return type; + } + + + @Override + public ReportConfiguration getReportConfiguration(){ + return config; + } + + + @Override + public String getReportTypeDescription(){ + String desc = "This is an xls formatted report that is meant to be viewed in Excel."; + return desc; + } + + @Override + public String generateReport() throws ReportModuleException { + throw new UnsupportedOperationException("Not supported yet."); } } diff --git a/Report/src/org/sleuthkit/autopsy/report/reportXML.java b/Report/src/org/sleuthkit/autopsy/report/reportXML.java index ec9837b7fe..aaeafe4e4b 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportXML.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportXML.java @@ -40,11 +40,20 @@ import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.autopsy.ingest.IngestManager; import org.sleuthkit.datamodel.*; -public class reportXML { +public class reportXML implements ReportModule { public static Document xmldoc = new Document(); + private ReportConfiguration reportconfig = new ReportConfiguration(); + private String xmlPath; - public reportXML(HashMap> report, reportFilter rr) { + public reportXML() { + } + + @Override + public String generateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException{ + ReportGen reportobj = new ReportGen(); + reportobj.populateReport(reportconfig); + HashMap> report = reportobj.Results; try { Case currentCase = Case.getCurrentCase(); // get the most updated case SleuthkitCase skCase = currentCase.getSleuthkitCase(); @@ -173,9 +182,25 @@ public class reportXML { root.addContent(nodeKeyword); root.addContent(nodeHash); root.addContent(nodeDevice); + + + //Export it the first time + xmlPath = currentCase.getCaseDirectory() + "/Reports/" + caseName + "-" + datenotime + ".xml"; + this.save(xmlPath); - try { - FileOutputStream out = new FileOutputStream(currentCase.getCaseDirectory() + "/Reports/" + caseName + "-" + datenotime + ".xml"); + } catch (Exception e) { + Logger.getLogger(reportXML.class.getName()).log(Level.WARNING, "Exception occurred", e); + } + + return xmlPath; + } + + @Override + public void save(String path) { + + try { + + FileOutputStream out = new FileOutputStream(xmlPath); XMLOutputter serializer = new XMLOutputter(); serializer.output(xmldoc, out); out.flush(); @@ -183,10 +208,30 @@ public class reportXML { } catch (IOException e) { System.err.println(e); } + + } - } catch (Exception e) { - Logger.getLogger(reportXML.class.getName()).log(Level.WARNING, "Exception occurred", e); - } + @Override + public String getReportType() { + String type = "XML"; + return type; + } + + @Override + public ReportConfiguration getReportConfiguration() { + ReportConfiguration config = reportconfig; + return config; + } + + @Override + public String getReportTypeDescription() { + String desc = "This is an html formatted report that is meant to be viewed in a modern browser."; + return desc; + } + + @Override + public String generateReport() throws ReportModuleException { + throw new UnsupportedOperationException("Not supported yet."); } private class NameVisitor extends ContentVisitor.Default { From 0e95f006b37daea48c8317ba48015d753dbe7f17 Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Tue, 8 May 2012 16:03:20 -0700 Subject: [PATCH 08/22] Stopwatch class temporary addition to track time of execution easily on very specific parts of code Signed-off-by: Alex Ebadirad --- .../sleuthkit/autopsy/report/StopWatch.java | 60 +++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 Report/src/org/sleuthkit/autopsy/report/StopWatch.java diff --git a/Report/src/org/sleuthkit/autopsy/report/StopWatch.java b/Report/src/org/sleuthkit/autopsy/report/StopWatch.java new file mode 100644 index 0000000000..796c3af43e --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/StopWatch.java @@ -0,0 +1,60 @@ +/* + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ +package org.sleuthkit.autopsy.report; + +/** + * + * @author Alex + */ +public class StopWatch { + + private long startTime = 0; + private long stopTime = 0; + private boolean running = false; + + + public void start() { + this.startTime = System.currentTimeMillis(); + this.running = true; + } + + + public void stop() { + this.stopTime = System.currentTimeMillis(); + this.running = false; + } + + + //elaspsed time in milliseconds + public long getElapsedTime() { + long elapsed; + if (running) { + elapsed = (System.currentTimeMillis() - startTime); + } + else { + elapsed = (stopTime - startTime); + } + return elapsed; + } + + public void reset(){ + + startTime = 0; + stopTime = 0; + running = false; + } + + //elaspsed time in seconds + public long getElapsedTimeSecs() { + long elapsed; + if (running) { + elapsed = ((System.currentTimeMillis() - startTime) / 1000); + } + else { + elapsed = ((stopTime - startTime) / 1000); + } + return elapsed; + } +} \ No newline at end of file From 7a35fb2a334d745abe439ddc8e243b63443f6924 Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Thu, 10 May 2012 08:08:02 -0700 Subject: [PATCH 09/22] Tweaks to report naming and conventions Signed-off-by: Alex Ebadirad --- .../sleuthkit/autopsy/report/ReportGen.java | 8 ++-- .../autopsy/report/ReportModule.java | 12 ++--- .../org/sleuthkit/autopsy/report/layer.xml | 10 +++- .../org/sleuthkit/autopsy/report/report.java | 20 ++++---- .../autopsy/report/reportAction.java | 8 ++-- .../autopsy/report/reportFilter.java | 2 +- .../sleuthkit/autopsy/report/reportHTML.java | 46 +++++++++---------- .../sleuthkit/autopsy/report/reportPanel.java | 12 ++--- .../autopsy/report/reportPanelAction.java | 22 ++++----- .../sleuthkit/autopsy/report/reportUtils.java | 2 +- .../sleuthkit/autopsy/report/reportXLS.java | 29 ++++++------ .../sleuthkit/autopsy/report/reportXML.java | 27 +++++------ 12 files changed, 103 insertions(+), 95 deletions(-) diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportGen.java b/Report/src/org/sleuthkit/autopsy/report/ReportGen.java index 9e42746942..146f5aeff4 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportGen.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportGen.java @@ -37,13 +37,13 @@ public class ReportGen { ReportGen() { } - public void flushReport() { + public void ClearReport() { Results.clear(); } - public void populateReport(ReportConfiguration config) { - flushReport(); - report bbreport = new report(); + public void PopulateReport(ReportConfiguration config) { + ClearReport(); + Report bbreport = new Report(); Results = bbreport.getAllTypes(config); } } diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportModule.java b/Report/src/org/sleuthkit/autopsy/report/ReportModule.java index 635c38560d..46e5fac46c 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportModule.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportModule.java @@ -32,17 +32,17 @@ public interface ReportModule { * @return absolute file path to the report generated * @throws ReportModuleException if report generation failed */ - public String generateReport() throws ReportModuleException; + public String GenerateReport() throws ReportModuleException; //If it uses a report configuration and reports back to the gui its progress - public String generateReport(ReportConfiguration config, reportFilter rr) throws ReportModuleException; + public String GenerateReport(ReportConfiguration config, reportFilter rr) throws ReportModuleException; /** * This saves a copy of the report (current one) to another place specified * by the user. Takes the input of where the path needs to be saved, include * filename and extention. */ - public void save(String Path) throws ReportModuleException; + public void Save(String Path) throws ReportModuleException; /** * Returns a short description of report type/file format this module @@ -50,18 +50,18 @@ public interface ReportModule { * * @return */ - public String getReportType(); + public String GetReportType(); /** * Returns the reportconfiguration object that was created * * @return */ - public ReportConfiguration getReportConfiguration(); + public ReportConfiguration GetReportConfiguration(); /** * Returns a one line human readable description of the type of report this * module generates */ - public String getReportTypeDescription(); + public String GetReportTypeDescription(); } \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/layer.xml b/Report/src/org/sleuthkit/autopsy/report/layer.xml index c5606919b8..996b3c6b23 100644 --- a/Report/src/org/sleuthkit/autopsy/report/layer.xml +++ b/Report/src/org/sleuthkit/autopsy/report/layer.xml @@ -1,13 +1,19 @@ - + + + + + + + - + diff --git a/Report/src/org/sleuthkit/autopsy/report/report.java b/Report/src/org/sleuthkit/autopsy/report/report.java index e2ad90b02f..99242d8502 100644 --- a/Report/src/org/sleuthkit/autopsy/report/report.java +++ b/Report/src/org/sleuthkit/autopsy/report/report.java @@ -35,7 +35,7 @@ import org.sleuthkit.datamodel.SleuthkitCase; * * @author Alex */ -public class report { +public class Report { private void report() { } @@ -50,19 +50,19 @@ public class report { ResultSet uniqueresults = tempDb.runQuery("SELECT DISTINCT value_text from blackboard_attributes where attribute_type_id = '10' order by value_text ASC"); while (uniqueresults.next()) { - table.append("").append(uniqueresults.getString("value_text")).append(""); - table.append(""); + // table.append("").append(uniqueresults.getString("value_text")).append(""); + // table.append("
").append("File Name").append("PreviewKeyword List
"); ArrayList artlist = new ArrayList(); - ResultSet tempresults = tempDb.runQuery("select DISTINCT artifact_id from blackboard_attributes where attribute_type_id = '10' and value_text = '" + uniqueresults.getString("value_text") + "'"); + ResultSet tempresults = tempDb.runQuery("select DISTINCT artifact_id from blackboard_attributes where attribute_type_id = '10' and value_text = '" + uniqueresults.getString(1) + "'"); while (tempresults.next()) { - artlist.add(tempDb.getBlackboardArtifact(tempresults.getLong("artifact_id"))); + artlist.add(tempDb.getBlackboardArtifact(tempresults.getLong(1))); } for (BlackboardArtifact art : artlist) { String filename = tempDb.getFsContentById(art.getObjectID()).getName(); String preview = ""; String set = ""; - table.append(""); + // table.append(""); ArrayList tempatts = art.getAttributes(); for (BlackboardAttribute att : tempatts) { if (att.getAttributeTypeID() == BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_REGEXP.getTypeID()) { @@ -72,13 +72,13 @@ public class report { set = ""; } } - table.append(preview).append(set).append(""); + // table.append(preview).append(set).append(""); } - table.append("
").append("File Name").append("PreviewKeyword List
").append(filename).append("
").append(filename).append("" + att.getValueString() + "


"); + // table.append("

"); } } catch (Exception e) { - Logger.getLogger(report.class.getName()).log(Level.WARNING, "Exception occurred", e); + Logger.getLogger(Report.class.getName()).log(Level.WARNING, "Exception occurred", e); } return table.toString(); @@ -99,7 +99,7 @@ public class report { } } } catch (Exception e) { - Logger.getLogger(report.class.getName()).log(Level.INFO, "Exception occurred", e); + Logger.getLogger(Report.class.getName()).log(Level.INFO, "Exception occurred", e); } return reportMap; diff --git a/Report/src/org/sleuthkit/autopsy/report/reportAction.java b/Report/src/org/sleuthkit/autopsy/report/reportAction.java index afde5e4c52..f5d1383698 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportAction.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportAction.java @@ -52,13 +52,13 @@ id = "org.sleuthkit.autopsy.report.reportAction") @ActionReference(path = "Menu/Tools", position = 80) }) @Messages("CTL_reportAction=Run Report") -public final class reportAction extends CallableSystemAction implements Presenter.Toolbar { +public final class ReportAction extends CallableSystemAction implements Presenter.Toolbar { private JButton toolbarButton = new JButton(); private static final String ACTION_NAME = "Generate Report"; - static final Logger logger = Logger.getLogger(reportAction.class.getName()); + static final Logger logger = Logger.getLogger(ReportAction.class.getName()); - public reportAction() { + public ReportAction() { setEnabled(false); Case.addPropertyChangeListener(new PropertyChangeListener() { @@ -101,7 +101,7 @@ public final class reportAction extends CallableSystemAction implements Presente @Override public void actionPerformed(ActionEvent e) { - reportAction.this.actionPerformed(e); + ReportAction.this.actionPerformed(e); } }); diff --git a/Report/src/org/sleuthkit/autopsy/report/reportFilter.java b/Report/src/org/sleuthkit/autopsy/report/reportFilter.java index 6b5d308baf..37764b7663 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportFilter.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportFilter.java @@ -56,7 +56,7 @@ public class reportFilter extends javax.swing.JPanel { } catch(ReportModuleException ex) { - Logger.getLogger(report.class.getName()).log(Level.SEVERE, "Exception occurred", ex); + Logger.getLogger(Report.class.getName()).log(Level.SEVERE, "Exception occurred", ex); } } diff --git a/Report/src/org/sleuthkit/autopsy/report/reportHTML.java b/Report/src/org/sleuthkit/autopsy/report/reportHTML.java index 7926c55d91..31047f8b01 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportHTML.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportHTML.java @@ -46,27 +46,27 @@ import org.sleuthkit.datamodel.TskData; * * @author Alex */ -public class reportHTML implements ReportModule{ - //Declare our publically accessible formatted report, this will change everytime they run a report +public class ReportHTML implements ReportModule{ + //Declare our publically accessible formatted Report, this will change everytime they run a Report public static StringBuilder formatted_Report = new StringBuilder(); - public static StringBuilder unformatted_header = new StringBuilder(); - public static StringBuilder formatted_header = new StringBuilder(); - public static String htmlPath = ""; - ReportConfiguration config = new ReportConfiguration(); + private static StringBuilder unformatted_header = new StringBuilder(); + private static StringBuilder formatted_header = new StringBuilder(); + private static String htmlPath = ""; + private ReportConfiguration config = new ReportConfiguration(); - reportHTML(){ + ReportHTML(){ } @Override - public String generateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException { + public String GenerateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException { config = reportconfig; ReportGen reportobj = new ReportGen(); - reportobj.populateReport(reportconfig); + reportobj.PopulateReport(reportconfig); HashMap> report = reportobj.Results; //This is literally a terrible way to count up all the types of artifacts, and doesn't include any added ones. - //Unlike the XML report, which is dynamic, this is formatted and needs to be redone later instead of being hardcoded. - //Also, clearing variables to generate new report. + //Unlike the XML Report, which is dynamic, this is formatted and needs to be redone later instead of being hardcoded. + //Also, clearing variables to generate new Report. formatted_Report.setLength(0); unformatted_header.setLength(0); formatted_header.setLength(0); @@ -168,7 +168,7 @@ public class reportHTML implements ReportModule{ + ""; unformatted_header.append(header); unformatted_header.append(simpleCSS); - //formatted_Report.append(""); + //formatted_Report.append(""); formatted_Report.append("
"); // Add summary information now @@ -276,7 +276,7 @@ public class reportHTML implements ReportModule{ { value = ""; } - value = reportUtils.insertPeriodically(value, "
", 30); + value = ReportUtils.insertPeriodically(value, "
", 30); attributes.put(type, value); cc++; } @@ -397,7 +397,7 @@ public class reportHTML implements ReportModule{ } if (countKeyword > 0) { formatted_Report.append(nodeKeyword); - report keywords = new report(); + Report keywords = new Report(); formatted_Report.append(keywords.getGroupedKeywordHit()); // " // formatted_Report.append("
Artifact IDNameSize
"); @@ -416,52 +416,52 @@ public class reportHTML implements ReportModule{ formatted_header.append(formatted_Report); // unformatted_header.append(formatted_Report); htmlPath = currentCase.getCaseDirectory() + "/Reports/" + caseName + "-" + datenotime + ".html"; - this.save(htmlPath); + this.Save(htmlPath); } catch (Exception e) { - Logger.getLogger(reportHTML.class.getName()).log(Level.WARNING, "Exception occurred", e); + Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred", e); } return htmlPath; } @Override - public void save(String path) + public void Save(String path) { try{ - Writer out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(htmlPath), "UTF-8")); + Writer out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(path), "UTF-8")); out.write(formatted_header.toString()); out.flush(); out.close(); } catch(IOException e){ - Logger.getLogger(reportHTML.class.getName()).log(Level.SEVERE, "Could not write out HTML report!", e); + Logger.getLogger(ReportHTML.class.getName()).log(Level.SEVERE, "Could not write out HTML report!", e); } } @Override - public String getReportType(){ + public String GetReportType(){ String type = "HTML"; return type; } @Override - public ReportConfiguration getReportConfiguration(){ + public ReportConfiguration GetReportConfiguration(){ return config; } @Override - public String getReportTypeDescription(){ + public String GetReportTypeDescription(){ String desc = "This is an html formatted report that is meant to be viewed in a modern browser."; return desc; } @Override - public String generateReport() throws ReportModuleException { + public String GenerateReport() throws ReportModuleException { throw new UnsupportedOperationException("Not supported yet."); } diff --git a/Report/src/org/sleuthkit/autopsy/report/reportPanel.java b/Report/src/org/sleuthkit/autopsy/report/reportPanel.java index 667ccde9a9..0c784451ed 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportPanel.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportPanel.java @@ -132,25 +132,25 @@ private void saveReportActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FI private void exportReport(String path) { - String htmlpath = reportUtils.changeExtension(path, ".html"); - String xmlpath = reportUtils.changeExtension(path, ".xml"); - String xlspath = reportUtils.changeExtension(path, ".xlsx"); + String htmlpath = ReportUtils.changeExtension(path, ".html"); + String xmlpath = ReportUtils.changeExtension(path, ".xml"); + String xlspath = ReportUtils.changeExtension(path, ".xlsx"); try { Writer out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(htmlpath), "UTF-8")); // FileOutputStream out = new FileOutputStream(htmlpath); - out.write(reportHTML.formatted_header.toString()); + out.write(ReportHTML.formatted_header.toString()); out.flush(); out.close(); //xls report FileOutputStream fos = new FileOutputStream(xlspath); - reportXLS.wb.write(fos); + ReportXLS.wb.write(fos); fos.close(); FileOutputStream xmlout = new FileOutputStream(xmlpath); XMLOutputter serializer = new XMLOutputter(); - serializer.output(reportXML.xmldoc, xmlout); + serializer.output(ReportXML.xmldoc, xmlout); xmlout.flush(); xmlout.close(); JOptionPane.showMessageDialog(this, "Report has been successfully saved!"); diff --git a/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java b/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java index 6f3e9bfd9f..04c66130bd 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java @@ -57,7 +57,7 @@ public class reportPanelAction { public void run() { rr.progBarStartText(); }}); - report.populateReport(reportconfig); + report.PopulateReport(reportconfig); SwingUtilities.invokeLater(new Runnable() { @Override public void run() { @@ -72,37 +72,37 @@ public class reportPanelAction { { StopWatch a = new StopWatch(); a.start(); - reportHTML htmlReport = new reportHTML(); + ReportHTML htmlReport = new ReportHTML(); try{ - htmlReport.generateReport(reportconfig, rr); - BrowserControl.openUrl(reportHTML.htmlPath); + htmlReport.GenerateReport(reportconfig, rr); + BrowserControl.openUrl(ReportHTML.htmlPath); } catch(ReportModuleException e){ - Logger.getLogger(reportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the htmlReport", e); + Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the htmlReport", e); } a.stop(); System.out.println("html in milliseconds: " + a.getElapsedTime()); StopWatch s = new StopWatch(); s.start(); - reportXLS xlsReport = new reportXLS(); + ReportXLS xlsReport = new ReportXLS(); try{ - xlsReport.generateReport(reportconfig,rr); + xlsReport.GenerateReport(reportconfig,rr); } catch(ReportModuleException e){ - Logger.getLogger(reportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the XLS Report", e); + Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the XLS Report", e); } s.stop(); System.out.println("xls in milliseconds: " + s.getElapsedTime()); StopWatch S = new StopWatch(); S.start(); - reportXML xmlReport = new reportXML(); + ReportXML xmlReport = new ReportXML(); try{ - xmlReport.generateReport(reportconfig,rr); + xmlReport.GenerateReport(reportconfig,rr); } catch(ReportModuleException e){ - Logger.getLogger(reportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the XML Report", e); + Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the XML Report", e); } S.stop(); System.out.println("xml in milliseconds: " + S.getElapsedTime()); diff --git a/Report/src/org/sleuthkit/autopsy/report/reportUtils.java b/Report/src/org/sleuthkit/autopsy/report/reportUtils.java index e5fd9414c1..ba3dd55969 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportUtils.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportUtils.java @@ -24,7 +24,7 @@ package org.sleuthkit.autopsy.report; * * @author Alex */ -public class reportUtils { +public class ReportUtils { static String changeExtension(String originalName, String newExtension) { int lastDot = originalName.lastIndexOf("."); diff --git a/Report/src/org/sleuthkit/autopsy/report/reportXLS.java b/Report/src/org/sleuthkit/autopsy/report/reportXLS.java index 83e46ba2dc..e4709754ca 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportXLS.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportXLS.java @@ -22,6 +22,7 @@ package org.sleuthkit.autopsy.report; import java.io.FileOutputStream; import java.io.IOException; +import java.io.File; import java.text.DateFormat; import java.text.SimpleDateFormat; import java.util.ArrayList; @@ -40,21 +41,21 @@ import org.sleuthkit.datamodel.*; * * @author Alex */ -public class reportXLS implements ReportModule { +public class ReportXLS implements ReportModule { public static Workbook wb = new XSSFWorkbook(); - static String xlsPath = ""; - ReportConfiguration config = new ReportConfiguration(); + private static String xlsPath = ""; + private ReportConfiguration config = new ReportConfiguration(); - public reportXLS() { + public ReportXLS() { //Empty the workbook first } @Override - public String generateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException { + public String GenerateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException { config = reportconfig; ReportGen reportobj = new ReportGen(); - reportobj.populateReport(reportconfig); + reportobj.PopulateReport(reportconfig); HashMap> report = reportobj.Results; Workbook wbtemp = new XSSFWorkbook(); int countGen = 0; @@ -384,8 +385,8 @@ public class reportXLS implements ReportModule { //write out the report to the reports folder, set the wbtemp to the primary wb object wb = wbtemp; - xlsPath = currentCase.getCaseDirectory() + "/Reports/" + caseName + "-" + datenotime + ".xlsx"; - this.save(xlsPath); + xlsPath = currentCase.getCaseDirectory() + File.separator + "Reports" + File.separator + caseName + "-" + datenotime + ".xlsx"; + this.Save(xlsPath); } catch (Exception E) { String test = E.toString(); @@ -395,7 +396,7 @@ public class reportXLS implements ReportModule { } @Override - public void save(String path) + public void Save(String path) { try{ FileOutputStream fos = new FileOutputStream(path); @@ -403,32 +404,32 @@ public class reportXLS implements ReportModule { fos.close(); } catch(IOException e){ - Logger.getLogger(reportHTML.class.getName()).log(Level.SEVERE, "Could not write out XLS report!", e); + Logger.getLogger(ReportHTML.class.getName()).log(Level.SEVERE, "Could not write out XLS report!", e); } } @Override - public String getReportType(){ + public String GetReportType(){ String type = "XLS"; return type; } @Override - public ReportConfiguration getReportConfiguration(){ + public ReportConfiguration GetReportConfiguration(){ return config; } @Override - public String getReportTypeDescription(){ + public String GetReportTypeDescription(){ String desc = "This is an xls formatted report that is meant to be viewed in Excel."; return desc; } @Override - public String generateReport() throws ReportModuleException { + public String GenerateReport() throws ReportModuleException { throw new UnsupportedOperationException("Not supported yet."); } } diff --git a/Report/src/org/sleuthkit/autopsy/report/reportXML.java b/Report/src/org/sleuthkit/autopsy/report/reportXML.java index aaeafe4e4b..ab4d3ff354 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportXML.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportXML.java @@ -21,6 +21,7 @@ package org.sleuthkit.autopsy.report; import java.io.FileOutputStream; +import java.io.File; import java.io.IOException; import java.text.DateFormat; import java.text.SimpleDateFormat; @@ -40,19 +41,19 @@ import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.autopsy.ingest.IngestManager; import org.sleuthkit.datamodel.*; -public class reportXML implements ReportModule { +public class ReportXML implements ReportModule { public static Document xmldoc = new Document(); private ReportConfiguration reportconfig = new ReportConfiguration(); private String xmlPath; - public reportXML() { + public ReportXML() { } @Override - public String generateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException{ + public String GenerateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException{ ReportGen reportobj = new ReportGen(); - reportobj.populateReport(reportconfig); + reportobj.PopulateReport(reportconfig); HashMap> report = reportobj.Results; try { Case currentCase = Case.getCurrentCase(); // get the most updated case @@ -185,22 +186,22 @@ public class reportXML implements ReportModule { //Export it the first time - xmlPath = currentCase.getCaseDirectory() + "/Reports/" + caseName + "-" + datenotime + ".xml"; - this.save(xmlPath); + xmlPath = currentCase.getCaseDirectory() + File.separator + "Reports" + File.separator + caseName + "-" + datenotime + ".xml"; + this.Save(xmlPath); } catch (Exception e) { - Logger.getLogger(reportXML.class.getName()).log(Level.WARNING, "Exception occurred", e); + Logger.getLogger(ReportXML.class.getName()).log(Level.WARNING, "Exception occurred", e); } return xmlPath; } @Override - public void save(String path) { + public void Save(String path) { try { - FileOutputStream out = new FileOutputStream(xmlPath); + FileOutputStream out = new FileOutputStream(path); XMLOutputter serializer = new XMLOutputter(); serializer.output(xmldoc, out); out.flush(); @@ -212,25 +213,25 @@ public class reportXML implements ReportModule { } @Override - public String getReportType() { + public String GetReportType() { String type = "XML"; return type; } @Override - public ReportConfiguration getReportConfiguration() { + public ReportConfiguration GetReportConfiguration() { ReportConfiguration config = reportconfig; return config; } @Override - public String getReportTypeDescription() { + public String GetReportTypeDescription() { String desc = "This is an html formatted report that is meant to be viewed in a modern browser."; return desc; } @Override - public String generateReport() throws ReportModuleException { + public String GenerateReport() throws ReportModuleException { throw new UnsupportedOperationException("Not supported yet."); } From 5881a14a4d7baaff34adf01f19946c9e479530d3 Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Thu, 10 May 2012 09:03:18 -0700 Subject: [PATCH 10/22] Uncommented the report.java keyword as well as set the report configs to not automatically instantiate with empty report configs in each reporting module. Signed-off-by: Alex Ebadirad --- .../autopsy/report/ReportConfiguration.java | 17 +++++++++++++---- .../org/sleuthkit/autopsy/report/report.java | 10 +++++----- .../sleuthkit/autopsy/report/reportHTML.java | 2 +- .../org/sleuthkit/autopsy/report/reportXLS.java | 2 +- .../org/sleuthkit/autopsy/report/reportXML.java | 2 +- 5 files changed, 21 insertions(+), 12 deletions(-) diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java b/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java index c705b8753f..c04a8d3f9d 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java @@ -61,7 +61,10 @@ class ReportConfiguration { ; - //regets everything that occurs in the constructor normally + /**regets everything that occurs in the constructor normally + * + * @throws ReportModuleException + */ public void getAllTypes() throws ReportModuleException { config.clear(); //now lets get the list from the tsk and current case @@ -81,7 +84,9 @@ class ReportConfiguration { ; -//setters for generally supported report parts + /**setters for generally supported report parts + * + */ public void setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE type, Boolean value) throws ReportModuleException { if (config.containsKey(type)) { config.put(type, value); @@ -92,7 +97,9 @@ public void setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE type, Boolean va ; - //This allows all that setting to happen in groups + /**This allows all that setting to happen in groups + * + */ public void setGenArtifactType(ArrayList typeList, boolean value) throws ReportModuleException { for (BlackboardArtifact.ARTIFACT_TYPE type : typeList) { @@ -107,7 +114,9 @@ public void setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE type, Boolean va ; - //getters for generally supported report parts + /** getters for generally supported report parts + * + */ public boolean getGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE type) throws ReportModuleException { boolean value = false; if (config.containsKey(type)) { diff --git a/Report/src/org/sleuthkit/autopsy/report/report.java b/Report/src/org/sleuthkit/autopsy/report/report.java index 99242d8502..08848d667d 100644 --- a/Report/src/org/sleuthkit/autopsy/report/report.java +++ b/Report/src/org/sleuthkit/autopsy/report/report.java @@ -50,8 +50,8 @@ public class Report { ResultSet uniqueresults = tempDb.runQuery("SELECT DISTINCT value_text from blackboard_attributes where attribute_type_id = '10' order by value_text ASC"); while (uniqueresults.next()) { - // table.append("").append(uniqueresults.getString("value_text")).append(""); - // table.append(""); + table.append("").append(uniqueresults.getString("value_text")).append(""); + table.append("
").append("File Name").append("PreviewKeyword List
"); ArrayList artlist = new ArrayList(); ResultSet tempresults = tempDb.runQuery("select DISTINCT artifact_id from blackboard_attributes where attribute_type_id = '10' and value_text = '" + uniqueresults.getString(1) + "'"); while (tempresults.next()) { @@ -62,7 +62,7 @@ public class Report { String filename = tempDb.getFsContentById(art.getObjectID()).getName(); String preview = ""; String set = ""; - // table.append(""); + table.append(""); ArrayList tempatts = art.getAttributes(); for (BlackboardAttribute att : tempatts) { if (att.getAttributeTypeID() == BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_REGEXP.getTypeID()) { @@ -72,10 +72,10 @@ public class Report { set = ""; } } - // table.append(preview).append(set).append(""); + table.append(preview).append(set).append(""); } - // table.append("
").append("File Name").append("PreviewKeyword List
").append(filename).append("
").append(filename).append("" + att.getValueString() + "


"); + table.append("

"); } } catch (Exception e) { Logger.getLogger(Report.class.getName()).log(Level.WARNING, "Exception occurred", e); diff --git a/Report/src/org/sleuthkit/autopsy/report/reportHTML.java b/Report/src/org/sleuthkit/autopsy/report/reportHTML.java index 31047f8b01..ee731da81a 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportHTML.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportHTML.java @@ -52,7 +52,7 @@ public class ReportHTML implements ReportModule{ private static StringBuilder unformatted_header = new StringBuilder(); private static StringBuilder formatted_header = new StringBuilder(); private static String htmlPath = ""; - private ReportConfiguration config = new ReportConfiguration(); + private ReportConfiguration config; ReportHTML(){ diff --git a/Report/src/org/sleuthkit/autopsy/report/reportXLS.java b/Report/src/org/sleuthkit/autopsy/report/reportXLS.java index e4709754ca..cd6d89f31f 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportXLS.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportXLS.java @@ -45,7 +45,7 @@ public class ReportXLS implements ReportModule { public static Workbook wb = new XSSFWorkbook(); private static String xlsPath = ""; - private ReportConfiguration config = new ReportConfiguration(); + private ReportConfiguration config; public ReportXLS() { //Empty the workbook first diff --git a/Report/src/org/sleuthkit/autopsy/report/reportXML.java b/Report/src/org/sleuthkit/autopsy/report/reportXML.java index ab4d3ff354..911a146e01 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportXML.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportXML.java @@ -44,7 +44,7 @@ import org.sleuthkit.datamodel.*; public class ReportXML implements ReportModule { public static Document xmldoc = new Document(); - private ReportConfiguration reportconfig = new ReportConfiguration(); + private ReportConfiguration reportconfig; private String xmlPath; public ReportXML() { From a8cdf70ee881b5afa59fe779c04ad5d661414299 Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Thu, 10 May 2012 15:23:29 -0700 Subject: [PATCH 11/22] refactored classes for camel casing of filenames Signed-off-by: Alex Ebadirad --- .../sleuthkit/autopsy/coreutils/Bundle.properties | 6 ++++++ .../org/sleuthkit/autopsy/report/ReportGen.java | 6 +++--- .../org/sleuthkit/autopsy/report/ReportModule.java | 12 ++++++------ .../org/sleuthkit/autopsy/report/reportHTML.java | 14 +++++++------- .../autopsy/report/reportPanelAction.java | 8 ++++---- .../org/sleuthkit/autopsy/report/reportXLS.java | 14 +++++++------- .../org/sleuthkit/autopsy/report/reportXML.java | 14 +++++++------- .../org/netbeans/core/startup/Bundle.properties | 4 +++- .../core/windows/view/ui/Bundle.properties | 6 ++++-- 9 files changed, 47 insertions(+), 37 deletions(-) diff --git a/CoreUtils/src/org/sleuthkit/autopsy/coreutils/Bundle.properties b/CoreUtils/src/org/sleuthkit/autopsy/coreutils/Bundle.properties index fbb4be8eb9..a375e1be3a 100644 --- a/CoreUtils/src/org/sleuthkit/autopsy/coreutils/Bundle.properties +++ b/CoreUtils/src/org/sleuthkit/autopsy/coreutils/Bundle.properties @@ -1 +1,7 @@ +#Updated by build script +#Wed, 09 May 2012 09:11:58 -0700 OpenIDE-Module-Name=CoreUtils + +app.name=Autopsy +app.version=20120509 +build.type=DEVELOPMENT diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportGen.java b/Report/src/org/sleuthkit/autopsy/report/ReportGen.java index 146f5aeff4..2567d285b8 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportGen.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportGen.java @@ -37,12 +37,12 @@ public class ReportGen { ReportGen() { } - public void ClearReport() { + public void clearReport() { Results.clear(); } - public void PopulateReport(ReportConfiguration config) { - ClearReport(); + public void populateReport(ReportConfiguration config) { + clearReport(); Report bbreport = new Report(); Results = bbreport.getAllTypes(config); } diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportModule.java b/Report/src/org/sleuthkit/autopsy/report/ReportModule.java index 46e5fac46c..4e11624fbc 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportModule.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportModule.java @@ -32,17 +32,17 @@ public interface ReportModule { * @return absolute file path to the report generated * @throws ReportModuleException if report generation failed */ - public String GenerateReport() throws ReportModuleException; - + public String generateReport() throws ReportModuleException; + //If it uses a report configuration and reports back to the gui its progress - public String GenerateReport(ReportConfiguration config, reportFilter rr) throws ReportModuleException; + public String generateReport(ReportConfiguration config, reportFilter rr) throws ReportModuleException; /** * This saves a copy of the report (current one) to another place specified * by the user. Takes the input of where the path needs to be saved, include * filename and extention. */ - public void Save(String Path) throws ReportModuleException; + public void save(String Path) throws ReportModuleException; /** * Returns a short description of report type/file format this module @@ -50,7 +50,7 @@ public interface ReportModule { * * @return */ - public String GetReportType(); + public String getReportType(); /** * Returns the reportconfiguration object that was created @@ -63,5 +63,5 @@ public interface ReportModule { * Returns a one line human readable description of the type of report this * module generates */ - public String GetReportTypeDescription(); + public String getReportTypeDescription(); } \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/reportHTML.java b/Report/src/org/sleuthkit/autopsy/report/reportHTML.java index ee731da81a..de5f986d7a 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportHTML.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportHTML.java @@ -59,10 +59,10 @@ public class ReportHTML implements ReportModule{ } @Override - public String GenerateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException { + public String generateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException { config = reportconfig; ReportGen reportobj = new ReportGen(); - reportobj.PopulateReport(reportconfig); + reportobj.populateReport(reportconfig); HashMap> report = reportobj.Results; //This is literally a terrible way to count up all the types of artifacts, and doesn't include any added ones. //Unlike the XML Report, which is dynamic, this is formatted and needs to be redone later instead of being hardcoded. @@ -416,7 +416,7 @@ public class ReportHTML implements ReportModule{ formatted_header.append(formatted_Report); // unformatted_header.append(formatted_Report); htmlPath = currentCase.getCaseDirectory() + "/Reports/" + caseName + "-" + datenotime + ".html"; - this.Save(htmlPath); + this.save(htmlPath); } catch (Exception e) { @@ -427,7 +427,7 @@ public class ReportHTML implements ReportModule{ @Override - public void Save(String path) + public void save(String path) { try{ Writer out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(path), "UTF-8")); @@ -442,7 +442,7 @@ public class ReportHTML implements ReportModule{ } @Override - public String GetReportType(){ + public String getReportType(){ String type = "HTML"; return type; } @@ -455,13 +455,13 @@ public class ReportHTML implements ReportModule{ @Override - public String GetReportTypeDescription(){ + public String getReportTypeDescription(){ String desc = "This is an html formatted report that is meant to be viewed in a modern browser."; return desc; } @Override - public String GenerateReport() throws ReportModuleException { + public String generateReport() throws ReportModuleException { throw new UnsupportedOperationException("Not supported yet."); } diff --git a/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java b/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java index 04c66130bd..9c75179eeb 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java @@ -57,7 +57,7 @@ public class reportPanelAction { public void run() { rr.progBarStartText(); }}); - report.PopulateReport(reportconfig); + report.populateReport(reportconfig); SwingUtilities.invokeLater(new Runnable() { @Override public void run() { @@ -74,7 +74,7 @@ public class reportPanelAction { a.start(); ReportHTML htmlReport = new ReportHTML(); try{ - htmlReport.GenerateReport(reportconfig, rr); + htmlReport.generateReport(reportconfig, rr); BrowserControl.openUrl(ReportHTML.htmlPath); } catch(ReportModuleException e){ @@ -87,7 +87,7 @@ public class reportPanelAction { s.start(); ReportXLS xlsReport = new ReportXLS(); try{ - xlsReport.GenerateReport(reportconfig,rr); + xlsReport.generateReport(reportconfig,rr); } catch(ReportModuleException e){ Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the XLS Report", e); @@ -99,7 +99,7 @@ public class reportPanelAction { S.start(); ReportXML xmlReport = new ReportXML(); try{ - xmlReport.GenerateReport(reportconfig,rr); + xmlReport.generateReport(reportconfig,rr); } catch(ReportModuleException e){ Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the XML Report", e); diff --git a/Report/src/org/sleuthkit/autopsy/report/reportXLS.java b/Report/src/org/sleuthkit/autopsy/report/reportXLS.java index cd6d89f31f..ebfbfb449d 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportXLS.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportXLS.java @@ -52,10 +52,10 @@ public class ReportXLS implements ReportModule { } @Override - public String GenerateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException { + public String generateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException { config = reportconfig; ReportGen reportobj = new ReportGen(); - reportobj.PopulateReport(reportconfig); + reportobj.populateReport(reportconfig); HashMap> report = reportobj.Results; Workbook wbtemp = new XSSFWorkbook(); int countGen = 0; @@ -386,7 +386,7 @@ public class ReportXLS implements ReportModule { //write out the report to the reports folder, set the wbtemp to the primary wb object wb = wbtemp; xlsPath = currentCase.getCaseDirectory() + File.separator + "Reports" + File.separator + caseName + "-" + datenotime + ".xlsx"; - this.Save(xlsPath); + this.save(xlsPath); } catch (Exception E) { String test = E.toString(); @@ -396,7 +396,7 @@ public class ReportXLS implements ReportModule { } @Override - public void Save(String path) + public void save(String path) { try{ FileOutputStream fos = new FileOutputStream(path); @@ -410,7 +410,7 @@ public class ReportXLS implements ReportModule { } @Override - public String GetReportType(){ + public String getReportType(){ String type = "XLS"; return type; } @@ -423,13 +423,13 @@ public class ReportXLS implements ReportModule { @Override - public String GetReportTypeDescription(){ + public String getReportTypeDescription(){ String desc = "This is an xls formatted report that is meant to be viewed in Excel."; return desc; } @Override - public String GenerateReport() throws ReportModuleException { + public String generateReport() throws ReportModuleException { throw new UnsupportedOperationException("Not supported yet."); } } diff --git a/Report/src/org/sleuthkit/autopsy/report/reportXML.java b/Report/src/org/sleuthkit/autopsy/report/reportXML.java index 911a146e01..0c2fffa122 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportXML.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportXML.java @@ -51,9 +51,9 @@ public class ReportXML implements ReportModule { } @Override - public String GenerateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException{ + public String generateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException{ ReportGen reportobj = new ReportGen(); - reportobj.PopulateReport(reportconfig); + reportobj.populateReport(reportconfig); HashMap> report = reportobj.Results; try { Case currentCase = Case.getCurrentCase(); // get the most updated case @@ -187,7 +187,7 @@ public class ReportXML implements ReportModule { //Export it the first time xmlPath = currentCase.getCaseDirectory() + File.separator + "Reports" + File.separator + caseName + "-" + datenotime + ".xml"; - this.Save(xmlPath); + this.save(xmlPath); } catch (Exception e) { Logger.getLogger(ReportXML.class.getName()).log(Level.WARNING, "Exception occurred", e); @@ -197,7 +197,7 @@ public class ReportXML implements ReportModule { } @Override - public void Save(String path) { + public void save(String path) { try { @@ -213,7 +213,7 @@ public class ReportXML implements ReportModule { } @Override - public String GetReportType() { + public String getReportType() { String type = "XML"; return type; } @@ -225,13 +225,13 @@ public class ReportXML implements ReportModule { } @Override - public String GetReportTypeDescription() { + public String getReportTypeDescription() { String desc = "This is an html formatted report that is meant to be viewed in a modern browser."; return desc; } @Override - public String GenerateReport() throws ReportModuleException { + public String generateReport() throws ReportModuleException { throw new UnsupportedOperationException("Not supported yet."); } diff --git a/branding/core/core.jar/org/netbeans/core/startup/Bundle.properties b/branding/core/core.jar/org/netbeans/core/startup/Bundle.properties index dbffcdccee..d0f16d0d06 100644 --- a/branding/core/core.jar/org/netbeans/core/startup/Bundle.properties +++ b/branding/core/core.jar/org/netbeans/core/startup/Bundle.properties @@ -1,4 +1,6 @@ -currentVersion=Autopsy {0} +#Updated by build script +#Wed, 09 May 2012 09:11:58 -0700 +currentVersion=Autopsy 20120509 LBL_splash_window_title=Starting Autopsy SPLASH_HEIGHT=288 SPLASH_WIDTH=538 diff --git a/branding/modules/org-netbeans-core-windows.jar/org/netbeans/core/windows/view/ui/Bundle.properties b/branding/modules/org-netbeans-core-windows.jar/org/netbeans/core/windows/view/ui/Bundle.properties index 3400dcc9c9..6dc8776194 100644 --- a/branding/modules/org-netbeans-core-windows.jar/org/netbeans/core/windows/view/ui/Bundle.properties +++ b/branding/modules/org-netbeans-core-windows.jar/org/netbeans/core/windows/view/ui/Bundle.properties @@ -1,2 +1,4 @@ -CTL_MainWindow_Title=Autopsy {0} -CTL_MainWindow_Title_No_Project=Autopsy {0} +#Updated by build script +#Wed, 09 May 2012 09:11:58 -0700 +CTL_MainWindow_Title=Autopsy 20120509 +CTL_MainWindow_Title_No_Project=Autopsy 20120509 From d400c636c276f780d863037f25d9e118e2062be4 Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Thu, 10 May 2012 15:48:18 -0700 Subject: [PATCH 12/22] Mild reporting fix to compile Signed-off-by: Alex Ebadirad --- .../src/org/sleuthkit/autopsy/coreutils/Bundle.properties | 4 ++-- Report/src/org/sleuthkit/autopsy/report/reportPanel.java | 2 +- .../src/org/sleuthkit/autopsy/report/reportPanelAction.java | 4 ++-- Report/src/org/sleuthkit/autopsy/report/reportXML.java | 1 - .../core.jar/org/netbeans/core/startup/Bundle.properties | 4 ++-- .../org/netbeans/core/windows/view/ui/Bundle.properties | 6 +++--- 6 files changed, 10 insertions(+), 11 deletions(-) diff --git a/CoreUtils/src/org/sleuthkit/autopsy/coreutils/Bundle.properties b/CoreUtils/src/org/sleuthkit/autopsy/coreutils/Bundle.properties index a375e1be3a..5c940ab92f 100644 --- a/CoreUtils/src/org/sleuthkit/autopsy/coreutils/Bundle.properties +++ b/CoreUtils/src/org/sleuthkit/autopsy/coreutils/Bundle.properties @@ -1,7 +1,7 @@ #Updated by build script -#Wed, 09 May 2012 09:11:58 -0700 +#Thu, 10 May 2012 15:47:15 -0700 OpenIDE-Module-Name=CoreUtils app.name=Autopsy -app.version=20120509 +app.version=20120510 build.type=DEVELOPMENT diff --git a/Report/src/org/sleuthkit/autopsy/report/reportPanel.java b/Report/src/org/sleuthkit/autopsy/report/reportPanel.java index 0c784451ed..b653709d89 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportPanel.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportPanel.java @@ -139,7 +139,7 @@ private void saveReportActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FI Writer out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(htmlpath), "UTF-8")); // FileOutputStream out = new FileOutputStream(htmlpath); - out.write(ReportHTML.formatted_header.toString()); + out.write(ReportHTML.formatted_Report.toString()); out.flush(); out.close(); diff --git a/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java b/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java index 9c75179eeb..ec99dc5a06 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java @@ -74,8 +74,8 @@ public class reportPanelAction { a.start(); ReportHTML htmlReport = new ReportHTML(); try{ - htmlReport.generateReport(reportconfig, rr); - BrowserControl.openUrl(ReportHTML.htmlPath); + String htmlpath = htmlReport.generateReport(reportconfig, rr); + BrowserControl.openUrl(htmlpath); } catch(ReportModuleException e){ Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the htmlReport", e); diff --git a/Report/src/org/sleuthkit/autopsy/report/reportXML.java b/Report/src/org/sleuthkit/autopsy/report/reportXML.java index 0c2fffa122..2bb574266d 100644 --- a/Report/src/org/sleuthkit/autopsy/report/reportXML.java +++ b/Report/src/org/sleuthkit/autopsy/report/reportXML.java @@ -252,7 +252,6 @@ public class ReportXML implements ReportModule { return img.getName(); } - @Override public String visit(File fil) { return fil.getName(); } diff --git a/branding/core/core.jar/org/netbeans/core/startup/Bundle.properties b/branding/core/core.jar/org/netbeans/core/startup/Bundle.properties index d0f16d0d06..e1f91b289a 100644 --- a/branding/core/core.jar/org/netbeans/core/startup/Bundle.properties +++ b/branding/core/core.jar/org/netbeans/core/startup/Bundle.properties @@ -1,6 +1,6 @@ #Updated by build script -#Wed, 09 May 2012 09:11:58 -0700 -currentVersion=Autopsy 20120509 +#Thu, 10 May 2012 15:47:15 -0700 +currentVersion=Autopsy 20120510 LBL_splash_window_title=Starting Autopsy SPLASH_HEIGHT=288 SPLASH_WIDTH=538 diff --git a/branding/modules/org-netbeans-core-windows.jar/org/netbeans/core/windows/view/ui/Bundle.properties b/branding/modules/org-netbeans-core-windows.jar/org/netbeans/core/windows/view/ui/Bundle.properties index 6dc8776194..967f636d4a 100644 --- a/branding/modules/org-netbeans-core-windows.jar/org/netbeans/core/windows/view/ui/Bundle.properties +++ b/branding/modules/org-netbeans-core-windows.jar/org/netbeans/core/windows/view/ui/Bundle.properties @@ -1,4 +1,4 @@ #Updated by build script -#Wed, 09 May 2012 09:11:58 -0700 -CTL_MainWindow_Title=Autopsy 20120509 -CTL_MainWindow_Title_No_Project=Autopsy 20120509 +#Thu, 10 May 2012 15:47:15 -0700 +CTL_MainWindow_Title=Autopsy 20120510 +CTL_MainWindow_Title_No_Project=Autopsy 20120510 From 9facfee95a36d27126dc66d999205bb4a6aa1994 Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Fri, 11 May 2012 08:47:26 -0700 Subject: [PATCH 13/22] Removing old lower-case file names. --- .../autopsy/report/BrowserControl.java | 50 -- .../autopsy/report/Bundle.properties | 18 - .../autopsy/report/ReportConfiguration.java | 138 ------ .../sleuthkit/autopsy/report/ReportGen.java | 49 -- .../autopsy/report/ReportModule.java | 67 --- .../autopsy/report/ReportModuleException.java | 33 -- .../sleuthkit/autopsy/report/StopWatch.java | 60 --- .../report/btn_icon_generate_report.png | Bin 1632 -> 0 bytes .../org/sleuthkit/autopsy/report/layer.xml | 22 - .../org/sleuthkit/autopsy/report/report.java | 107 ---- .../autopsy/report/reportAction.java | 186 ------- .../autopsy/report/reportFilter.form | 180 ------- .../autopsy/report/reportFilter.java | 360 -------------- .../autopsy/report/reportFilterAction.java | 83 ---- .../sleuthkit/autopsy/report/reportHTML.java | 468 ------------------ .../sleuthkit/autopsy/report/reportPanel.form | 89 ---- .../sleuthkit/autopsy/report/reportPanel.java | 168 ------- .../autopsy/report/reportPanelAction.java | 163 ------ .../sleuthkit/autopsy/report/reportUtils.java | 55 -- .../sleuthkit/autopsy/report/reportXLS.java | 435 ---------------- .../sleuthkit/autopsy/report/reportXML.java | 259 ---------- 21 files changed, 2990 deletions(-) delete mode 100644 Report/src/org/sleuthkit/autopsy/report/BrowserControl.java delete mode 100644 Report/src/org/sleuthkit/autopsy/report/Bundle.properties delete mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java delete mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportGen.java delete mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportModule.java delete mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportModuleException.java delete mode 100644 Report/src/org/sleuthkit/autopsy/report/StopWatch.java delete mode 100644 Report/src/org/sleuthkit/autopsy/report/btn_icon_generate_report.png delete mode 100644 Report/src/org/sleuthkit/autopsy/report/layer.xml delete mode 100644 Report/src/org/sleuthkit/autopsy/report/report.java delete mode 100644 Report/src/org/sleuthkit/autopsy/report/reportAction.java delete mode 100644 Report/src/org/sleuthkit/autopsy/report/reportFilter.form delete mode 100644 Report/src/org/sleuthkit/autopsy/report/reportFilter.java delete mode 100644 Report/src/org/sleuthkit/autopsy/report/reportFilterAction.java delete mode 100644 Report/src/org/sleuthkit/autopsy/report/reportHTML.java delete mode 100644 Report/src/org/sleuthkit/autopsy/report/reportPanel.form delete mode 100644 Report/src/org/sleuthkit/autopsy/report/reportPanel.java delete mode 100644 Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java delete mode 100644 Report/src/org/sleuthkit/autopsy/report/reportUtils.java delete mode 100644 Report/src/org/sleuthkit/autopsy/report/reportXLS.java delete mode 100644 Report/src/org/sleuthkit/autopsy/report/reportXML.java diff --git a/Report/src/org/sleuthkit/autopsy/report/BrowserControl.java b/Report/src/org/sleuthkit/autopsy/report/BrowserControl.java deleted file mode 100644 index 08f201f83f..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/BrowserControl.java +++ /dev/null @@ -1,50 +0,0 @@ -/* - * To change this template, choose Tools | Templates - * and open the template in the editor. - */ -package org.sleuthkit.autopsy.report; - -/** - * - * @author Alex - */ -import java.lang.reflect.Method; - -public class BrowserControl{ -/** -* Method to Open the Browser with Given URL -* @param url -*/ -public static void openUrl(String url){ -String os = System.getProperty("os.name"); -Runtime runtime=Runtime.getRuntime(); -try{ -// Block for Windows Platform -if (os.startsWith("Windows")){ -String cmd = "rundll32 url.dll,FileProtocolHandler "+ url; -Process p = runtime.exec(cmd); -} -//Block for Mac OS -else if(os.startsWith("Mac OS")){ -Class fileMgr = Class.forName("com.apple.eio.FileManager"); -Method openURL = fileMgr.getDeclaredMethod("openURL", new Class[] {String.class}); -openURL.invoke(null, new Object[] {url}); -} -//Block for UNIX Platform -else { -String[] browsers = {"firefox", "opera", "konqueror", "epiphany", "mozilla", "netscape" }; -String browser = null; -for (int count = 0; count < browsers.length && browser == null; count++) -if (runtime.exec(new String[] {"which", browsers[count]}).waitFor() == 0) -browser = browsers[count]; -if (browser == null) -throw new Exception("Could not find web browser"); -else -runtime.exec(new String[] {browser, url}); -} -}catch(Exception x){ -System.err.println("Exception occurd while invoking Browser!"); -x.printStackTrace(); -} -} -} diff --git a/Report/src/org/sleuthkit/autopsy/report/Bundle.properties b/Report/src/org/sleuthkit/autopsy/report/Bundle.properties deleted file mode 100644 index 3cfbe706b7..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/Bundle.properties +++ /dev/null @@ -1,18 +0,0 @@ -OpenIDE-Module-Name=Report -reportFilter.jCheckBox1.text=Internet History -reportFilter.jCheckBox2.text=General Info -reportFilter.jCheckBox3.text=Keyword Hits -reportFilter.jCheckBox4.text=Hashlist Hits -reportFilter.jCheckBox5.text=System Information -reportFilter.jButton1.text=Generate Report -Toolbars/Reports/org-sleuthkit-autopsy-report-reportAction.shadow=Reports -reportPanel.jButton1.text=Close -reportFilter.cancelButton.text=Cancel -reportFilter.cancelButton.actionCommand= -reportFilter.jButton2.actionCommand= -reportFilter.jButton2.label= -reportFilter.jButton2.text= -reportPanel.saveReport.actionCommand= -reportPanel.saveReport.text=Export Report... -reportFilter.progBar.string= -reportPanel.jLabel1.text=jLabel1 diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java b/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java deleted file mode 100644 index c04a8d3f9d..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java +++ /dev/null @@ -1,138 +0,0 @@ - /* - * - * Autopsy Forensic Browser - * - * Copyright 2012 42six Solutions. - * Contact: aebadirad 42six com - * Project Contact/Architect: carrier sleuthkit org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.sleuthkit.autopsy.report; - -import java.util.ArrayList; -import java.util.EnumMap; -import java.util.Map; -import java.util.logging.Level; -import java.util.logging.Logger; -import org.sleuthkit.autopsy.casemodule.Case; -import org.sleuthkit.datamodel.BlackboardArtifact; -import org.sleuthkit.datamodel.SleuthkitCase; - -/** - * Configures which parts of report were requested e.g. based on user input Some - * specialized reporting modules may choose not to generate all requested - * sections and some modules may generate additional, specialized sections - * -*/ -class ReportConfiguration { - - //base data structure - Map config = new EnumMap(BlackboardArtifact.ARTIFACT_TYPE.class); - private final Logger logger = Logger.getLogger(this.getClass().getName()); - - ReportConfiguration() { - //clear the config just incase before we get the list from the db again - config.clear(); - //now lets get the list from the tsk and current case - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase skCase = currentCase.getSleuthkitCase(); - try { - ArrayList arttypes = skCase.getBlackboardArtifactTypes(); - for (BlackboardArtifact.ARTIFACT_TYPE type : arttypes) { - config.put(type, Boolean.FALSE); - } - - } catch (Exception ex) { - logger.log(Level.WARNING, "Error while trying to retrieve list of artifact types from the TSK case .", ex); - } - - } - - ; - - /**regets everything that occurs in the constructor normally - * - * @throws ReportModuleException - */ - public void getAllTypes() throws ReportModuleException { - config.clear(); - //now lets get the list from the tsk and current case - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase skCase = currentCase.getSleuthkitCase(); - try { - ArrayList arttypes = skCase.getBlackboardArtifactTypes(); - for (BlackboardArtifact.ARTIFACT_TYPE type : arttypes) { - config.put(type, Boolean.FALSE); - } - - } catch (Exception ex) { - logger.log(Level.WARNING, "Error while trying to retrieve list of artifact types from the TSK case .", ex); - } - - } - - ; - - /**setters for generally supported report parts - * - */ -public void setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE type, Boolean value) throws ReportModuleException { - if (config.containsKey(type)) { - config.put(type, value); - } else { - throw new ReportModuleException("The following artifact type is not present:" + type); - } - } - - ; - - /**This allows all that setting to happen in groups - * - */ - public void setGenArtifactType(ArrayList typeList, boolean value) throws ReportModuleException { - - for (BlackboardArtifact.ARTIFACT_TYPE type : typeList) { - if (config.containsKey(type)) { - config.put(type, value); - } else { - throw new ReportModuleException("The following artifact type is not present:" + type); - } - } - } - - ; - - - /** getters for generally supported report parts - * - */ - public boolean getGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE type) throws ReportModuleException { - boolean value = false; - if (config.containsKey(type)) { - value = config.get(type); - } else { - throw new ReportModuleException("The following artifact type is not present:" + type); - } - - return value; - - } - - public void resetGenArtifactTypes() { - for (Map.Entry entry : config.entrySet()) { - config.put(entry.getKey(), Boolean.FALSE); - } - - } -} diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportGen.java b/Report/src/org/sleuthkit/autopsy/report/ReportGen.java deleted file mode 100644 index 2567d285b8..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/ReportGen.java +++ /dev/null @@ -1,49 +0,0 @@ - /* - * - * Autopsy Forensic Browser - * - * Copyright 2012 42six Solutions. - * Contact: aebadirad 42six com - * Project Contact/Architect: carrier sleuthkit org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.sleuthkit.autopsy.report; - -import java.util.ArrayList; -import java.util.HashMap; -import org.sleuthkit.datamodel.BlackboardArtifact; -import org.sleuthkit.datamodel.BlackboardAttribute; - -/** - * - * This class is the 'default' way to get artifacts/attributes from the - * blackboard using a reportconfiguration object. - */ -public class ReportGen { - - HashMap> Results = new HashMap>(); - - ReportGen() { - } - - public void clearReport() { - Results.clear(); - } - - public void populateReport(ReportConfiguration config) { - clearReport(); - Report bbreport = new Report(); - Results = bbreport.getAllTypes(config); - } -} diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportModule.java b/Report/src/org/sleuthkit/autopsy/report/ReportModule.java deleted file mode 100644 index 4e11624fbc..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/ReportModule.java +++ /dev/null @@ -1,67 +0,0 @@ - /* - * - * Autopsy Forensic Browser - * - * Copyright 2012 42six Solutions. - * Contact: aebadirad 42six com - * Project Contact/Architect: carrier sleuthkit org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.sleuthkit.autopsy.report; - -//interface every reporting module should implement -public interface ReportModule { - - /** - * Generates a report on the current case Reporting module should traverse - * the blackboard, extract needed information as specified in the config and - * generate a report file - * - * @param config specifiying parts that should be generated - * @return absolute file path to the report generated - * @throws ReportModuleException if report generation failed - */ - public String generateReport() throws ReportModuleException; - - //If it uses a report configuration and reports back to the gui its progress - public String generateReport(ReportConfiguration config, reportFilter rr) throws ReportModuleException; - - /** - * This saves a copy of the report (current one) to another place specified - * by the user. Takes the input of where the path needs to be saved, include - * filename and extention. - */ - public void save(String Path) throws ReportModuleException; - - /** - * Returns a short description of report type/file format this module - * generates for instance, "XML", "Excel" - * - * @return - */ - public String getReportType(); - - /** - * Returns the reportconfiguration object that was created - * - * @return - */ - public ReportConfiguration GetReportConfiguration(); - - /** - * Returns a one line human readable description of the type of report this - * module generates - */ - public String getReportTypeDescription(); -} \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportModuleException.java b/Report/src/org/sleuthkit/autopsy/report/ReportModuleException.java deleted file mode 100644 index 93d61f990b..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/ReportModuleException.java +++ /dev/null @@ -1,33 +0,0 @@ - /* - * - * Autopsy Forensic Browser - * - * Copyright 2012 42six Solutions. - * Contact: aebadirad 42six com - * Project Contact/Architect: carrier sleuthkit org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.sleuthkit.autopsy.report; - -//exception thrown by a reporting module when report generation failed -class ReportModuleException extends Exception { - - public ReportModuleException(String msg) { - super(msg); - } - - public ReportModuleException(String msg, Exception ex) { - super(msg, ex); - } -} diff --git a/Report/src/org/sleuthkit/autopsy/report/StopWatch.java b/Report/src/org/sleuthkit/autopsy/report/StopWatch.java deleted file mode 100644 index 796c3af43e..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/StopWatch.java +++ /dev/null @@ -1,60 +0,0 @@ -/* - * To change this template, choose Tools | Templates - * and open the template in the editor. - */ -package org.sleuthkit.autopsy.report; - -/** - * - * @author Alex - */ -public class StopWatch { - - private long startTime = 0; - private long stopTime = 0; - private boolean running = false; - - - public void start() { - this.startTime = System.currentTimeMillis(); - this.running = true; - } - - - public void stop() { - this.stopTime = System.currentTimeMillis(); - this.running = false; - } - - - //elaspsed time in milliseconds - public long getElapsedTime() { - long elapsed; - if (running) { - elapsed = (System.currentTimeMillis() - startTime); - } - else { - elapsed = (stopTime - startTime); - } - return elapsed; - } - - public void reset(){ - - startTime = 0; - stopTime = 0; - running = false; - } - - //elaspsed time in seconds - public long getElapsedTimeSecs() { - long elapsed; - if (running) { - elapsed = ((System.currentTimeMillis() - startTime) / 1000); - } - else { - elapsed = ((stopTime - startTime) / 1000); - } - return elapsed; - } -} \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/btn_icon_generate_report.png b/Report/src/org/sleuthkit/autopsy/report/btn_icon_generate_report.png deleted file mode 100644 index d27b5bfc7424bfa762792631061e55c434c61157..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1632 zcmbVMeM}Q)7(bx`B5ooMoen(@4fsLty=!TEH;R;gK%K>=;>L6d9_>-Cw0GUzbrgn^ z4@He})0rhYr(m+oIgFwki@|Jw0;`*G7`MeaH_^DjWQk6ldTyn4EX$*th&wH0~!_KH$F;Xqbq!Wn*2BJj{61^Yd2Rv`UaWSp0j z)}dn*fyYh6QZ4e>sRD}?)^j`!r^`W_9jE}T!sM7jsaC63z&OAF3UCy|(=auuz)1k$ ziGfIJyrY=38B7ye(oTz%h@zK7(Xz5Kd6`1a@lF&Y2qMIR<7tvbno!P)ls}CXlEVxJ zTCnqsS7bOA4lzHDB#7L>I7pz-01Q(rff@%Y4TceTHqhyDy-ov^1_h=Hb36^J zRI7kqqt~nS3LL|Xm<}ijlhOo?CKFC%6WL*`nH5BewbNl;M$*+N382R{N|mJbpIB1Q z)0D{Z`5fmC7nHSx6FH%T^TPVI>9B>eGi+!d%C;1f6s>{gnYU<%iRV1<_{EdVQ}ope zwbH0cR}$g4F+k{Wl}>L^7<3q}MkcV1|8r-kbkuxEfo)UB&3|) zJUaY=?7^>_-LCyjuXl8GYeAXJ^BS6ZPI(fjwKVTyV7io_wp}T;l92P)bTl?a`ymwfzd`>8fkin#}C?7FN#P z2V0SY($H<#@Um>KQxP*9QyjQ@|5EDB!(HEE)Y~E&2SUq?o@8IyN?wmkR=Qlf3pKD7*14B{79|=h!e0TnbTXa453<+Zz+%&v&fy1$qYRucub}1|q;Fp;z|)w@YghM~6qFf4u2DaEgyGQHhUbqm|+&8f1^c!c7_oupg&$z4$#E;xyO8&y3`B|>*yXLUe#~G() zMXrbs2LDblj`j7|--=E;)wp}FdU2n1(}S^JxMRb)5BD^IWx-32j--yX-l?ZFvo>^f z^(S{dTGYLGdVK5BU7ua-y}WL*7CvS=WYp=ZWsTGJtuG*Q`0g8*4e2|xe6dSTWtb_HM_VsW;DO uRm!%j4-dvnyIU3O!Z+PZaxIO8VgPg_Y1v*TrC}iS&o>+M49BxK*8BrK>RYt{ diff --git a/Report/src/org/sleuthkit/autopsy/report/layer.xml b/Report/src/org/sleuthkit/autopsy/report/layer.xml deleted file mode 100644 index 996b3c6b23..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/layer.xml +++ /dev/null @@ -1,22 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - diff --git a/Report/src/org/sleuthkit/autopsy/report/report.java b/Report/src/org/sleuthkit/autopsy/report/report.java deleted file mode 100644 index 08848d667d..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/report.java +++ /dev/null @@ -1,107 +0,0 @@ - /* - * - * Autopsy Forensic Browser - * - * Copyright 2012 42six Solutions. - * Contact: aebadirad 42six com - * Project Contact/Architect: carrier sleuthkit org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.sleuthkit.autopsy.report; - -import java.sql.ResultSet; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.Map; -import java.util.logging.Level; -import java.util.logging.Logger; -import org.sleuthkit.autopsy.casemodule.Case; -import org.sleuthkit.datamodel.BlackboardArtifact; -import org.sleuthkit.datamodel.BlackboardAttribute; -import org.sleuthkit.datamodel.SleuthkitCase; - -/** - * - * @author Alex - */ -public class Report { - - private void report() { - } - - public String getGroupedKeywordHit() { - StringBuilder table = new StringBuilder(); - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try { - - ResultSet uniqueresults = tempDb.runQuery("SELECT DISTINCT value_text from blackboard_attributes where attribute_type_id = '10' order by value_text ASC"); - - while (uniqueresults.next()) { - table.append("").append(uniqueresults.getString("value_text")).append(""); - table.append(""); - ArrayList artlist = new ArrayList(); - ResultSet tempresults = tempDb.runQuery("select DISTINCT artifact_id from blackboard_attributes where attribute_type_id = '10' and value_text = '" + uniqueresults.getString(1) + "'"); - while (tempresults.next()) { - artlist.add(tempDb.getBlackboardArtifact(tempresults.getLong(1))); - } - - for (BlackboardArtifact art : artlist) { - String filename = tempDb.getFsContentById(art.getObjectID()).getName(); - String preview = ""; - String set = ""; - table.append(""); - ArrayList tempatts = art.getAttributes(); - for (BlackboardAttribute att : tempatts) { - if (att.getAttributeTypeID() == BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_REGEXP.getTypeID()) { - preview = ""; - } - if (att.getAttributeTypeID() == BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_PREVIEW.getTypeID()) { - set = ""; - } - } - table.append(preview).append(set).append(""); - } - - table.append("
").append("File Name").append("PreviewKeyword List
").append(filename).append("" + att.getValueString() + "" + att.getValueString() + "


"); - } - } catch (Exception e) { - Logger.getLogger(Report.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return table.toString(); - } - - public HashMap> getAllTypes(ReportConfiguration config) { - HashMap> reportMap = new HashMap>(); - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase tempDb = currentCase.getSleuthkitCase(); - try { - for (Map.Entry entry : config.config.entrySet()) { - if (entry.getValue()) { - ArrayList bbart = tempDb.getBlackboardArtifacts(entry.getKey()); - for (BlackboardArtifact artifact : bbart) { - ArrayList attributes = artifact.getAttributes(); - reportMap.put(artifact, attributes); - } - } - } - } catch (Exception e) { - Logger.getLogger(Report.class.getName()).log(Level.INFO, "Exception occurred", e); - } - - return reportMap; - } -} \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/reportAction.java b/Report/src/org/sleuthkit/autopsy/report/reportAction.java deleted file mode 100644 index f5d1383698..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/reportAction.java +++ /dev/null @@ -1,186 +0,0 @@ - /* - * - * Autopsy Forensic Browser - * - * Copyright 2012 42six Solutions. - * Contact: aebadirad 42six com - * Project Contact/Architect: carrier sleuthkit org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.sleuthkit.autopsy.report; - -import java.awt.Component; -import java.awt.Dimension; -import java.awt.Toolkit; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; -import java.beans.PropertyChangeEvent; -import java.beans.PropertyChangeListener; -import java.io.File; -import java.util.logging.Level; -import java.util.logging.Logger; -import javax.swing.ImageIcon; -import javax.swing.JButton; -import javax.swing.JDialog; -import javax.swing.JFrame; -import org.openide.awt.ActionID; -import org.openide.awt.ActionReference; -import org.openide.awt.ActionReferences; -import org.openide.awt.ActionRegistration; -import org.openide.util.HelpCtx; -import org.openide.util.NbBundle.Messages; -import org.openide.util.actions.CallableSystemAction; -import org.openide.util.actions.Presenter; -import org.sleuthkit.autopsy.casemodule.Case; -import org.sleuthkit.autopsy.coreutils.Log; - -@ActionID(category = "Tools", -id = "org.sleuthkit.autopsy.report.reportAction") -@ActionRegistration(displayName = "#CTL_reportAction") -@ActionReferences({ - @ActionReference(path = "Menu/Tools", position = 80) -}) -@Messages("CTL_reportAction=Run Report") -public final class ReportAction extends CallableSystemAction implements Presenter.Toolbar { - - private JButton toolbarButton = new JButton(); - private static final String ACTION_NAME = "Generate Report"; - static final Logger logger = Logger.getLogger(ReportAction.class.getName()); - - public ReportAction() { - setEnabled(false); - Case.addPropertyChangeListener(new PropertyChangeListener() { - - @Override - public void propertyChange(PropertyChangeEvent evt) { - if (evt.getPropertyName().equals(Case.CASE_CURRENT_CASE)) { - setEnabled(evt.getNewValue() != null); - } - } - }); - //attempt to create a report folder if a case is active - Case.addPropertyChangeListener(new PropertyChangeListener() { - - @Override - public void propertyChange(PropertyChangeEvent evt) { - String changed = evt.getPropertyName(); - - //case has been changed - if (changed.equals(Case.CASE_CURRENT_CASE)) { - Case newCase = (Case) evt.getNewValue(); - - if (newCase != null) { - boolean exists = (new File(newCase.getCaseDirectory() + "\\Reports")).exists(); - if (exists) { - // report directory exists -- don't need to do anything - } else { - // report directory does not exist -- create it - boolean reportCreate = (new File(newCase.getCaseDirectory() + "\\Reports")).mkdirs(); - if (!reportCreate) { - logger.log(Level.WARNING, "Could not create Reports directory for case. It does not exist."); - } - } - } - } - } - }); - - // set action of the toolbar button - toolbarButton.addActionListener(new ActionListener() { - - @Override - public void actionPerformed(ActionEvent e) { - ReportAction.this.actionPerformed(e); - } - }); - - } - - @Override - public void actionPerformed(ActionEvent e) { - try { - - // create the popUp window for it - final JFrame frame = new JFrame(ACTION_NAME); - final JDialog popUpWindow = new JDialog(frame, ACTION_NAME, true); // to make the popUp Window to be modal - - // initialize panel with loaded settings - final reportFilter panel = new reportFilter(); - panel.setjButton2ActionListener(new ActionListener() { - - @Override - public void actionPerformed(ActionEvent e) { - popUpWindow.dispose(); - } - }); - - // add the panel to the popup window - popUpWindow.add(panel); - popUpWindow.pack(); - popUpWindow.setResizable(false); - - // set the location of the popUp Window on the center of the screen - Dimension screenDimension = Toolkit.getDefaultToolkit().getScreenSize(); - double w = popUpWindow.getSize().getWidth(); - double h = popUpWindow.getSize().getHeight(); - popUpWindow.setLocation((int) ((screenDimension.getWidth() - w) / 2), (int) ((screenDimension.getHeight() - h) / 2)); - - // display the window - popUpWindow.setVisible(true); - // add the command to close the window to the button on the Case Properties form / panel - - - } catch (Exception ex) { - Log.get(reportFilterAction.class).log(Level.WARNING, "Error displaying " + ACTION_NAME + " window.", ex); - } - } - - @Override - public void performAction() { - } - - @Override - public String getName() { - return ACTION_NAME; - } - - @Override - public HelpCtx getHelpCtx() { - return HelpCtx.DEFAULT_HELP; - } - - /** - * Returns the toolbar component of this action - * - * @return component the toolbar button - */ - @Override - public Component getToolbarPresenter() { - ImageIcon icon = new ImageIcon(getClass().getResource("btn_icon_generate_report.png")); - toolbarButton.setIcon(icon); - toolbarButton.setText("Generate Report"); - return toolbarButton; - } - - /** - * Set this action to be enabled/disabled - * - * @param value whether to enable this action or not - */ - @Override - public void setEnabled(boolean value) { - super.setEnabled(value); - toolbarButton.setEnabled(value); - } -} \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/reportFilter.form b/Report/src/org/sleuthkit/autopsy/report/reportFilter.form deleted file mode 100644 index 6f51b2114a..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/reportFilter.form +++ /dev/null @@ -1,180 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/Report/src/org/sleuthkit/autopsy/report/reportFilter.java b/Report/src/org/sleuthkit/autopsy/report/reportFilter.java deleted file mode 100644 index 37764b7663..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/reportFilter.java +++ /dev/null @@ -1,360 +0,0 @@ - /* - * - * Autopsy Forensic Browser - * - * Copyright 2012 42six Solutions. - * Contact: aebadirad 42six com - * Project Contact/Architect: carrier sleuthkit org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.sleuthkit.autopsy.report; - -import java.awt.event.ActionListener; -import java.util.ArrayList; -import java.util.logging.Level; -import java.util.logging.Logger; -import javax.swing.SwingUtilities; -import javax.swing.SwingWorker; -import org.sleuthkit.autopsy.casemodule.Case; -import org.sleuthkit.datamodel.BlackboardArtifact; -import org.sleuthkit.datamodel.SleuthkitCase; - -/** - * - * @author Alex - */ -public class reportFilter extends javax.swing.JPanel { - - public static ArrayList filters = new ArrayList(); - public static ReportConfiguration config = new ReportConfiguration(); - private final Logger logger = Logger.getLogger(this.getClass().getName()); - public final reportFilter panel = this; - reportPanelAction rpa = new reportPanelAction(); - public static boolean cancel = false; - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase skCase = currentCase.getSleuthkitCase(); - - /** - * Creates new form reportFilter - */ - public reportFilter() { - initComponents(); - cancel = false; - try{ - config.getAllTypes(); - } - catch(ReportModuleException ex) - { - Logger.getLogger(Report.class.getName()).log(Level.SEVERE, "Exception occurred", ex); - } - } - - /** - * This method is called from within the constructor to initialize the form. - * WARNING: Do NOT modify this code. The content of this method is always - * regenerated by the Form Editor. - */ - @SuppressWarnings("unchecked") - // //GEN-BEGIN:initComponents - private void initComponents() { - - jButton2 = new javax.swing.JButton(); - jCheckBox1 = new javax.swing.JCheckBox(); - jCheckBox2 = new javax.swing.JCheckBox(); - jCheckBox3 = new javax.swing.JCheckBox(); - jCheckBox4 = new javax.swing.JCheckBox(); - jCheckBox5 = new javax.swing.JCheckBox(); - jButton1 = new javax.swing.JButton(); - progBar = new javax.swing.JProgressBar(); - cancelButton = new javax.swing.JButton(); - - jButton2.setText(org.openide.util.NbBundle.getMessage(reportFilter.class, "reportFilter.jButton2.text")); // NOI18N - jButton2.setActionCommand(org.openide.util.NbBundle.getMessage(reportFilter.class, "reportFilter.jButton2.actionCommand")); // NOI18N - jButton2.setLabel(org.openide.util.NbBundle.getMessage(reportFilter.class, "reportFilter.jButton2.label")); // NOI18N - - setPreferredSize(new java.awt.Dimension(250, 193)); - - jCheckBox1.setSelected(true); - jCheckBox1.setText(org.openide.util.NbBundle.getMessage(reportFilter.class, "reportFilter.jCheckBox1.text")); // NOI18N - jCheckBox1.addActionListener(new java.awt.event.ActionListener() { - public void actionPerformed(java.awt.event.ActionEvent evt) { - jCheckBox1ActionPerformed(evt); - } - }); - - jCheckBox2.setSelected(true); - jCheckBox2.setText(org.openide.util.NbBundle.getMessage(reportFilter.class, "reportFilter.jCheckBox2.text")); // NOI18N - - jCheckBox3.setSelected(true); - jCheckBox3.setText(org.openide.util.NbBundle.getMessage(reportFilter.class, "reportFilter.jCheckBox3.text")); // NOI18N - - jCheckBox4.setSelected(true); - jCheckBox4.setText(org.openide.util.NbBundle.getMessage(reportFilter.class, "reportFilter.jCheckBox4.text")); // NOI18N - - jCheckBox5.setSelected(true); - jCheckBox5.setText(org.openide.util.NbBundle.getMessage(reportFilter.class, "reportFilter.jCheckBox5.text")); // NOI18N - - jButton1.setText(org.openide.util.NbBundle.getMessage(reportFilter.class, "reportFilter.jButton1.text")); // NOI18N - jButton1.addMouseListener(new java.awt.event.MouseAdapter() { - public void mouseReleased(java.awt.event.MouseEvent evt) { - jButton1MouseReleased(evt); - } - }); - jButton1.addActionListener(new java.awt.event.ActionListener() { - public void actionPerformed(java.awt.event.ActionEvent evt) { - jButton1ActionPerformed(evt); - } - }); - - progBar.setDoubleBuffered(true); - progBar.setEnabled(false); - progBar.setName(""); // NOI18N - progBar.setPreferredSize(new java.awt.Dimension(146, 15)); - progBar.setString(org.openide.util.NbBundle.getMessage(reportFilter.class, "reportFilter.progBar.string")); // NOI18N - progBar.setStringPainted(true); - - cancelButton.setText(org.openide.util.NbBundle.getMessage(reportFilter.class, "reportFilter.cancelButton.text")); // NOI18N - cancelButton.setActionCommand(org.openide.util.NbBundle.getMessage(reportFilter.class, "reportFilter.cancelButton.actionCommand")); // NOI18N - cancelButton.setEnabled(false); - cancelButton.addActionListener(new java.awt.event.ActionListener() { - public void actionPerformed(java.awt.event.ActionEvent evt) { - cancelButtonActionPerformed(evt); - } - }); - - javax.swing.GroupLayout layout = new javax.swing.GroupLayout(this); - this.setLayout(layout); - layout.setHorizontalGroup( - layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(layout.createSequentialGroup() - .addContainerGap() - .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(layout.createSequentialGroup() - .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(layout.createSequentialGroup() - .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jCheckBox3) - .addGroup(layout.createSequentialGroup() - .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jCheckBox2) - .addComponent(jCheckBox1)) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jCheckBox5) - .addComponent(jCheckBox4)))) - .addGap(69, 69, 69)) - .addGroup(layout.createSequentialGroup() - .addComponent(jButton1) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) - .addComponent(cancelButton) - .addGap(156, 156, 156))) - .addContainerGap()) - .addGroup(layout.createSequentialGroup() - .addComponent(progBar, javax.swing.GroupLayout.PREFERRED_SIZE, 231, javax.swing.GroupLayout.PREFERRED_SIZE) - .addContainerGap(109, Short.MAX_VALUE)))) - ); - layout.setVerticalGroup( - layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(layout.createSequentialGroup() - .addContainerGap() - .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) - .addComponent(jCheckBox1) - .addComponent(jCheckBox4)) - .addGap(18, 18, 18) - .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) - .addComponent(jCheckBox2) - .addComponent(jCheckBox5)) - .addGap(18, 18, 18) - .addComponent(jCheckBox3) - .addGap(18, 18, 18) - .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) - .addComponent(jButton1, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) - .addComponent(cancelButton, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addComponent(progBar, javax.swing.GroupLayout.DEFAULT_SIZE, 17, Short.MAX_VALUE) - .addContainerGap()) - ); - }// //GEN-END:initComponents - -private void jCheckBox1ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jCheckBox1ActionPerformed -}//GEN-LAST:event_jCheckBox1ActionPerformed - - public void getfilters(java.awt.event.ActionEvent evt) { - jButton1ActionPerformed(evt); - } - -private void jButton1ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton1ActionPerformed - - jButton1.setEnabled(false); - progBar.setEnabled(true); - cancelButton.setEnabled(true); - progBar.setStringPainted(true); - progBar.setValue(0); - filters.clear(); - if (jCheckBox1.isSelected()) { - try { - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK, true); - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE, true); - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY, true); - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD, true); - - filters.add(2); - filters.add(3); - filters.add(4); - filters.add(5); - } catch (ReportModuleException ex) { - logger.log(Level.WARNING, "", ex); - } - } - if (jCheckBox2.isSelected()) { - try { - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO, true); - filters.add(1); - } catch (ReportModuleException ex) { - logger.log(Level.WARNING, "", ex); - } - } - if (jCheckBox3.isSelected()) { - try { - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT, true); - filters.add(9); - } catch (ReportModuleException ex) { - logger.log(Level.WARNING, "", ex); - } - } - if (jCheckBox4.isSelected()) { - try { - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT, true); - filters.add(10); - } catch (ReportModuleException ex) { - logger.log(Level.WARNING, "", ex); - } - - } - if (jCheckBox5.isSelected()) { - try { - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT, true); - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG, true); - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED, true); - filters.add(6); - filters.add(8); - filters.add(11); - } catch (ReportModuleException ex) { - } - } - getReports(); -}//GEN-LAST:event_jButton1ActionPerformed - - public void getReports() { - new SwingWorker() { - - @Override - protected Void doInBackground() throws Exception { - rpa.reportGenerate(config, panel); - return null; - } - - ; - - // this is called when the SwingWorker's doInBackground finishes - @Override - protected void done() { - progBar.setVisible(false); // hide my progress bar JFrame - } - ; - }.execute(); - progBar.setVisible(true); - } - -private void cancelButtonActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_cancelButtonActionPerformed - cancelButton.setText("Cancelled!"); - cancel = true; -}//GEN-LAST:event_cancelButtonActionPerformed - -private void jButton1MouseReleased(java.awt.event.MouseEvent evt) {//GEN-FIRST:event_jButton1MouseReleased -}//GEN-LAST:event_jButton1MouseReleased - - public void progBarSet(int cc) { - final int count = cc; - SwingUtilities.invokeLater(new Runnable() { - - @Override - public void run() { - int start = progBar.getValue(); - int end = start + count; - progBar.setValue(end); - progBar.setString(null); - progBar.setString(progBar.getString()); - progBar.setStringPainted(true); - if (progBar.getPercentComplete() == 1.0) { - progBar.setString("Populating Report - Please wait..."); - progBar.setStringPainted(true); - progBar.setIndeterminate(true); - } - } - }); - } - - public void progBarDone() { - int max = progBar.getMaximum(); - progBar.setValue(max); - jButton2.doClick(); - } - - public void progBarStartText() { - progBar.setIndeterminate(true); - progBar.setString("Querying Database for Report Results..."); - } - - public void progBarText() { - - progBar.setString("Populating Report - Please wait..."); - progBar.setStringPainted(true); - progBar.repaint(); - progBar.setIndeterminate(true); - - } - - public void progBarCount(int count) { - progBar.setIndeterminate(false); - progBar.setString(null); - progBar.setMinimum(0); - progBar.setMaximum(count); - progBar.setValue(0); - //Double bper = progBar.getPercentComplete(); - progBar.setString(progBar.getString()); - - } - - public void setjButton1ActionListener(ActionListener e) { - jButton1.addActionListener(e); - - } - - public void setjButton2ActionListener(ActionListener e) { - jButton2.addActionListener(e); - cancelButton.addActionListener(e); - } - // Variables declaration - do not modify//GEN-BEGIN:variables - private javax.swing.JButton cancelButton; - private javax.swing.JButton jButton1; - private javax.swing.JButton jButton2; - private javax.swing.JCheckBox jCheckBox1; - private javax.swing.JCheckBox jCheckBox2; - private javax.swing.JCheckBox jCheckBox3; - private javax.swing.JCheckBox jCheckBox4; - private javax.swing.JCheckBox jCheckBox5; - private javax.swing.JProgressBar progBar; - // End of variables declaration//GEN-END:variables -} diff --git a/Report/src/org/sleuthkit/autopsy/report/reportFilterAction.java b/Report/src/org/sleuthkit/autopsy/report/reportFilterAction.java deleted file mode 100644 index f6346a4ee2..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/reportFilterAction.java +++ /dev/null @@ -1,83 +0,0 @@ -/* - * Autopsy Forensic Browser - * - * Copyright 2011 Basis Technology Corp. - * Contact: carrier sleuthkit org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.sleuthkit.autopsy.report; - -import java.awt.Container; -import java.awt.Dimension; -import java.awt.Toolkit; -import java.util.logging.Level; -import javax.swing.JDialog; -import javax.swing.JFrame; -import org.openide.util.HelpCtx; -import org.sleuthkit.autopsy.coreutils.Log; - -/** - * The reportFilterAction opens the reportFilterPanel in a dialog, and saves the - * settings of the panel if the Apply button is clicked. - * - * @author pmartel - */ -class reportFilterAction { - - private static final String ACTION_NAME = "Report Window"; - - //@Override - public void performAction() { - Log.noteAction(this.getClass()); - - try { - - // create the popUp window for it - Container cpane; - final JFrame frame = new JFrame(ACTION_NAME); - final JDialog popUpWindow = new JDialog(frame, ACTION_NAME, true); // to make the popUp Window to be modal - cpane = frame.getContentPane(); - // initialize panel with loaded settings - final reportFilter panel = new reportFilter(); - - // add the panel to the popup window - popUpWindow.add(panel); - popUpWindow.pack(); - popUpWindow.setResizable(false); - - // set the location of the popUp Window on the center of the screen - Dimension screenDimension = Toolkit.getDefaultToolkit().getScreenSize(); - double w = popUpWindow.getSize().getWidth(); - double h = popUpWindow.getSize().getHeight(); - popUpWindow.setLocation((int) ((screenDimension.getWidth() - w) / 2), (int) ((screenDimension.getHeight() - h) / 2)); - - // display the window - popUpWindow.setVisible(true); - - - } catch (Exception ex) { - Log.get(reportFilterAction.class).log(Level.WARNING, "Error displaying " + ACTION_NAME + " window.", ex); - } - } - - //@Override - public String getName() { - return ACTION_NAME; - } - - // @Override - public HelpCtx getHelpCtx() { - return HelpCtx.DEFAULT_HELP; - } -} diff --git a/Report/src/org/sleuthkit/autopsy/report/reportHTML.java b/Report/src/org/sleuthkit/autopsy/report/reportHTML.java deleted file mode 100644 index de5f986d7a..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/reportHTML.java +++ /dev/null @@ -1,468 +0,0 @@ - /* - * - * Autopsy Forensic Browser - * - * Copyright 2012 42six Solutions. - * Contact: aebadirad 42six com - * Project Contact/Architect: carrier sleuthkit org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.sleuthkit.autopsy.report; - -import java.io.BufferedWriter; -import java.io.FileOutputStream; -import java.io.IOException; -import java.io.OutputStreamWriter; -import java.io.Writer; -import java.text.DateFormat; -import java.text.SimpleDateFormat; -import java.util.ArrayList; -import java.util.Date; -import java.util.HashMap; -import java.util.Map.Entry; -import java.util.TreeMap; -import java.util.logging.Level; -import java.util.logging.Logger; -import org.sleuthkit.autopsy.casemodule.Case; -import org.sleuthkit.autopsy.ingest.IngestManager; -import org.sleuthkit.datamodel.BlackboardArtifact; -import org.sleuthkit.datamodel.BlackboardAttribute; -import org.sleuthkit.datamodel.FsContent; -import org.sleuthkit.datamodel.SleuthkitCase; -import org.sleuthkit.datamodel.TskData; - -/** - * - * @author Alex - */ -public class ReportHTML implements ReportModule{ - //Declare our publically accessible formatted Report, this will change everytime they run a Report - public static StringBuilder formatted_Report = new StringBuilder(); - private static StringBuilder unformatted_header = new StringBuilder(); - private static StringBuilder formatted_header = new StringBuilder(); - private static String htmlPath = ""; - private ReportConfiguration config; - - ReportHTML(){ - - } - - @Override - public String generateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException { - config = reportconfig; - ReportGen reportobj = new ReportGen(); - reportobj.populateReport(reportconfig); - HashMap> report = reportobj.Results; - //This is literally a terrible way to count up all the types of artifacts, and doesn't include any added ones. - //Unlike the XML Report, which is dynamic, this is formatted and needs to be redone later instead of being hardcoded. - //Also, clearing variables to generate new Report. - formatted_Report.setLength(0); - unformatted_header.setLength(0); - formatted_header.setLength(0); - - int countGen = 0; - int countWebBookmark = 0; - int countWebCookie = 0; - int countWebHistory = 0; - int countWebDownload = 0; - int countRecentObjects = 0; - int countTrackPoint = 0; - int countInstalled = 0; - int countKeyword = 0; - int countHash = 0; - int countDevice = 0; - for (Entry> entry : report.entrySet()) { - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getTypeID()) { - countGen++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID()) { - countWebBookmark++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getTypeID()) { - - countWebCookie++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID()) { - - countWebHistory++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getTypeID()) { - countWebDownload++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getTypeID()) { - countRecentObjects++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getTypeID()) { - countTrackPoint++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getTypeID()) { - countInstalled++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) { - countKeyword++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()) { - countHash++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID()) { - countDevice++; - } - } - - try { - String ingestwarning = "

Warning, this report was run before ingest services completed!

"; - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase skCase = currentCase.getSleuthkitCase(); - String caseName = currentCase.getName(); - Integer imagecount = currentCase.getImageIDs().length; - Integer totalfiles = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_REG); - Integer totaldirs = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_DIR); - int reportsize = report.size(); - Integer filesystemcount = currentCase.getRootObjectsCount(); - DateFormat datetimeFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); - DateFormat dateFormat = new SimpleDateFormat("MM-dd-yyyy"); - Date date = new Date(); - String datetime = datetimeFormat.format(date); - String datenotime = dateFormat.format(date); - String CSS = ""; - //Add additional header information - String header = "Autopsy Report for Case: " + caseName + ""; - formatted_header.append(header); - formatted_header.append(CSS); - - //do for unformatted - String simpleCSS = ""; - unformatted_header.append(header); - unformatted_header.append(simpleCSS); - //formatted_Report.append(""); - formatted_Report.append("
"); - // Add summary information now - - formatted_Report.append("

Report for Case: ").append(caseName).append("

"); - if (IngestManager.getDefault().isIngestRunning()) { - formatted_Report.append(ingestwarning); - } - formatted_Report.append("

Case Summary

HTML Report Generated by Autopsy 3 on ").append(datetime).append("

    "); - formatted_Report.append("
  • # of Images: ").append(imagecount).append("
    • "); - formatted_Report.append("
  • FileSystems: ").append(filesystemcount).append("
    • "); - formatted_Report.append("
  • # of Files: ").append(totalfiles.toString()).append("
    • "); - formatted_Report.append("
  • # of Dirs: ").append(totaldirs.toString()).append("
    • "); - formatted_Report.append("
  • # of Artifacts: ").append(reportsize).append("
"); - - formatted_Report.append("
"); - if (countWebBookmark > 0) { - formatted_Report.append(""); - } - if (countWebCookie > 0) { - formatted_Report.append(""); - } - if (countWebHistory > 0) { - formatted_Report.append(""); - } - if (countWebDownload > 0) { - formatted_Report.append(""); - } - if (countRecentObjects > 0) { - formatted_Report.append(""); - } - if (countInstalled > 0) { - formatted_Report.append(""); - } - if (countKeyword > 0) { - formatted_Report.append(""); - } - if (countHash > 0) { - formatted_Report.append(""); - } - if (countDevice > 0) { - formatted_Report.append(""); - } - formatted_Report.append("
SectionCount
Web Bookmarks").append(countWebBookmark).append("
Web Cookies").append(countWebCookie).append("
Web History").append(countWebHistory).append("
Web Downloads").append(countWebDownload).append("
Recent Documents").append(countRecentObjects).append("
Installed Programs").append(countInstalled).append("
Keyword Hits").append(countKeyword).append("
Hash Hits").append(countHash).append("
Attached Devices").append(countDevice).append("

"); - String tableHeader = ""; - StringBuilder nodeGen = new StringBuilder("

General Information (").append(countGen).append(")

").append(tableHeader).append(""); - StringBuilder nodeWebBookmark = new StringBuilder("

Web Bookmarks (").append(countWebBookmark).append(")

").append(tableHeader).append(""); - StringBuilder nodeWebCookie = new StringBuilder("

Web Cookies (").append(countWebCookie).append(")

").append(tableHeader).append(""); - StringBuilder nodeWebHistory = new StringBuilder("

Web History (").append(countWebHistory).append(")

").append(tableHeader).append(""); - StringBuilder nodeWebDownload = new StringBuilder("

Web Downloads (").append(countWebDownload).append(")

").append(tableHeader).append(""); - StringBuilder nodeRecentObjects = new StringBuilder("

Recent Documents (").append(countRecentObjects).append(")

").append(tableHeader).append(""); - StringBuilder nodeTrackPoint = new StringBuilder("

Track Points (").append(countTrackPoint).append(")

").append(tableHeader).append(""); - StringBuilder nodeInstalled = new StringBuilder("

Installed Programs (").append(countInstalled).append(")

").append(tableHeader).append(""); - StringBuilder nodeKeyword = new StringBuilder("

Keyword Search Hits (").append(countKeyword).append(")

"); - StringBuilder nodeHash = new StringBuilder("

Hashset Hit (").append(countHash).append(")

").append(tableHeader).append(""); - StringBuilder nodeDevice = new StringBuilder("

Attached Devices (").append(countHash).append(")

").append(tableHeader).append(""); - - int alt = 0; - String altRow = ""; - for (Entry> entry : report.entrySet()) { - if (reportFilter.cancel == true) { - break; - } - int cc = 0; - - if (alt > 0) { - altRow = " class=\"alt\""; - alt = 0; - } else { - altRow = ""; - alt++; - } - StringBuilder artifact = new StringBuilder(""); - Long objId = entry.getKey().getObjectID(); - //Content file = skCase.getContentById(objId); - FsContent file = skCase.getFsContentById(objId); - - Long filesize = file.getSize(); - - - TreeMap attributes = new TreeMap(); - // Get all the attributes, line them up to be added. Place empty string placeholders for each attribute type - int n; - for (n = 1; n <= 35; n++) { - attributes.put(n, ""); - - } - for (BlackboardAttribute tempatt : entry.getValue()) { - if (reportFilter.cancel == true) { - break; - } - String value = ""; - Integer type = tempatt.getAttributeTypeID(); - if (type.equals(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID()) || type.equals(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID())) { - try{ - SimpleDateFormat sdf = new java.text.SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); - value = sdf.format(new java.util.Date((tempatt.getValueLong()))); - } - catch(Exception ex){ - - } - } else { - value = tempatt.getValueString(); - } - if(value == null || value.isEmpty()) - { - value = ""; - } - value = ReportUtils.insertPeriodically(value, "
", 30); - attributes.put(type, value); - cc++; - } - - - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getTypeID()) { - - artifact.append(""); - nodeGen.append(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID()) { - artifact.append(""); - artifact.append(""); - artifact.append(""); - artifact.append(""); - nodeWebBookmark.append(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getTypeID()) { - artifact.append(""); - artifact.append(""); - artifact.append(""); - artifact.append(""); - artifact.append(""); - artifact.append(""); - nodeWebCookie.append(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID()) { - artifact.append(""); - artifact.append(""); - artifact.append(""); - artifact.append(""); - artifact.append(""); - artifact.append(""); - nodeWebHistory.append(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getTypeID()) { - artifact.append(""); - artifact.append(""); - artifact.append(""); - artifact.append(""); - artifact.append(""); - nodeWebDownload.append(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getTypeID()) { - //artifact.append(""); - artifact.append(""); - artifact.append(""); - artifact.append(""); - nodeRecentObjects.append(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getTypeID()) { - artifact.append(""); - artifact.append(""); - artifact.append(""); - nodeTrackPoint.append(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getTypeID()) { - artifact.append(""); - artifact.append(""); - artifact.append(""); - nodeInstalled.append(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) { - // artifact.append("
AttributeValue
URLTitleProgram
URLDateNameValueProgram
URLDateReferrerTitleProgram
FileSourceTimeProgram
NamePathRelated Shortcut
Artifact IDNameSizeAttributeValue
Program NameInstall Date/Time
NameSizeHashset Name
NameSerial #Time
").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())).append("
").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_VALUE.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())).append("
").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_REFERRER.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())).append("
").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())).append("
").append(objId.toString()); - artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH.getTypeID())).append("").append(file.getName()).append("
").append(objId.toString()); - artifact.append("").append(file.getName().toString()).append("").append(filesize.toString()).append("
").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())).append("
"); - // artifact.append("
Artifact IDNameSize
"); - // nodeKeyword.append(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()) { - // artifact.append("").append(objId.toString()); - artifact.append("").append(file.getName().toString()).append(""); - artifact.append("").append(filesize.toString()).append(""); - //artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_INTERESTING_FILE.getTypeID())).append(""); - artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_HASHSET_NAME.getTypeID())).append(""); - artifact.append(""); - nodeHash.append(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID()) { - artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DEVICE_MODEL.getTypeID())).append(""); - artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DEVICE_ID.getTypeID())).append(""); - artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())).append(""); - artifact.append(""); - nodeDevice.append(artifact); - } - cc++; - rr.progBarSet(cc); - } - //Add them back in order - //formatted_Report.append(nodeGen); - // formatted_Report.append(""); - - if (countWebBookmark > 0) { - formatted_Report.append(nodeWebBookmark); - formatted_Report.append(""); - } - if (countWebCookie > 0) { - formatted_Report.append(nodeWebCookie); - formatted_Report.append(""); - } - if (countWebHistory > 0) { - formatted_Report.append(nodeWebHistory); - formatted_Report.append(""); - } - if (countWebDownload > 0) { - formatted_Report.append(nodeWebDownload); - formatted_Report.append(""); - } - if (countRecentObjects > 0) { - formatted_Report.append(nodeRecentObjects); - formatted_Report.append(""); - } - // formatted_Report.append(nodeTrackPoint); - //formatted_Report.append(""); - if (countInstalled > 0) { - formatted_Report.append(nodeInstalled); - formatted_Report.append(""); - } - if (countKeyword > 0) { - formatted_Report.append(nodeKeyword); - Report keywords = new Report(); - formatted_Report.append(keywords.getGroupedKeywordHit()); - // " - // formatted_Report.append("
Artifact IDNameSize
"); - } - if (countHash > 0) { - formatted_Report.append(nodeHash); - formatted_Report.append(""); - } - if (countDevice > 0) { - formatted_Report.append(nodeDevice); - formatted_Report.append(""); - } - //end of master loop - - formatted_Report.append("
"); - formatted_header.append(formatted_Report); - // unformatted_header.append(formatted_Report); - htmlPath = currentCase.getCaseDirectory() + "/Reports/" + caseName + "-" + datenotime + ".html"; - this.save(htmlPath); - - } catch (Exception e) { - - Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - return htmlPath; - } - - - @Override - public void save(String path) - { - try{ - Writer out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(path), "UTF-8")); - out.write(formatted_header.toString()); - out.flush(); - out.close(); - } - catch(IOException e){ - Logger.getLogger(ReportHTML.class.getName()).log(Level.SEVERE, "Could not write out HTML report!", e); - } - - } - - @Override - public String getReportType(){ - String type = "HTML"; - return type; - } - - - @Override - public ReportConfiguration GetReportConfiguration(){ - return config; - } - - - @Override - public String getReportTypeDescription(){ - String desc = "This is an html formatted report that is meant to be viewed in a modern browser."; - return desc; - } - - @Override - public String generateReport() throws ReportModuleException { - throw new UnsupportedOperationException("Not supported yet."); - } - -} \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/reportPanel.form b/Report/src/org/sleuthkit/autopsy/report/reportPanel.form deleted file mode 100644 index 813c576b43..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/reportPanel.form +++ /dev/null @@ -1,89 +0,0 @@ - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
diff --git a/Report/src/org/sleuthkit/autopsy/report/reportPanel.java b/Report/src/org/sleuthkit/autopsy/report/reportPanel.java deleted file mode 100644 index b653709d89..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/reportPanel.java +++ /dev/null @@ -1,168 +0,0 @@ - /* - * - * Autopsy Forensic Browser - * - * Copyright 2012 42six Solutions. - * Contact: aebadirad 42six com - * Project Contact/Architect: carrier sleuthkit org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.sleuthkit.autopsy.report; - -import java.awt.event.ActionListener; -import java.io.*; -import java.text.DateFormat; -import java.text.SimpleDateFormat; -import java.util.Date; -import javax.swing.JFileChooser; -import javax.swing.JOptionPane; -import org.jdom.output.XMLOutputter; - -/** - * - * @author Alex - */ -public class reportPanel extends javax.swing.JPanel { - - /** - * Creates new form reportPanel - */ - public reportPanel() { - initComponents(); - } - - /** - * This method is called from within the constructor to initialize the form. - * WARNING: Do NOT modify this code. The content of this method is always - * regenerated by the Form Editor. - */ - @SuppressWarnings("unchecked") - // //GEN-BEGIN:initComponents - private void initComponents() { - - jFileChooser1 = new javax.swing.JFileChooser(); - jOptionPane1 = new javax.swing.JOptionPane(); - jButton1 = new javax.swing.JButton(); - saveReport = new javax.swing.JButton(); - jLabel1 = new javax.swing.JLabel(); - - jButton1.setText(org.openide.util.NbBundle.getMessage(reportPanel.class, "reportPanel.jButton1.text")); // NOI18N - - saveReport.setText(org.openide.util.NbBundle.getMessage(reportPanel.class, "reportPanel.saveReport.text")); // NOI18N - saveReport.setActionCommand(org.openide.util.NbBundle.getMessage(reportPanel.class, "reportPanel.saveReport.actionCommand")); // NOI18N - saveReport.addActionListener(new java.awt.event.ActionListener() { - public void actionPerformed(java.awt.event.ActionEvent evt) { - saveReportActionPerformed(evt); - } - }); - - jLabel1.setText(org.openide.util.NbBundle.getMessage(reportPanel.class, "reportPanel.jLabel1.text")); // NOI18N - - javax.swing.GroupLayout layout = new javax.swing.GroupLayout(this); - this.setLayout(layout); - layout.setHorizontalGroup( - layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(layout.createSequentialGroup() - .addContainerGap() - .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jLabel1, javax.swing.GroupLayout.DEFAULT_SIZE, 300, Short.MAX_VALUE) - .addGroup(layout.createSequentialGroup() - .addComponent(jButton1) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, 128, Short.MAX_VALUE) - .addComponent(saveReport))) - .addContainerGap()) - ); - layout.setVerticalGroup( - layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, layout.createSequentialGroup() - .addContainerGap() - .addComponent(jLabel1, javax.swing.GroupLayout.DEFAULT_SIZE, 26, Short.MAX_VALUE) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) - .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) - .addComponent(jButton1) - .addComponent(saveReport)) - .addContainerGap()) - ); - - getAccessibleContext().setAccessibleName(""); - getAccessibleContext().setAccessibleParent(this); - }// //GEN-END:initComponents - -private void saveReportActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_saveReportActionPerformed - - saveReportAction(); -}//GEN-LAST:event_saveReportActionPerformed - /** - * Sets the listener for the OK button - * - * @param e The action listener - */ - public void setjButton1ActionListener(ActionListener e) { - jButton1.addActionListener(e); - } - - public void setFinishedReportText() { - DateFormat dateFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); - Date date = new Date(); - String reportText = "Report was sucessfully generated at " + dateFormat.format(date) + "."; - jLabel1.setText(reportText); - } - - private void saveReportAction() { - - int option = jFileChooser1.showSaveDialog(this); - if (option == JFileChooser.APPROVE_OPTION) { - if (jFileChooser1.getSelectedFile() != null) { - String path = jFileChooser1.getSelectedFile().toString(); - exportReport(path); - } - } - } - - private void exportReport(String path) { - - String htmlpath = ReportUtils.changeExtension(path, ".html"); - String xmlpath = ReportUtils.changeExtension(path, ".xml"); - String xlspath = ReportUtils.changeExtension(path, ".xlsx"); - try { - Writer out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(htmlpath), "UTF-8")); - - // FileOutputStream out = new FileOutputStream(htmlpath); - out.write(ReportHTML.formatted_Report.toString()); - out.flush(); - out.close(); - - //xls report - FileOutputStream fos = new FileOutputStream(xlspath); - ReportXLS.wb.write(fos); - fos.close(); - - FileOutputStream xmlout = new FileOutputStream(xmlpath); - XMLOutputter serializer = new XMLOutputter(); - serializer.output(ReportXML.xmldoc, xmlout); - xmlout.flush(); - xmlout.close(); - JOptionPane.showMessageDialog(this, "Report has been successfully saved!"); - } catch (IOException e) { - System.err.println(e); - } - } - // Variables declaration - do not modify//GEN-BEGIN:variables - private javax.swing.JButton jButton1; - private javax.swing.JFileChooser jFileChooser1; - private javax.swing.JLabel jLabel1; - private javax.swing.JOptionPane jOptionPane1; - private javax.swing.JButton saveReport; - // End of variables declaration//GEN-END:variables -} diff --git a/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java b/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java deleted file mode 100644 index ec99dc5a06..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/reportPanelAction.java +++ /dev/null @@ -1,163 +0,0 @@ - /* - * - * Autopsy Forensic Browser - * - * Copyright 2012 42six Solutions. - * Contact: aebadirad 42six com - * Project Contact/Architect: carrier sleuthkit org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.sleuthkit.autopsy.report; - -import java.awt.Dimension; -import java.awt.Toolkit; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; -import java.util.logging.Level; -import java.util.logging.Logger; -import javax.swing.JDialog; -import javax.swing.JFrame; -import javax.swing.SwingUtilities; -import org.sleuthkit.autopsy.coreutils.Log; - -/** - * - * @author Alex - */ -public class reportPanelAction { - private static final String ACTION_NAME = "Report Preview"; - private StringBuilder viewReport = new StringBuilder(); - public reportPanelAction(){ - - } - - public void reportGenerate(final ReportConfiguration reportconfig, final reportFilter rr){ - try { - //Clear any old reports in the string - viewReport.setLength(0); - - - // Generate the reports and create the hashmap - final ReportGen report = new ReportGen(); - //see what reports we need to run and run them - //Set progress bar to move while doing this - SwingUtilities.invokeLater(new Runnable() { - @Override - public void run() { - rr.progBarStartText(); - }}); - report.populateReport(reportconfig); - SwingUtilities.invokeLater(new Runnable() { - @Override - public void run() { - rr.progBarCount(2*report.Results.size()); - }}); - //Turn our results into the appropriate xml/html reports - //TODO: add a way for users to select what they will run when - Thread reportThread = new Thread(new Runnable() - { - @Override - public void run() - { - StopWatch a = new StopWatch(); - a.start(); - ReportHTML htmlReport = new ReportHTML(); - try{ - String htmlpath = htmlReport.generateReport(reportconfig, rr); - BrowserControl.openUrl(htmlpath); - } - catch(ReportModuleException e){ - Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the htmlReport", e); - } - a.stop(); - System.out.println("html in milliseconds: " + a.getElapsedTime()); - - StopWatch s = new StopWatch(); - s.start(); - ReportXLS xlsReport = new ReportXLS(); - try{ - xlsReport.generateReport(reportconfig,rr); - } - catch(ReportModuleException e){ - Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the XLS Report", e); - } - s.stop(); - System.out.println("xls in milliseconds: " + s.getElapsedTime()); - - StopWatch S = new StopWatch(); - S.start(); - ReportXML xmlReport = new ReportXML(); - try{ - xmlReport.generateReport(reportconfig,rr); - } - catch(ReportModuleException e){ - Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the XML Report", e); - } - S.stop(); - System.out.println("xml in milliseconds: " + S.getElapsedTime()); - } - }); - - - // start our threads - reportThread.start(); - - // display the window - - // create the popUp window for it - if(reportFilter.cancel == false){ - - final JFrame frame = new JFrame(ACTION_NAME); - final JDialog popUpWindow = new JDialog(frame, ACTION_NAME, true); // to make the popUp Window to be modal - - - // initialize panel with loaded settings - - //Set the temporary label to let the user know its done and is waiting on the report - rr.progBarText(); - final reportPanel panel = new reportPanel(); - - - panel.setjButton1ActionListener(new ActionListener() { - - @Override - public void actionPerformed(ActionEvent e) { - popUpWindow.dispose(); - } - }); - // add the panel to the popup window - popUpWindow.add(panel); - - popUpWindow.setResizable(true); - popUpWindow.pack(); - // set the location of the popUp Window on the center of the screen - Dimension screenDimension = Toolkit.getDefaultToolkit().getScreenSize(); - double w = popUpWindow.getSize().getWidth(); - double h = popUpWindow.getSize().getHeight(); - popUpWindow.setLocation((int) ((screenDimension.getWidth() - w) / 2), (int) ((screenDimension.getHeight() - h) / 2)); - - reportThread.join(); - rr.progBarDone(); - panel.setFinishedReportText(); - popUpWindow.setVisible(true); - - - - - } - } catch (Exception ex) { - Log.get(reportFilterAction.class).log(Level.WARNING, "Error displaying " + ACTION_NAME + " window.", ex); - } - } -} diff --git a/Report/src/org/sleuthkit/autopsy/report/reportUtils.java b/Report/src/org/sleuthkit/autopsy/report/reportUtils.java deleted file mode 100644 index ba3dd55969..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/reportUtils.java +++ /dev/null @@ -1,55 +0,0 @@ - /* - * - * Autopsy Forensic Browser - * - * Copyright 2012 42six Solutions. - * Contact: aebadirad 42six com - * Project Contact/Architect: carrier sleuthkit org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.sleuthkit.autopsy.report; - -/** - * - * @author Alex - */ -public class ReportUtils { - - static String changeExtension(String originalName, String newExtension) { - int lastDot = originalName.lastIndexOf("."); - if (lastDot != -1) { - return originalName.substring(0, lastDot) + newExtension; - } else { - return originalName + newExtension; - } - } - - public static String insertPeriodically(String text, String insert, int period) { - StringBuilder builder = new StringBuilder( - text.length() + insert.length() * (text.length() / period) + 1); - - int index = 0; - String prefix = ""; - while (index < text.length()) { - // Don't put the insert in the very first iteration. - // This is easier than appending it *after* each substring - builder.append(prefix); - prefix = insert; - builder.append(text.substring(index, - Math.min(index + period, text.length()))); - index += period; - } - return builder.toString(); - } -} \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/reportXLS.java b/Report/src/org/sleuthkit/autopsy/report/reportXLS.java deleted file mode 100644 index ebfbfb449d..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/reportXLS.java +++ /dev/null @@ -1,435 +0,0 @@ - /* - * - * Autopsy Forensic Browser - * - * Copyright 2012 42six Solutions. - * Contact: aebadirad 42six com - * Project Contact/Architect: carrier sleuthkit org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.sleuthkit.autopsy.report; - -import java.io.FileOutputStream; -import java.io.IOException; -import java.io.File; -import java.text.DateFormat; -import java.text.SimpleDateFormat; -import java.util.ArrayList; -import java.util.Date; -import java.util.HashMap; -import java.util.Map.Entry; -import java.util.TreeMap; -import java.util.logging.Level; -import java.util.logging.Logger; -import org.apache.poi.ss.usermodel.*; -import org.apache.poi.xssf.usermodel.XSSFWorkbook; -import org.sleuthkit.autopsy.casemodule.Case; -import org.sleuthkit.datamodel.*; - -/** - * - * @author Alex - */ -public class ReportXLS implements ReportModule { - - public static Workbook wb = new XSSFWorkbook(); - private static String xlsPath = ""; - private ReportConfiguration config; - - public ReportXLS() { - //Empty the workbook first - - } - @Override - public String generateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException { - config = reportconfig; - ReportGen reportobj = new ReportGen(); - reportobj.populateReport(reportconfig); - HashMap> report = reportobj.Results; - Workbook wbtemp = new XSSFWorkbook(); - int countGen = 0; - int countBookmark = 0; - int countCookie = 0; - int countHistory = 0; - int countDownload = 0; - int countRecentObjects = 0; - int countTrackPoint = 0; - int countInstalled = 0; - int countKeyword = 0; - int countHash = 0; - int countDevice = 0; - for (Entry> entry : report.entrySet()) { - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getTypeID()) { - countGen++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID()) { - countBookmark++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getTypeID()) { - - countCookie++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID()) { - - countHistory++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getTypeID()) { - countDownload++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getTypeID()) { - countRecentObjects++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getTypeID()) { - countTrackPoint++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getTypeID()) { - countInstalled++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) { - countKeyword++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()) { - countHash++; - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID()) { - countDevice++; - } - } - - try { - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase skCase = currentCase.getSleuthkitCase(); - String caseName = currentCase.getName(); - Integer imagecount = currentCase.getImageIDs().length; - Integer filesystemcount = currentCase.getRootObjectsCount(); - Integer totalfiles = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_REG); - Integer totaldirs = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_DIR); - DateFormat datetimeFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); - DateFormat dateFormat = new SimpleDateFormat("MM-dd-yyyy-HH-mm-ss"); - Date date = new Date(); - String datetime = datetimeFormat.format(date); - String datenotime = dateFormat.format(date); - - //The first summary report page - Sheet sheetSummary = wbtemp.createSheet("Summary"); - - //Generate a sheet per artifact type - // Sheet sheetGen = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getDisplayName()); - Sheet sheetHash = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getDisplayName()); - Sheet sheetDevice = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getDisplayName()); - Sheet sheetInstalled = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getDisplayName()); - Sheet sheetKeyword = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getDisplayName()); - // Sheet sheetTrackpoint = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getDisplayName()); - Sheet sheetRecent = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getDisplayName()); - Sheet sheetCookie = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getDisplayName()); - Sheet sheetBookmark = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getDisplayName()); - Sheet sheetDownload = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getDisplayName()); - Sheet sheetHistory = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getDisplayName()); - - //Bold/underline cell style for the top header rows - CellStyle style = wbtemp.createCellStyle(); - style.setBorderBottom((short) 2); - Font font = wbtemp.createFont(); - font.setFontHeightInPoints((short) 14); - font.setFontName("Arial"); - font.setBoldweight((short) 2); - style.setFont(font); - - //create 'default' style - CellStyle defaultstyle = wbtemp.createCellStyle(); - defaultstyle.setBorderBottom((short) 2); - Font defaultfont = wbtemp.createFont(); - defaultfont.setFontHeightInPoints((short) 14); - defaultfont.setFontName("Arial"); - defaultfont.setBoldweight((short) 2); - defaultstyle.setFont(defaultfont); - //create the rows in the worksheet for our records - //Create first row and header - // sheetGen.createRow(0); - // sheetGen.getRow(0).createCell(0).setCellValue("Name"); - // sheetGen.getRow(0).createCell(1).setCellValue("Value"); - // sheetGen.getRow(0).createCell(2).setCellValue("Date/Time"); - sheetSummary.setDefaultColumnStyle(1, defaultstyle); - sheetSummary.createRow(0).setRowStyle(style); - sheetSummary.getRow(0).createCell(0).setCellValue("Summary Information"); - sheetSummary.getRow(0).createCell(1).setCellValue(caseName); - //add some basic information - sheetSummary.createRow(1).setRowStyle(defaultstyle); - sheetSummary.getRow(1).createCell(0).setCellValue("# of Images"); - sheetSummary.getRow(1).createCell(1).setCellValue(imagecount); - sheetSummary.createRow(2); - sheetSummary.getRow(2).createCell(0).setCellValue("Filesystems found"); - sheetSummary.getRow(2).createCell(1).setCellValue(imagecount); - sheetSummary.createRow(3); - sheetSummary.getRow(3).createCell(0).setCellValue("# of Files"); - sheetSummary.getRow(3).createCell(1).setCellValue(totalfiles); - sheetSummary.createRow(4); - sheetSummary.getRow(4).createCell(0).setCellValue("# of Directories"); - sheetSummary.getRow(4).createCell(1).setCellValue(totaldirs); - sheetSummary.createRow(5); - sheetSummary.getRow(5).createCell(0).setCellValue("Date/Time"); - sheetSummary.getRow(5).createCell(1).setCellValue(datetime); - - - sheetHash.setDefaultColumnStyle(1, defaultstyle); - sheetHash.createRow(0).setRowStyle(style); - sheetHash.getRow(0).createCell(0).setCellValue("Name"); - sheetHash.getRow(0).createCell(1).setCellValue("Size"); - sheetHash.getRow(0).createCell(2).setCellValue("Hashset Name"); - - sheetDevice.setDefaultColumnStyle(1, defaultstyle); - sheetDevice.createRow(0).setRowStyle(style); - sheetDevice.getRow(0).createCell(0).setCellValue("Name"); - sheetDevice.getRow(0).createCell(1).setCellValue("Serial #"); - sheetDevice.getRow(0).createCell(2).setCellValue("Time"); - - sheetInstalled.setDefaultColumnStyle(1, defaultstyle); - sheetInstalled.createRow(0).setRowStyle(style); - sheetInstalled.getRow(0).createCell(0).setCellValue("Program Name"); - sheetInstalled.getRow(0).createCell(1).setCellValue("Install Date/Time"); - - sheetKeyword.setDefaultColumnStyle(1, defaultstyle); - sheetKeyword.createRow(0).setRowStyle(style); - sheetKeyword.getRow(0).createCell(0).setCellValue("Keyword"); - sheetKeyword.getRow(0).createCell(1).setCellValue("File Name"); - sheetKeyword.getRow(0).createCell(2).setCellValue("Preview"); - sheetKeyword.getRow(0).createCell(3).setCellValue("Keyword LIst"); - - sheetRecent.setDefaultColumnStyle(1, defaultstyle); - sheetRecent.createRow(0).setRowStyle(style); - sheetRecent.getRow(0).createCell(0).setCellValue("Name"); - sheetRecent.getRow(0).createCell(1).setCellValue("Path"); - sheetRecent.getRow(0).createCell(2).setCellValue("Related Shortcut"); - - sheetCookie.setDefaultColumnStyle(1, defaultstyle); - sheetCookie.createRow(0).setRowStyle(style); - sheetCookie.getRow(0).createCell(0).setCellValue("URL"); - sheetCookie.getRow(0).createCell(1).setCellValue("Date"); - sheetCookie.getRow(0).createCell(2).setCellValue("Name"); - sheetCookie.getRow(0).createCell(3).setCellValue("Value"); - sheetCookie.getRow(0).createCell(4).setCellValue("Program"); - - sheetBookmark.setDefaultColumnStyle(1, defaultstyle); - sheetBookmark.createRow(0).setRowStyle(style); - sheetBookmark.getRow(0).createCell(0).setCellValue("URL"); - sheetBookmark.getRow(0).createCell(1).setCellValue("Title"); - sheetBookmark.getRow(0).createCell(2).setCellValue("Program"); - - sheetDownload.setDefaultColumnStyle(1, defaultstyle); - sheetDownload.createRow(0).setRowStyle(style); - sheetDownload.getRow(0).createCell(0).setCellValue("File"); - sheetDownload.getRow(0).createCell(1).setCellValue("Source"); - sheetDownload.getRow(0).createCell(2).setCellValue("Time"); - sheetDownload.getRow(0).createCell(3).setCellValue("Program"); - - sheetHistory.setDefaultColumnStyle(1, defaultstyle); - sheetHistory.createRow(0).setRowStyle(style); - sheetHistory.getRow(0).createCell(0).setCellValue("URL"); - sheetHistory.getRow(0).createCell(1).setCellValue("Date"); - sheetHistory.getRow(0).createCell(2).setCellValue("Referrer"); - sheetHistory.getRow(0).createCell(3).setCellValue("Title"); - sheetHistory.getRow(0).createCell(4).setCellValue("Program"); - - for (int i = 0; i < wbtemp.getNumberOfSheets(); i++) { - Sheet tempsheet = wbtemp.getSheetAt(i); - tempsheet.setAutobreaks(true); - - for (Row temprow : tempsheet) { - for (Cell cell : temprow) { - cell.setCellStyle(style); - tempsheet.autoSizeColumn(cell.getColumnIndex()); - } - } - } - - int countedGen = 0; - int countedBookmark = 0; - int countedCookie = 0; - int countedHistory = 0; - int countedDownload = 0; - int countedRecentObjects = 0; - int countedTrackPoint = 0; - int countedInstalled = 0; - int countedKeyword = 0; - int countedHash = 0; - int countedDevice = 0; - - //start populating the sheets in the workbook - for (Entry> entry : report.entrySet()) { - if (reportFilter.cancel == true) { - break; - } - int cc = 0; - Long objId = entry.getKey().getObjectID(); - FsContent file = skCase.getFsContentById(objId); - Long filesize = file.getSize(); - TreeMap attributes = new TreeMap(); - // Get all the attributes, line them up to be added. Place empty string placeholders for each attribute type - int n; - for (n = 1; n <= 36; n++) { - attributes.put(n, ""); - - } - for (BlackboardAttribute tempatt : entry.getValue()) { - if (reportFilter.cancel == true) { - break; - } - String value = ""; - int type = tempatt.getAttributeTypeID(); - if (tempatt.getValueString() == null || "null".equals(tempatt.getValueString())) { - } else if (type == 2 || type == 33) { - value = new java.text.SimpleDateFormat("MM/dd/yyyy HH:mm:ss").format(new java.util.Date((tempatt.getValueLong()) * 1000)); - } else { - value = tempatt.getValueString(); - } - - attributes.put(type, value); - cc++; - } - - - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getTypeID()) { - countedGen++; - // Row temp = sheetGen.getRow(countedGen); - - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID()) { - countedBookmark++; - Row temp = sheetBookmark.createRow(countedBookmark); - temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())); - temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())); - temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getTypeID()) { - countedCookie++; - Row temp = sheetCookie.createRow(countedCookie); - temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())); - temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())); - temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())); - temp.createCell(3).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_VALUE.getTypeID())); - temp.createCell(4).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID()) { - countedHistory++; - Row temp = sheetHistory.createRow(countedHistory); - temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())); - temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID())); - temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_REFERRER.getTypeID())); - temp.createCell(3).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())); - temp.createCell(4).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getTypeID()) { - countedDownload++; - Row temp = sheetDownload.createRow(countedDownload); - temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH.getTypeID())); - temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())); - temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID())); - temp.createCell(3).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getTypeID()) { - countedRecentObjects++; - Row temp = sheetRecent.createRow(countedRecentObjects); - temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())); - temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH.getTypeID())); - temp.createCell(2).setCellValue(file.getName()); - temp.createCell(3).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getTypeID()) { - // sheetTrackpoint.addContent(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getTypeID()) { - countedInstalled++; - Row temp = sheetInstalled.createRow(countedInstalled); - temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); - temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) { - countedKeyword++; - Row temp = sheetKeyword.createRow(countedKeyword); - temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD.getTypeID())); - temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())); - temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_PREVIEW.getTypeID())); - temp.createCell(3).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_SET.getTypeID())); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()) { - countedHash++; - Row temp = sheetHash.createRow(countedHash); - temp.createCell(0).setCellValue(file.getName().toString()); - temp.createCell(1).setCellValue(filesize.toString()); - temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_HASHSET_NAME.getTypeID())); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID()) { - countedDevice++; - Row temp = sheetDevice.createRow(countedDevice); - temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DEVICE_MODEL.getTypeID())); - temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DEVICE_ID.getTypeID())); - temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())); - } - - - cc++; - rr.progBarSet(cc); - } - - - //write out the report to the reports folder, set the wbtemp to the primary wb object - wb = wbtemp; - xlsPath = currentCase.getCaseDirectory() + File.separator + "Reports" + File.separator + caseName + "-" + datenotime + ".xlsx"; - this.save(xlsPath); - - } catch (Exception E) { - String test = E.toString(); - } - - return xlsPath; - } - - @Override - public void save(String path) - { - try{ - FileOutputStream fos = new FileOutputStream(path); - wb.write(fos); - fos.close(); - } - catch(IOException e){ - Logger.getLogger(ReportHTML.class.getName()).log(Level.SEVERE, "Could not write out XLS report!", e); - } - - } - - @Override - public String getReportType(){ - String type = "XLS"; - return type; - } - - - @Override - public ReportConfiguration GetReportConfiguration(){ - return config; - } - - - @Override - public String getReportTypeDescription(){ - String desc = "This is an xls formatted report that is meant to be viewed in Excel."; - return desc; - } - - @Override - public String generateReport() throws ReportModuleException { - throw new UnsupportedOperationException("Not supported yet."); - } -} diff --git a/Report/src/org/sleuthkit/autopsy/report/reportXML.java b/Report/src/org/sleuthkit/autopsy/report/reportXML.java deleted file mode 100644 index 2bb574266d..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/reportXML.java +++ /dev/null @@ -1,259 +0,0 @@ - /* - * - * Autopsy Forensic Browser - * - * Copyright 2012 42six Solutions. - * Contact: aebadirad 42six com - * Project Contact/Architect: carrier sleuthkit org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.sleuthkit.autopsy.report; - -import java.io.FileOutputStream; -import java.io.File; -import java.io.IOException; -import java.text.DateFormat; -import java.text.SimpleDateFormat; -import java.util.ArrayList; -import java.util.Date; -import java.util.HashMap; -import java.util.Map.Entry; -import java.util.logging.Level; -import java.util.logging.Logger; -import java.util.regex.Pattern; -import org.apache.commons.lang3.StringEscapeUtils; -import org.jdom.Comment; -import org.jdom.Document; -import org.jdom.Element; -import org.jdom.output.XMLOutputter; -import org.sleuthkit.autopsy.casemodule.Case; -import org.sleuthkit.autopsy.ingest.IngestManager; -import org.sleuthkit.datamodel.*; - -public class ReportXML implements ReportModule { - - public static Document xmldoc = new Document(); - private ReportConfiguration reportconfig; - private String xmlPath; - - public ReportXML() { - } - - @Override - public String generateReport(ReportConfiguration reportconfig, reportFilter rr) throws ReportModuleException{ - ReportGen reportobj = new ReportGen(); - reportobj.populateReport(reportconfig); - HashMap> report = reportobj.Results; - try { - Case currentCase = Case.getCurrentCase(); // get the most updated case - SleuthkitCase skCase = currentCase.getSleuthkitCase(); - String caseName = currentCase.getName(); - Integer imagecount = currentCase.getImageIDs().length; - Integer filesystemcount = currentCase.getRootObjectsCount(); - Integer totalfiles = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_REG); - Integer totaldirs = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_DIR); - Element root = new Element("Case"); - xmldoc = new Document(root); - DateFormat datetimeFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); - DateFormat dateFormat = new SimpleDateFormat("MM-dd-yyyy-HH-mm-ss"); - Date date = new Date(); - String datetime = datetimeFormat.format(date); - String datenotime = dateFormat.format(date); - Comment comment = new Comment("XML Report Generated by Autopsy 3 on " + datetime); - root.addContent(comment); - //Create summary node involving how many of each type - Element summary = new Element("Summary"); - if (IngestManager.getDefault().isIngestRunning()) { - summary.addContent(new Element("Warning").setText("Report was run before ingest services completed!")); - } - summary.addContent(new Element("Name").setText(caseName)); - summary.addContent(new Element("Total-Images").setText(imagecount.toString())); - summary.addContent(new Element("Total-FileSystems").setText(filesystemcount.toString())); - summary.addContent(new Element("Total-Files").setText(totalfiles.toString())); - summary.addContent(new Element("Total-Directories").setText(totaldirs.toString())); - root.addContent(summary); - //generate the nodes for each of the types so we can use them later - Element nodeGen = new Element("General-Information"); - Element nodeWebBookmark = new Element("Web-Bookmarks"); - Element nodeWebCookie = new Element("Web-Cookies"); - Element nodeWebHistory = new Element("Web-History"); - Element nodeWebDownload = new Element("Web-Downloads"); - Element nodeRecentObjects = new Element("Recent-Documents"); - Element nodeTrackPoint = new Element("Track-Points"); - Element nodeInstalled = new Element("Installed-Programfiles"); - Element nodeKeyword = new Element("Keyword-Search-Hits"); - Element nodeHash = new Element("Hashset-Hits"); - Element nodeDevice = new Element("Attached-Devices"); - //remove bytes - Pattern INVALID_XML_CHARS = Pattern.compile("[^\\u0009\\u000A\\u000D\\u0020-\\uD7FF\\uE000-\\uFFFD\uD800\uDC00-\uDBFF\uDFFF]"); - for (Entry> entry : report.entrySet()) { - if (reportFilter.cancel == true) { - break; - } - int cc = 0; - Element artifact = new Element("Artifact"); - Long objId = entry.getKey().getObjectID(); - Content cont = skCase.getContentById(objId); - Long filesize = cont.getSize(); - artifact.setAttribute("ID", objId.toString()); - artifact.setAttribute("Name", cont.accept(new NameVisitor())); - artifact.setAttribute("Size", filesize.toString()); - - // Get all the attributes for this guy - for (BlackboardAttribute tempatt : entry.getValue()) { - if (reportFilter.cancel == true) { - break; - } - Element attribute = new Element("Attribute").setAttribute("Type", tempatt.getAttributeTypeDisplayName()); - String tempvalue = tempatt.getValueString(); - //INVALID_XML_CHARS.matcher(tempvalue).replaceAll(""); - Element value = new Element("Value").setText(tempvalue); - attribute.addContent(value); - Element context = new Element("Context").setText(StringEscapeUtils.escapeXml(tempatt.getContext())); - attribute.addContent(context); - artifact.addContent(attribute); - cc++; - } - - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getTypeID()) { - //while (entry.getValue().iterator().hasNext()) - // { - // } - nodeGen.addContent(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID()) { - - - nodeWebBookmark.addContent(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getTypeID()) { - - nodeWebCookie.addContent(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID()) { - - nodeWebHistory.addContent(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getTypeID()) { - nodeWebDownload.addContent(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getTypeID()) { - nodeRecentObjects.addContent(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getTypeID()) { - nodeTrackPoint.addContent(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getTypeID()) { - nodeInstalled.addContent(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) { - nodeKeyword.addContent(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()) { - nodeHash.addContent(artifact); - } - if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID()) { - nodeDevice.addContent(artifact); - } - cc++; - rr.progBarSet(cc); - //end of master loop - } - - //add them in the order we want them to the document - root.addContent(nodeGen); - root.addContent(nodeWebBookmark); - root.addContent(nodeWebCookie); - root.addContent(nodeWebHistory); - root.addContent(nodeWebDownload); - root.addContent(nodeRecentObjects); - root.addContent(nodeTrackPoint); - root.addContent(nodeInstalled); - root.addContent(nodeKeyword); - root.addContent(nodeHash); - root.addContent(nodeDevice); - - - //Export it the first time - xmlPath = currentCase.getCaseDirectory() + File.separator + "Reports" + File.separator + caseName + "-" + datenotime + ".xml"; - this.save(xmlPath); - - } catch (Exception e) { - Logger.getLogger(ReportXML.class.getName()).log(Level.WARNING, "Exception occurred", e); - } - - return xmlPath; - } - - @Override - public void save(String path) { - - try { - - FileOutputStream out = new FileOutputStream(path); - XMLOutputter serializer = new XMLOutputter(); - serializer.output(xmldoc, out); - out.flush(); - out.close(); - } catch (IOException e) { - System.err.println(e); - } - - } - - @Override - public String getReportType() { - String type = "XML"; - return type; - } - - @Override - public ReportConfiguration GetReportConfiguration() { - ReportConfiguration config = reportconfig; - return config; - } - - @Override - public String getReportTypeDescription() { - String desc = "This is an html formatted report that is meant to be viewed in a modern browser."; - return desc; - } - - @Override - public String generateReport() throws ReportModuleException { - throw new UnsupportedOperationException("Not supported yet."); - } - - private class NameVisitor extends ContentVisitor.Default { - - @Override - protected String defaultVisit(Content cntnt) { - throw new UnsupportedOperationException("Not supported for " + cntnt.toString()); - } - - @Override - public String visit(Directory dir) { - return dir.getName(); - } - - @Override - public String visit(Image img) { - return img.getName(); - } - - public String visit(File fil) { - return fil.getName(); - } - } -} From ca50b0d96f18c4dcca91fe6ac3fb6bee80225554 Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Fri, 11 May 2012 08:48:03 -0700 Subject: [PATCH 14/22] Re-adding files back to git repo with proper capitalization in place. Signed-off-by: Alex Ebadirad --- .../autopsy/report/BrowserControl.java | 50 ++ .../autopsy/report/Bundle.properties | 18 + .../org/sleuthkit/autopsy/report/Report.java | 107 ++++ .../autopsy/report/ReportAction.java | 186 +++++++ .../autopsy/report/ReportConfiguration.java | 138 ++++++ .../autopsy/report/ReportFilter.form | 180 +++++++ .../autopsy/report/ReportFilter.java | 353 +++++++++++++ .../autopsy/report/ReportFilterAction.java | 83 ++++ .../sleuthkit/autopsy/report/ReportGen.java | 49 ++ .../sleuthkit/autopsy/report/ReportHTML.java | 468 ++++++++++++++++++ .../autopsy/report/ReportModule.java | 67 +++ .../autopsy/report/ReportModuleException.java | 33 ++ .../sleuthkit/autopsy/report/ReportPanel.form | 89 ++++ .../sleuthkit/autopsy/report/ReportPanel.java | 168 +++++++ .../autopsy/report/ReportPanelAction.java | 163 ++++++ .../sleuthkit/autopsy/report/ReportUtils.java | 55 ++ .../sleuthkit/autopsy/report/ReportXLS.java | 435 ++++++++++++++++ .../sleuthkit/autopsy/report/ReportXML.java | 259 ++++++++++ .../sleuthkit/autopsy/report/StopWatch.java | 60 +++ .../report/btn_icon_generate_report.png | Bin 0 -> 1632 bytes .../org/sleuthkit/autopsy/report/layer.xml | 23 + 21 files changed, 2984 insertions(+) create mode 100644 Report/src/org/sleuthkit/autopsy/report/BrowserControl.java create mode 100644 Report/src/org/sleuthkit/autopsy/report/Bundle.properties create mode 100644 Report/src/org/sleuthkit/autopsy/report/Report.java create mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportAction.java create mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java create mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportFilter.form create mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportFilter.java create mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportFilterAction.java create mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportGen.java create mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportHTML.java create mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportModule.java create mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportModuleException.java create mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportPanel.form create mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportPanel.java create mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportPanelAction.java create mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportUtils.java create mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportXLS.java create mode 100644 Report/src/org/sleuthkit/autopsy/report/ReportXML.java create mode 100644 Report/src/org/sleuthkit/autopsy/report/StopWatch.java create mode 100644 Report/src/org/sleuthkit/autopsy/report/btn_icon_generate_report.png create mode 100644 Report/src/org/sleuthkit/autopsy/report/layer.xml diff --git a/Report/src/org/sleuthkit/autopsy/report/BrowserControl.java b/Report/src/org/sleuthkit/autopsy/report/BrowserControl.java new file mode 100644 index 0000000000..08f201f83f --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/BrowserControl.java @@ -0,0 +1,50 @@ +/* + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ +package org.sleuthkit.autopsy.report; + +/** + * + * @author Alex + */ +import java.lang.reflect.Method; + +public class BrowserControl{ +/** +* Method to Open the Browser with Given URL +* @param url +*/ +public static void openUrl(String url){ +String os = System.getProperty("os.name"); +Runtime runtime=Runtime.getRuntime(); +try{ +// Block for Windows Platform +if (os.startsWith("Windows")){ +String cmd = "rundll32 url.dll,FileProtocolHandler "+ url; +Process p = runtime.exec(cmd); +} +//Block for Mac OS +else if(os.startsWith("Mac OS")){ +Class fileMgr = Class.forName("com.apple.eio.FileManager"); +Method openURL = fileMgr.getDeclaredMethod("openURL", new Class[] {String.class}); +openURL.invoke(null, new Object[] {url}); +} +//Block for UNIX Platform +else { +String[] browsers = {"firefox", "opera", "konqueror", "epiphany", "mozilla", "netscape" }; +String browser = null; +for (int count = 0; count < browsers.length && browser == null; count++) +if (runtime.exec(new String[] {"which", browsers[count]}).waitFor() == 0) +browser = browsers[count]; +if (browser == null) +throw new Exception("Could not find web browser"); +else +runtime.exec(new String[] {browser, url}); +} +}catch(Exception x){ +System.err.println("Exception occurd while invoking Browser!"); +x.printStackTrace(); +} +} +} diff --git a/Report/src/org/sleuthkit/autopsy/report/Bundle.properties b/Report/src/org/sleuthkit/autopsy/report/Bundle.properties new file mode 100644 index 0000000000..5f3a9a6ebf --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/Bundle.properties @@ -0,0 +1,18 @@ +OpenIDE-Module-Name=Report +Toolbars/Reports/org-sleuthkit-autopsy-report-reportAction.shadow=Reports +ReportFilter.progBar.string= +ReportFilter.cancelButton.actionCommand= +ReportFilter.cancelButton.text=Cancel +ReportFilter.jCheckBox3.text=Keyword Hits +ReportFilter.jCheckBox4.text=Hashlist Hits +ReportFilter.jCheckBox5.text=System Information +ReportFilter.jButton1.text=Generate Report +ReportFilter.jButton2.label= +ReportFilter.jButton2.actionCommand= +ReportFilter.jButton2.text= +ReportFilter.jCheckBox1.text=Internet History +ReportFilter.jCheckBox2.text=General Info +ReportPanel.jLabel1.text=jLabel1 +ReportPanel.saveReport.actionCommand= +ReportPanel.saveReport.text=Export Report... +ReportPanel.jButton1.text=Close diff --git a/Report/src/org/sleuthkit/autopsy/report/Report.java b/Report/src/org/sleuthkit/autopsy/report/Report.java new file mode 100644 index 0000000000..08848d667d --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/Report.java @@ -0,0 +1,107 @@ + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.sleuthkit.autopsy.report; + +import java.sql.ResultSet; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Map; +import java.util.logging.Level; +import java.util.logging.Logger; +import org.sleuthkit.autopsy.casemodule.Case; +import org.sleuthkit.datamodel.BlackboardArtifact; +import org.sleuthkit.datamodel.BlackboardAttribute; +import org.sleuthkit.datamodel.SleuthkitCase; + +/** + * + * @author Alex + */ +public class Report { + + private void report() { + } + + public String getGroupedKeywordHit() { + StringBuilder table = new StringBuilder(); + HashMap> reportMap = new HashMap>(); + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase tempDb = currentCase.getSleuthkitCase(); + try { + + ResultSet uniqueresults = tempDb.runQuery("SELECT DISTINCT value_text from blackboard_attributes where attribute_type_id = '10' order by value_text ASC"); + + while (uniqueresults.next()) { + table.append("").append(uniqueresults.getString("value_text")).append(""); + table.append(""); + ArrayList artlist = new ArrayList(); + ResultSet tempresults = tempDb.runQuery("select DISTINCT artifact_id from blackboard_attributes where attribute_type_id = '10' and value_text = '" + uniqueresults.getString(1) + "'"); + while (tempresults.next()) { + artlist.add(tempDb.getBlackboardArtifact(tempresults.getLong(1))); + } + + for (BlackboardArtifact art : artlist) { + String filename = tempDb.getFsContentById(art.getObjectID()).getName(); + String preview = ""; + String set = ""; + table.append(""); + ArrayList tempatts = art.getAttributes(); + for (BlackboardAttribute att : tempatts) { + if (att.getAttributeTypeID() == BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_REGEXP.getTypeID()) { + preview = ""; + } + if (att.getAttributeTypeID() == BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_PREVIEW.getTypeID()) { + set = ""; + } + } + table.append(preview).append(set).append(""); + } + + table.append("
").append("File Name").append("PreviewKeyword List
").append(filename).append("" + att.getValueString() + "" + att.getValueString() + "


"); + } + } catch (Exception e) { + Logger.getLogger(Report.class.getName()).log(Level.WARNING, "Exception occurred", e); + } + + return table.toString(); + } + + public HashMap> getAllTypes(ReportConfiguration config) { + HashMap> reportMap = new HashMap>(); + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase tempDb = currentCase.getSleuthkitCase(); + try { + for (Map.Entry entry : config.config.entrySet()) { + if (entry.getValue()) { + ArrayList bbart = tempDb.getBlackboardArtifacts(entry.getKey()); + for (BlackboardArtifact artifact : bbart) { + ArrayList attributes = artifact.getAttributes(); + reportMap.put(artifact, attributes); + } + } + } + } catch (Exception e) { + Logger.getLogger(Report.class.getName()).log(Level.INFO, "Exception occurred", e); + } + + return reportMap; + } +} \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportAction.java b/Report/src/org/sleuthkit/autopsy/report/ReportAction.java new file mode 100644 index 0000000000..b8c40bdadb --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/ReportAction.java @@ -0,0 +1,186 @@ + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.sleuthkit.autopsy.report; + +import java.awt.Component; +import java.awt.Dimension; +import java.awt.Toolkit; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import java.beans.PropertyChangeEvent; +import java.beans.PropertyChangeListener; +import java.io.File; +import java.util.logging.Level; +import java.util.logging.Logger; +import javax.swing.ImageIcon; +import javax.swing.JButton; +import javax.swing.JDialog; +import javax.swing.JFrame; +import org.openide.awt.ActionID; +import org.openide.awt.ActionReference; +import org.openide.awt.ActionReferences; +import org.openide.awt.ActionRegistration; +import org.openide.util.HelpCtx; +import org.openide.util.NbBundle.Messages; +import org.openide.util.actions.CallableSystemAction; +import org.openide.util.actions.Presenter; +import org.sleuthkit.autopsy.casemodule.Case; +import org.sleuthkit.autopsy.coreutils.Log; + +@ActionID(category = "Tools", +id = "org.sleuthkit.autopsy.report.ReportAction") +@ActionRegistration(displayName = "#CTL_ReportAction") +@ActionReferences({ + @ActionReference(path = "Menu/Tools", position = 80) +}) +@Messages("CTL_ReportAction=Run Report") +public final class ReportAction extends CallableSystemAction implements Presenter.Toolbar { + + private JButton toolbarButton = new JButton(); + private static final String ACTION_NAME = "Generate Report"; + static final Logger logger = Logger.getLogger(ReportAction.class.getName()); + + public ReportAction() { + setEnabled(false); + Case.addPropertyChangeListener(new PropertyChangeListener() { + + @Override + public void propertyChange(PropertyChangeEvent evt) { + if (evt.getPropertyName().equals(Case.CASE_CURRENT_CASE)) { + setEnabled(evt.getNewValue() != null); + } + } + }); + //attempt to create a report folder if a case is active + Case.addPropertyChangeListener(new PropertyChangeListener() { + + @Override + public void propertyChange(PropertyChangeEvent evt) { + String changed = evt.getPropertyName(); + + //case has been changed + if (changed.equals(Case.CASE_CURRENT_CASE)) { + Case newCase = (Case) evt.getNewValue(); + + if (newCase != null) { + boolean exists = (new File(newCase.getCaseDirectory() + "\\Reports")).exists(); + if (exists) { + // report directory exists -- don't need to do anything + } else { + // report directory does not exist -- create it + boolean reportCreate = (new File(newCase.getCaseDirectory() + "\\Reports")).mkdirs(); + if (!reportCreate) { + logger.log(Level.WARNING, "Could not create Reports directory for case. It does not exist."); + } + } + } + } + } + }); + + // set action of the toolbar button + toolbarButton.addActionListener(new ActionListener() { + + @Override + public void actionPerformed(ActionEvent e) { + ReportAction.this.actionPerformed(e); + } + }); + + } + + @Override + public void actionPerformed(ActionEvent e) { + try { + + // create the popUp window for it + final JFrame frame = new JFrame(ACTION_NAME); + final JDialog popUpWindow = new JDialog(frame, ACTION_NAME, true); // to make the popUp Window to be modal + + // initialize panel with loaded settings + final ReportFilter panel = new ReportFilter(); + panel.setjButton2ActionListener(new ActionListener() { + + @Override + public void actionPerformed(ActionEvent e) { + popUpWindow.dispose(); + } + }); + + // add the panel to the popup window + popUpWindow.add(panel); + popUpWindow.pack(); + popUpWindow.setResizable(false); + + // set the location of the popUp Window on the center of the screen + Dimension screenDimension = Toolkit.getDefaultToolkit().getScreenSize(); + double w = popUpWindow.getSize().getWidth(); + double h = popUpWindow.getSize().getHeight(); + popUpWindow.setLocation((int) ((screenDimension.getWidth() - w) / 2), (int) ((screenDimension.getHeight() - h) / 2)); + + // display the window + popUpWindow.setVisible(true); + // add the command to close the window to the button on the Case Properties form / panel + + + } catch (Exception ex) { + Log.get(ReportFilterAction.class).log(Level.WARNING, "Error displaying " + ACTION_NAME + " window.", ex); + } + } + + @Override + public void performAction() { + } + + @Override + public String getName() { + return ACTION_NAME; + } + + @Override + public HelpCtx getHelpCtx() { + return HelpCtx.DEFAULT_HELP; + } + + /** + * Returns the toolbar component of this action + * + * @return component the toolbar button + */ + @Override + public Component getToolbarPresenter() { + ImageIcon icon = new ImageIcon(getClass().getResource("btn_icon_generate_report.png")); + toolbarButton.setIcon(icon); + toolbarButton.setText("Generate Report"); + return toolbarButton; + } + + /** + * Set this action to be enabled/disabled + * + * @param value whether to enable this action or not + */ + @Override + public void setEnabled(boolean value) { + super.setEnabled(value); + toolbarButton.setEnabled(value); + } +} \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java b/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java new file mode 100644 index 0000000000..c04a8d3f9d --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java @@ -0,0 +1,138 @@ + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.sleuthkit.autopsy.report; + +import java.util.ArrayList; +import java.util.EnumMap; +import java.util.Map; +import java.util.logging.Level; +import java.util.logging.Logger; +import org.sleuthkit.autopsy.casemodule.Case; +import org.sleuthkit.datamodel.BlackboardArtifact; +import org.sleuthkit.datamodel.SleuthkitCase; + +/** + * Configures which parts of report were requested e.g. based on user input Some + * specialized reporting modules may choose not to generate all requested + * sections and some modules may generate additional, specialized sections + * +*/ +class ReportConfiguration { + + //base data structure + Map config = new EnumMap(BlackboardArtifact.ARTIFACT_TYPE.class); + private final Logger logger = Logger.getLogger(this.getClass().getName()); + + ReportConfiguration() { + //clear the config just incase before we get the list from the db again + config.clear(); + //now lets get the list from the tsk and current case + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase skCase = currentCase.getSleuthkitCase(); + try { + ArrayList arttypes = skCase.getBlackboardArtifactTypes(); + for (BlackboardArtifact.ARTIFACT_TYPE type : arttypes) { + config.put(type, Boolean.FALSE); + } + + } catch (Exception ex) { + logger.log(Level.WARNING, "Error while trying to retrieve list of artifact types from the TSK case .", ex); + } + + } + + ; + + /**regets everything that occurs in the constructor normally + * + * @throws ReportModuleException + */ + public void getAllTypes() throws ReportModuleException { + config.clear(); + //now lets get the list from the tsk and current case + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase skCase = currentCase.getSleuthkitCase(); + try { + ArrayList arttypes = skCase.getBlackboardArtifactTypes(); + for (BlackboardArtifact.ARTIFACT_TYPE type : arttypes) { + config.put(type, Boolean.FALSE); + } + + } catch (Exception ex) { + logger.log(Level.WARNING, "Error while trying to retrieve list of artifact types from the TSK case .", ex); + } + + } + + ; + + /**setters for generally supported report parts + * + */ +public void setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE type, Boolean value) throws ReportModuleException { + if (config.containsKey(type)) { + config.put(type, value); + } else { + throw new ReportModuleException("The following artifact type is not present:" + type); + } + } + + ; + + /**This allows all that setting to happen in groups + * + */ + public void setGenArtifactType(ArrayList typeList, boolean value) throws ReportModuleException { + + for (BlackboardArtifact.ARTIFACT_TYPE type : typeList) { + if (config.containsKey(type)) { + config.put(type, value); + } else { + throw new ReportModuleException("The following artifact type is not present:" + type); + } + } + } + + ; + + + /** getters for generally supported report parts + * + */ + public boolean getGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE type) throws ReportModuleException { + boolean value = false; + if (config.containsKey(type)) { + value = config.get(type); + } else { + throw new ReportModuleException("The following artifact type is not present:" + type); + } + + return value; + + } + + public void resetGenArtifactTypes() { + for (Map.Entry entry : config.entrySet()) { + config.put(entry.getKey(), Boolean.FALSE); + } + + } +} diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportFilter.form b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.form new file mode 100644 index 0000000000..53b9485c2f --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.form @@ -0,0 +1,180 @@ + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java new file mode 100644 index 0000000000..88c236ecb9 --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java @@ -0,0 +1,353 @@ + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.sleuthkit.autopsy.report; + +import java.awt.event.ActionListener; +import java.util.ArrayList; +import java.util.logging.Level; +import java.util.logging.Logger; +import javax.swing.SwingUtilities; +import javax.swing.SwingWorker; +import org.sleuthkit.autopsy.casemodule.Case; +import org.sleuthkit.datamodel.BlackboardArtifact; +import org.sleuthkit.datamodel.SleuthkitCase; + +/** + * + * @author Alex + */ +public class ReportFilter extends javax.swing.JPanel { + + public static ArrayList filters = new ArrayList(); + public static ReportConfiguration config = new ReportConfiguration(); + private final Logger logger = Logger.getLogger(this.getClass().getName()); + public final ReportFilter panel = this; + ReportPanelAction rpa = new ReportPanelAction(); + public static boolean cancel = false; + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase skCase = currentCase.getSleuthkitCase(); + + /** + * Creates new form ReportFilter + */ + public ReportFilter() { + initComponents(); + cancel = false; + try{ + config.getAllTypes(); + } + catch(ReportModuleException ex) + { + Logger.getLogger(Report.class.getName()).log(Level.SEVERE, "Exception occurred", ex); + } + } + + /** + * This method is called from within the constructor to initialize the form. + * WARNING: Do NOT modify this code. The content of this method is always + * regenerated by the Form Editor. + */ + @SuppressWarnings("unchecked") + // //GEN-BEGIN:initComponents + private void initComponents() { + + jButton2 = new javax.swing.JButton(); + jCheckBox1 = new javax.swing.JCheckBox(); + jCheckBox2 = new javax.swing.JCheckBox(); + jCheckBox3 = new javax.swing.JCheckBox(); + jCheckBox4 = new javax.swing.JCheckBox(); + jCheckBox5 = new javax.swing.JCheckBox(); + jButton1 = new javax.swing.JButton(); + progBar = new javax.swing.JProgressBar(); + cancelButton = new javax.swing.JButton(); + + jButton2.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jButton2.text")); // NOI18N + jButton2.setActionCommand(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jButton2.actionCommand")); // NOI18N + jButton2.setLabel(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jButton2.label")); // NOI18N + + setPreferredSize(new java.awt.Dimension(250, 193)); + + jCheckBox1.setSelected(true); + jCheckBox1.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jCheckBox1.text")); // NOI18N + jCheckBox1.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + jCheckBox1ActionPerformed(evt); + } + }); + + jCheckBox2.setSelected(true); + jCheckBox2.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jCheckBox2.text")); // NOI18N + + jCheckBox3.setSelected(true); + jCheckBox3.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jCheckBox3.text")); // NOI18N + + jCheckBox4.setSelected(true); + jCheckBox4.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jCheckBox4.text")); // NOI18N + + jCheckBox5.setSelected(true); + jCheckBox5.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jCheckBox5.text")); // NOI18N + + jButton1.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jButton1.text")); // NOI18N + jButton1.addMouseListener(new java.awt.event.MouseAdapter() { + public void mouseReleased(java.awt.event.MouseEvent evt) { + jButton1MouseReleased(evt); + } + }); + jButton1.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + jButton1ActionPerformed(evt); + } + }); + + progBar.setDoubleBuffered(true); + progBar.setEnabled(false); + progBar.setName(""); // NOI18N + progBar.setPreferredSize(new java.awt.Dimension(146, 15)); + progBar.setString(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.progBar.string")); // NOI18N + progBar.setStringPainted(true); + + cancelButton.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.cancelButton.text")); // NOI18N + cancelButton.setActionCommand(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.cancelButton.actionCommand")); // NOI18N + cancelButton.setEnabled(false); + cancelButton.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + cancelButtonActionPerformed(evt); + } + }); + + javax.swing.GroupLayout layout = new javax.swing.GroupLayout(this); + this.setLayout(layout); + layout.setHorizontalGroup( + layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(layout.createSequentialGroup() + .addContainerGap() + .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(layout.createSequentialGroup() + .addComponent(jButton1) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addComponent(cancelButton) + .addGap(156, 156, 156)) + .addComponent(jCheckBox3) + .addGroup(layout.createSequentialGroup() + .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jCheckBox2) + .addComponent(jCheckBox1)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jCheckBox5) + .addComponent(jCheckBox4))) + .addComponent(progBar, javax.swing.GroupLayout.PREFERRED_SIZE, 231, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addContainerGap()) + ); + layout.setVerticalGroup( + layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(layout.createSequentialGroup() + .addContainerGap() + .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(jCheckBox1) + .addComponent(jCheckBox4)) + .addGap(18, 18, 18) + .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(jCheckBox2) + .addComponent(jCheckBox5)) + .addGap(18, 18, 18) + .addComponent(jCheckBox3) + .addGap(18, 18, 18) + .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(jButton1, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addComponent(cancelButton, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addComponent(progBar, javax.swing.GroupLayout.DEFAULT_SIZE, 23, Short.MAX_VALUE) + .addContainerGap()) + ); + }// //GEN-END:initComponents + +private void jCheckBox1ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jCheckBox1ActionPerformed +}//GEN-LAST:event_jCheckBox1ActionPerformed + + public void getfilters(java.awt.event.ActionEvent evt) { + jButton1ActionPerformed(evt); + } + +private void jButton1ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton1ActionPerformed + + jButton1.setEnabled(false); + progBar.setEnabled(true); + cancelButton.setEnabled(true); + progBar.setStringPainted(true); + progBar.setValue(0); + filters.clear(); + if (jCheckBox1.isSelected()) { + try { + config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK, true); + config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE, true); + config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY, true); + config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD, true); + + filters.add(2); + filters.add(3); + filters.add(4); + filters.add(5); + } catch (ReportModuleException ex) { + logger.log(Level.WARNING, "", ex); + } + } + if (jCheckBox2.isSelected()) { + try { + config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO, true); + filters.add(1); + } catch (ReportModuleException ex) { + logger.log(Level.WARNING, "", ex); + } + } + if (jCheckBox3.isSelected()) { + try { + config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT, true); + filters.add(9); + } catch (ReportModuleException ex) { + logger.log(Level.WARNING, "", ex); + } + } + if (jCheckBox4.isSelected()) { + try { + config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT, true); + filters.add(10); + } catch (ReportModuleException ex) { + logger.log(Level.WARNING, "", ex); + } + + } + if (jCheckBox5.isSelected()) { + try { + config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT, true); + config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG, true); + config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED, true); + filters.add(6); + filters.add(8); + filters.add(11); + } catch (ReportModuleException ex) { + } + } + getReports(); +}//GEN-LAST:event_jButton1ActionPerformed + + public void getReports() { + new SwingWorker() { + + @Override + protected Void doInBackground() throws Exception { + rpa.reportGenerate(config, panel); + return null; + } + + ; + + // this is called when the SwingWorker's doInBackground finishes + @Override + protected void done() { + progBar.setVisible(false); // hide my progress bar JFrame + } + ; + }.execute(); + progBar.setVisible(true); + } + +private void cancelButtonActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_cancelButtonActionPerformed + cancelButton.setText("Cancelled!"); + cancel = true; +}//GEN-LAST:event_cancelButtonActionPerformed + +private void jButton1MouseReleased(java.awt.event.MouseEvent evt) {//GEN-FIRST:event_jButton1MouseReleased +}//GEN-LAST:event_jButton1MouseReleased + + public void progBarSet(int cc) { + final int count = cc; + SwingUtilities.invokeLater(new Runnable() { + + @Override + public void run() { + int start = progBar.getValue(); + int end = start + count; + progBar.setValue(end); + progBar.setString(null); + progBar.setString(progBar.getString()); + progBar.setStringPainted(true); + if (progBar.getPercentComplete() == 1.0) { + progBar.setString("Populating Report - Please wait..."); + progBar.setStringPainted(true); + progBar.setIndeterminate(true); + } + } + }); + } + + public void progBarDone() { + int max = progBar.getMaximum(); + progBar.setValue(max); + jButton2.doClick(); + } + + public void progBarStartText() { + progBar.setIndeterminate(true); + progBar.setString("Querying Database for Report Results..."); + } + + public void progBarText() { + + progBar.setString("Populating Report - Please wait..."); + progBar.setStringPainted(true); + progBar.repaint(); + progBar.setIndeterminate(true); + + } + + public void progBarCount(int count) { + progBar.setIndeterminate(false); + progBar.setString(null); + progBar.setMinimum(0); + progBar.setMaximum(count); + progBar.setValue(0); + //Double bper = progBar.getPercentComplete(); + progBar.setString(progBar.getString()); + + } + + public void setjButton1ActionListener(ActionListener e) { + jButton1.addActionListener(e); + + } + + public void setjButton2ActionListener(ActionListener e) { + jButton2.addActionListener(e); + cancelButton.addActionListener(e); + } + // Variables declaration - do not modify//GEN-BEGIN:variables + private javax.swing.JButton cancelButton; + private javax.swing.JButton jButton1; + private javax.swing.JButton jButton2; + private javax.swing.JCheckBox jCheckBox1; + private javax.swing.JCheckBox jCheckBox2; + private javax.swing.JCheckBox jCheckBox3; + private javax.swing.JCheckBox jCheckBox4; + private javax.swing.JCheckBox jCheckBox5; + private javax.swing.JProgressBar progBar; + // End of variables declaration//GEN-END:variables +} diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportFilterAction.java b/Report/src/org/sleuthkit/autopsy/report/ReportFilterAction.java new file mode 100644 index 0000000000..141f409937 --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/ReportFilterAction.java @@ -0,0 +1,83 @@ +/* + * Autopsy Forensic Browser + * + * Copyright 2011 Basis Technology Corp. + * Contact: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.sleuthkit.autopsy.report; + +import java.awt.Container; +import java.awt.Dimension; +import java.awt.Toolkit; +import java.util.logging.Level; +import javax.swing.JDialog; +import javax.swing.JFrame; +import org.openide.util.HelpCtx; +import org.sleuthkit.autopsy.coreutils.Log; + +/** + * The ReportFilterAction opens the reportFilterPanel in a dialog, and saves the + * settings of the panel if the Apply button is clicked. + * + * @author pmartel + */ +class ReportFilterAction { + + private static final String ACTION_NAME = "Report Window"; + + //@Override + public void performAction() { + Log.noteAction(this.getClass()); + + try { + + // create the popUp window for it + Container cpane; + final JFrame frame = new JFrame(ACTION_NAME); + final JDialog popUpWindow = new JDialog(frame, ACTION_NAME, true); // to make the popUp Window to be modal + cpane = frame.getContentPane(); + // initialize panel with loaded settings + final ReportFilter panel = new ReportFilter(); + + // add the panel to the popup window + popUpWindow.add(panel); + popUpWindow.pack(); + popUpWindow.setResizable(false); + + // set the location of the popUp Window on the center of the screen + Dimension screenDimension = Toolkit.getDefaultToolkit().getScreenSize(); + double w = popUpWindow.getSize().getWidth(); + double h = popUpWindow.getSize().getHeight(); + popUpWindow.setLocation((int) ((screenDimension.getWidth() - w) / 2), (int) ((screenDimension.getHeight() - h) / 2)); + + // display the window + popUpWindow.setVisible(true); + + + } catch (Exception ex) { + Log.get(ReportFilterAction.class).log(Level.WARNING, "Error displaying " + ACTION_NAME + " window.", ex); + } + } + + //@Override + public String getName() { + return ACTION_NAME; + } + + // @Override + public HelpCtx getHelpCtx() { + return HelpCtx.DEFAULT_HELP; + } +} diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportGen.java b/Report/src/org/sleuthkit/autopsy/report/ReportGen.java new file mode 100644 index 0000000000..2567d285b8 --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/ReportGen.java @@ -0,0 +1,49 @@ + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.sleuthkit.autopsy.report; + +import java.util.ArrayList; +import java.util.HashMap; +import org.sleuthkit.datamodel.BlackboardArtifact; +import org.sleuthkit.datamodel.BlackboardAttribute; + +/** + * + * This class is the 'default' way to get artifacts/attributes from the + * blackboard using a reportconfiguration object. + */ +public class ReportGen { + + HashMap> Results = new HashMap>(); + + ReportGen() { + } + + public void clearReport() { + Results.clear(); + } + + public void populateReport(ReportConfiguration config) { + clearReport(); + Report bbreport = new Report(); + Results = bbreport.getAllTypes(config); + } +} diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java b/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java new file mode 100644 index 0000000000..a3440ae98b --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java @@ -0,0 +1,468 @@ + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.sleuthkit.autopsy.report; + +import java.io.BufferedWriter; +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.OutputStreamWriter; +import java.io.Writer; +import java.text.DateFormat; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.Map.Entry; +import java.util.TreeMap; +import java.util.logging.Level; +import java.util.logging.Logger; +import org.sleuthkit.autopsy.casemodule.Case; +import org.sleuthkit.autopsy.ingest.IngestManager; +import org.sleuthkit.datamodel.BlackboardArtifact; +import org.sleuthkit.datamodel.BlackboardAttribute; +import org.sleuthkit.datamodel.FsContent; +import org.sleuthkit.datamodel.SleuthkitCase; +import org.sleuthkit.datamodel.TskData; + +/** + * + * @author Alex + */ +public class ReportHTML implements ReportModule{ + //Declare our publically accessible formatted Report, this will change everytime they run a Report + public static StringBuilder formatted_Report = new StringBuilder(); + private static StringBuilder unformatted_header = new StringBuilder(); + private static StringBuilder formatted_header = new StringBuilder(); + private static String htmlPath = ""; + private ReportConfiguration config; + + ReportHTML(){ + + } + + @Override + public String generateReport(ReportConfiguration reportconfig, ReportFilter rr) throws ReportModuleException { + config = reportconfig; + ReportGen reportobj = new ReportGen(); + reportobj.populateReport(reportconfig); + HashMap> report = reportobj.Results; + //This is literally a terrible way to count up all the types of artifacts, and doesn't include any added ones. + //Unlike the XML Report, which is dynamic, this is formatted and needs to be redone later instead of being hardcoded. + //Also, clearing variables to generate new Report. + formatted_Report.setLength(0); + unformatted_header.setLength(0); + formatted_header.setLength(0); + + int countGen = 0; + int countWebBookmark = 0; + int countWebCookie = 0; + int countWebHistory = 0; + int countWebDownload = 0; + int countRecentObjects = 0; + int countTrackPoint = 0; + int countInstalled = 0; + int countKeyword = 0; + int countHash = 0; + int countDevice = 0; + for (Entry> entry : report.entrySet()) { + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getTypeID()) { + countGen++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID()) { + countWebBookmark++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getTypeID()) { + + countWebCookie++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID()) { + + countWebHistory++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getTypeID()) { + countWebDownload++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getTypeID()) { + countRecentObjects++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getTypeID()) { + countTrackPoint++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getTypeID()) { + countInstalled++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) { + countKeyword++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()) { + countHash++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID()) { + countDevice++; + } + } + + try { + String ingestwarning = "

Warning, this report was run before ingest services completed!

"; + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase skCase = currentCase.getSleuthkitCase(); + String caseName = currentCase.getName(); + Integer imagecount = currentCase.getImageIDs().length; + Integer totalfiles = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_REG); + Integer totaldirs = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_DIR); + int reportsize = report.size(); + Integer filesystemcount = currentCase.getRootObjectsCount(); + DateFormat datetimeFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); + DateFormat dateFormat = new SimpleDateFormat("MM-dd-yyyy"); + Date date = new Date(); + String datetime = datetimeFormat.format(date); + String datenotime = dateFormat.format(date); + String CSS = ""; + //Add additional header information + String header = "Autopsy Report for Case: " + caseName + ""; + formatted_header.append(header); + formatted_header.append(CSS); + + //do for unformatted + String simpleCSS = ""; + unformatted_header.append(header); + unformatted_header.append(simpleCSS); + //formatted_Report.append(""); + formatted_Report.append("
"); + // Add summary information now + + formatted_Report.append("

Report for Case: ").append(caseName).append("

"); + if (IngestManager.getDefault().isIngestRunning()) { + formatted_Report.append(ingestwarning); + } + formatted_Report.append("

Case Summary

HTML Report Generated by Autopsy 3 on ").append(datetime).append("

    "); + formatted_Report.append("
  • # of Images: ").append(imagecount).append("
    • "); + formatted_Report.append("
  • FileSystems: ").append(filesystemcount).append("
    • "); + formatted_Report.append("
  • # of Files: ").append(totalfiles.toString()).append("
    • "); + formatted_Report.append("
  • # of Dirs: ").append(totaldirs.toString()).append("
    • "); + formatted_Report.append("
  • # of Artifacts: ").append(reportsize).append("
"); + + formatted_Report.append("
"); + if (countWebBookmark > 0) { + formatted_Report.append(""); + } + if (countWebCookie > 0) { + formatted_Report.append(""); + } + if (countWebHistory > 0) { + formatted_Report.append(""); + } + if (countWebDownload > 0) { + formatted_Report.append(""); + } + if (countRecentObjects > 0) { + formatted_Report.append(""); + } + if (countInstalled > 0) { + formatted_Report.append(""); + } + if (countKeyword > 0) { + formatted_Report.append(""); + } + if (countHash > 0) { + formatted_Report.append(""); + } + if (countDevice > 0) { + formatted_Report.append(""); + } + formatted_Report.append("
SectionCount
Web Bookmarks").append(countWebBookmark).append("
Web Cookies").append(countWebCookie).append("
Web History").append(countWebHistory).append("
Web Downloads").append(countWebDownload).append("
Recent Documents").append(countRecentObjects).append("
Installed Programs").append(countInstalled).append("
Keyword Hits").append(countKeyword).append("
Hash Hits").append(countHash).append("
Attached Devices").append(countDevice).append("

"); + String tableHeader = ""; + StringBuilder nodeGen = new StringBuilder("

General Information (").append(countGen).append(")

").append(tableHeader).append(""); + StringBuilder nodeWebBookmark = new StringBuilder("

Web Bookmarks (").append(countWebBookmark).append(")

").append(tableHeader).append(""); + StringBuilder nodeWebCookie = new StringBuilder("

Web Cookies (").append(countWebCookie).append(")

").append(tableHeader).append(""); + StringBuilder nodeWebHistory = new StringBuilder("

Web History (").append(countWebHistory).append(")

").append(tableHeader).append(""); + StringBuilder nodeWebDownload = new StringBuilder("

Web Downloads (").append(countWebDownload).append(")

").append(tableHeader).append(""); + StringBuilder nodeRecentObjects = new StringBuilder("

Recent Documents (").append(countRecentObjects).append(")

").append(tableHeader).append(""); + StringBuilder nodeTrackPoint = new StringBuilder("

Track Points (").append(countTrackPoint).append(")

").append(tableHeader).append(""); + StringBuilder nodeInstalled = new StringBuilder("

Installed Programs (").append(countInstalled).append(")

").append(tableHeader).append(""); + StringBuilder nodeKeyword = new StringBuilder("

Keyword Search Hits (").append(countKeyword).append(")

"); + StringBuilder nodeHash = new StringBuilder("

Hashset Hit (").append(countHash).append(")

").append(tableHeader).append(""); + StringBuilder nodeDevice = new StringBuilder("

Attached Devices (").append(countHash).append(")

").append(tableHeader).append(""); + + int alt = 0; + String altRow = ""; + for (Entry> entry : report.entrySet()) { + if (ReportFilter.cancel == true) { + break; + } + int cc = 0; + + if (alt > 0) { + altRow = " class=\"alt\""; + alt = 0; + } else { + altRow = ""; + alt++; + } + StringBuilder artifact = new StringBuilder(""); + Long objId = entry.getKey().getObjectID(); + //Content file = skCase.getContentById(objId); + FsContent file = skCase.getFsContentById(objId); + + Long filesize = file.getSize(); + + + TreeMap attributes = new TreeMap(); + // Get all the attributes, line them up to be added. Place empty string placeholders for each attribute type + int n; + for (n = 1; n <= 35; n++) { + attributes.put(n, ""); + + } + for (BlackboardAttribute tempatt : entry.getValue()) { + if (ReportFilter.cancel == true) { + break; + } + String value = ""; + Integer type = tempatt.getAttributeTypeID(); + if (type.equals(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID()) || type.equals(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID())) { + try{ + SimpleDateFormat sdf = new java.text.SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); + value = sdf.format(new java.util.Date((tempatt.getValueLong()))); + } + catch(Exception ex){ + + } + } else { + value = tempatt.getValueString(); + } + if(value == null || value.isEmpty()) + { + value = ""; + } + value = ReportUtils.insertPeriodically(value, "
", 30); + attributes.put(type, value); + cc++; + } + + + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getTypeID()) { + + artifact.append(""); + nodeGen.append(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID()) { + artifact.append(""); + artifact.append(""); + artifact.append(""); + artifact.append(""); + nodeWebBookmark.append(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getTypeID()) { + artifact.append(""); + artifact.append(""); + artifact.append(""); + artifact.append(""); + artifact.append(""); + artifact.append(""); + nodeWebCookie.append(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID()) { + artifact.append(""); + artifact.append(""); + artifact.append(""); + artifact.append(""); + artifact.append(""); + artifact.append(""); + nodeWebHistory.append(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getTypeID()) { + artifact.append(""); + artifact.append(""); + artifact.append(""); + artifact.append(""); + artifact.append(""); + nodeWebDownload.append(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getTypeID()) { + //artifact.append(""); + artifact.append(""); + artifact.append(""); + artifact.append(""); + nodeRecentObjects.append(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getTypeID()) { + artifact.append(""); + artifact.append(""); + artifact.append(""); + nodeTrackPoint.append(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getTypeID()) { + artifact.append(""); + artifact.append(""); + artifact.append(""); + nodeInstalled.append(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) { + // artifact.append("
AttributeValue
URLTitleProgram
URLDateNameValueProgram
URLDateReferrerTitleProgram
FileSourceTimeProgram
NamePathRelated Shortcut
Artifact IDNameSizeAttributeValue
Program NameInstall Date/Time
NameSizeHashset Name
NameSerial #Time
").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())).append("
").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_VALUE.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())).append("
").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_REFERRER.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())).append("
").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())).append("
").append(objId.toString()); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH.getTypeID())).append("").append(file.getName()).append("
").append(objId.toString()); + artifact.append("").append(file.getName().toString()).append("").append(filesize.toString()).append("
").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())).append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())).append("
"); + // artifact.append("
Artifact IDNameSize
"); + // nodeKeyword.append(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()) { + // artifact.append("").append(objId.toString()); + artifact.append("").append(file.getName().toString()).append(""); + artifact.append("").append(filesize.toString()).append(""); + //artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_INTERESTING_FILE.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_HASHSET_NAME.getTypeID())).append(""); + artifact.append(""); + nodeHash.append(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID()) { + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DEVICE_MODEL.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DEVICE_ID.getTypeID())).append(""); + artifact.append("").append(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())).append(""); + artifact.append(""); + nodeDevice.append(artifact); + } + cc++; + rr.progBarSet(cc); + } + //Add them back in order + //formatted_Report.append(nodeGen); + // formatted_Report.append(""); + + if (countWebBookmark > 0) { + formatted_Report.append(nodeWebBookmark); + formatted_Report.append(""); + } + if (countWebCookie > 0) { + formatted_Report.append(nodeWebCookie); + formatted_Report.append(""); + } + if (countWebHistory > 0) { + formatted_Report.append(nodeWebHistory); + formatted_Report.append(""); + } + if (countWebDownload > 0) { + formatted_Report.append(nodeWebDownload); + formatted_Report.append(""); + } + if (countRecentObjects > 0) { + formatted_Report.append(nodeRecentObjects); + formatted_Report.append(""); + } + // formatted_Report.append(nodeTrackPoint); + //formatted_Report.append(""); + if (countInstalled > 0) { + formatted_Report.append(nodeInstalled); + formatted_Report.append(""); + } + if (countKeyword > 0) { + formatted_Report.append(nodeKeyword); + Report keywords = new Report(); + formatted_Report.append(keywords.getGroupedKeywordHit()); + // " + // formatted_Report.append("
Artifact IDNameSize
"); + } + if (countHash > 0) { + formatted_Report.append(nodeHash); + formatted_Report.append(""); + } + if (countDevice > 0) { + formatted_Report.append(nodeDevice); + formatted_Report.append(""); + } + //end of master loop + + formatted_Report.append("
"); + formatted_header.append(formatted_Report); + // unformatted_header.append(formatted_Report); + htmlPath = currentCase.getCaseDirectory() + "/Reports/" + caseName + "-" + datenotime + ".html"; + this.save(htmlPath); + + } catch (Exception e) { + + Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred", e); + } + return htmlPath; + } + + + @Override + public void save(String path) + { + try{ + Writer out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(path), "UTF-8")); + out.write(formatted_header.toString()); + out.flush(); + out.close(); + } + catch(IOException e){ + Logger.getLogger(ReportHTML.class.getName()).log(Level.SEVERE, "Could not write out HTML report!", e); + } + + } + + @Override + public String getReportType(){ + String type = "HTML"; + return type; + } + + + @Override + public ReportConfiguration GetReportConfiguration(){ + return config; + } + + + @Override + public String getReportTypeDescription(){ + String desc = "This is an html formatted report that is meant to be viewed in a modern browser."; + return desc; + } + + @Override + public String generateReport() throws ReportModuleException { + throw new UnsupportedOperationException("Not supported yet."); + } + +} \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportModule.java b/Report/src/org/sleuthkit/autopsy/report/ReportModule.java new file mode 100644 index 0000000000..26c2c4b191 --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/ReportModule.java @@ -0,0 +1,67 @@ + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.sleuthkit.autopsy.report; + +//interface every reporting module should implement +public interface ReportModule { + + /** + * Generates a report on the current case Reporting module should traverse + * the blackboard, extract needed information as specified in the config and + * generate a report file + * + * @param config specifiying parts that should be generated + * @return absolute file path to the report generated + * @throws ReportModuleException if report generation failed + */ + public String generateReport() throws ReportModuleException; + + //If it uses a report configuration and reports back to the gui its progress + public String generateReport(ReportConfiguration config, ReportFilter rr) throws ReportModuleException; + + /** + * This saves a copy of the report (current one) to another place specified + * by the user. Takes the input of where the path needs to be saved, include + * filename and extention. + */ + public void save(String Path) throws ReportModuleException; + + /** + * Returns a short description of report type/file format this module + * generates for instance, "XML", "Excel" + * + * @return + */ + public String getReportType(); + + /** + * Returns the reportconfiguration object that was created + * + * @return + */ + public ReportConfiguration GetReportConfiguration(); + + /** + * Returns a one line human readable description of the type of report this + * module generates + */ + public String getReportTypeDescription(); +} \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportModuleException.java b/Report/src/org/sleuthkit/autopsy/report/ReportModuleException.java new file mode 100644 index 0000000000..93d61f990b --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/ReportModuleException.java @@ -0,0 +1,33 @@ + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.sleuthkit.autopsy.report; + +//exception thrown by a reporting module when report generation failed +class ReportModuleException extends Exception { + + public ReportModuleException(String msg) { + super(msg); + } + + public ReportModuleException(String msg, Exception ex) { + super(msg, ex); + } +} diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportPanel.form b/Report/src/org/sleuthkit/autopsy/report/ReportPanel.form new file mode 100644 index 0000000000..2985491963 --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/ReportPanel.form @@ -0,0 +1,89 @@ + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportPanel.java b/Report/src/org/sleuthkit/autopsy/report/ReportPanel.java new file mode 100644 index 0000000000..1f0be0aeaa --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/ReportPanel.java @@ -0,0 +1,168 @@ + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.sleuthkit.autopsy.report; + +import java.awt.event.ActionListener; +import java.io.*; +import java.text.DateFormat; +import java.text.SimpleDateFormat; +import java.util.Date; +import javax.swing.JFileChooser; +import javax.swing.JOptionPane; +import org.jdom.output.XMLOutputter; + +/** + * + * @author Alex + */ +public class ReportPanel extends javax.swing.JPanel { + + /** + * Creates new form ReportPanel + */ + public ReportPanel() { + initComponents(); + } + + /** + * This method is called from within the constructor to initialize the form. + * WARNING: Do NOT modify this code. The content of this method is always + * regenerated by the Form Editor. + */ + @SuppressWarnings("unchecked") + // //GEN-BEGIN:initComponents + private void initComponents() { + + jFileChooser1 = new javax.swing.JFileChooser(); + jOptionPane1 = new javax.swing.JOptionPane(); + jButton1 = new javax.swing.JButton(); + saveReport = new javax.swing.JButton(); + jLabel1 = new javax.swing.JLabel(); + + jButton1.setText(org.openide.util.NbBundle.getMessage(ReportPanel.class, "ReportPanel.jButton1.text")); // NOI18N + + saveReport.setText(org.openide.util.NbBundle.getMessage(ReportPanel.class, "ReportPanel.saveReport.text")); // NOI18N + saveReport.setActionCommand(org.openide.util.NbBundle.getMessage(ReportPanel.class, "ReportPanel.saveReport.actionCommand")); // NOI18N + saveReport.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + saveReportActionPerformed(evt); + } + }); + + jLabel1.setText(org.openide.util.NbBundle.getMessage(ReportPanel.class, "ReportPanel.jLabel1.text")); // NOI18N + + javax.swing.GroupLayout layout = new javax.swing.GroupLayout(this); + this.setLayout(layout); + layout.setHorizontalGroup( + layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(layout.createSequentialGroup() + .addContainerGap() + .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jLabel1, javax.swing.GroupLayout.DEFAULT_SIZE, 300, Short.MAX_VALUE) + .addGroup(layout.createSequentialGroup() + .addComponent(jButton1) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, 128, Short.MAX_VALUE) + .addComponent(saveReport))) + .addContainerGap()) + ); + layout.setVerticalGroup( + layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, layout.createSequentialGroup() + .addContainerGap() + .addComponent(jLabel1, javax.swing.GroupLayout.DEFAULT_SIZE, 26, Short.MAX_VALUE) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(jButton1) + .addComponent(saveReport)) + .addContainerGap()) + ); + + getAccessibleContext().setAccessibleName(""); + getAccessibleContext().setAccessibleParent(this); + }// //GEN-END:initComponents + +private void saveReportActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_saveReportActionPerformed + + saveReportAction(); +}//GEN-LAST:event_saveReportActionPerformed + /** + * Sets the listener for the OK button + * + * @param e The action listener + */ + public void setjButton1ActionListener(ActionListener e) { + jButton1.addActionListener(e); + } + + public void setFinishedReportText() { + DateFormat dateFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); + Date date = new Date(); + String reportText = "Report was sucessfully generated at " + dateFormat.format(date) + "."; + jLabel1.setText(reportText); + } + + private void saveReportAction() { + + int option = jFileChooser1.showSaveDialog(this); + if (option == JFileChooser.APPROVE_OPTION) { + if (jFileChooser1.getSelectedFile() != null) { + String path = jFileChooser1.getSelectedFile().toString(); + exportReport(path); + } + } + } + + private void exportReport(String path) { + + String htmlpath = ReportUtils.changeExtension(path, ".html"); + String xmlpath = ReportUtils.changeExtension(path, ".xml"); + String xlspath = ReportUtils.changeExtension(path, ".xlsx"); + try { + Writer out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(htmlpath), "UTF-8")); + + // FileOutputStream out = new FileOutputStream(htmlpath); + out.write(ReportHTML.formatted_Report.toString()); + out.flush(); + out.close(); + + //xls report + FileOutputStream fos = new FileOutputStream(xlspath); + ReportXLS.wb.write(fos); + fos.close(); + + FileOutputStream xmlout = new FileOutputStream(xmlpath); + XMLOutputter serializer = new XMLOutputter(); + serializer.output(ReportXML.xmldoc, xmlout); + xmlout.flush(); + xmlout.close(); + JOptionPane.showMessageDialog(this, "Report has been successfully saved!"); + } catch (IOException e) { + System.err.println(e); + } + } + // Variables declaration - do not modify//GEN-BEGIN:variables + private javax.swing.JButton jButton1; + private javax.swing.JFileChooser jFileChooser1; + private javax.swing.JLabel jLabel1; + private javax.swing.JOptionPane jOptionPane1; + private javax.swing.JButton saveReport; + // End of variables declaration//GEN-END:variables +} diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportPanelAction.java b/Report/src/org/sleuthkit/autopsy/report/ReportPanelAction.java new file mode 100644 index 0000000000..713ad22f4d --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/ReportPanelAction.java @@ -0,0 +1,163 @@ + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.sleuthkit.autopsy.report; + +import java.awt.Dimension; +import java.awt.Toolkit; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import java.util.logging.Level; +import java.util.logging.Logger; +import javax.swing.JDialog; +import javax.swing.JFrame; +import javax.swing.SwingUtilities; +import org.sleuthkit.autopsy.coreutils.Log; + +/** + * + * @author Alex + */ +public class ReportPanelAction { + private static final String ACTION_NAME = "Report Preview"; + private StringBuilder viewReport = new StringBuilder(); + public ReportPanelAction(){ + + } + + public void reportGenerate(final ReportConfiguration reportconfig, final ReportFilter rr){ + try { + //Clear any old reports in the string + viewReport.setLength(0); + + + // Generate the reports and create the hashmap + final ReportGen report = new ReportGen(); + //see what reports we need to run and run them + //Set progress bar to move while doing this + SwingUtilities.invokeLater(new Runnable() { + @Override + public void run() { + rr.progBarStartText(); + }}); + report.populateReport(reportconfig); + SwingUtilities.invokeLater(new Runnable() { + @Override + public void run() { + rr.progBarCount(2*report.Results.size()); + }}); + //Turn our results into the appropriate xml/html reports + //TODO: add a way for users to select what they will run when + Thread reportThread = new Thread(new Runnable() + { + @Override + public void run() + { + StopWatch a = new StopWatch(); + a.start(); + ReportHTML htmlReport = new ReportHTML(); + try{ + String htmlpath = htmlReport.generateReport(reportconfig, rr); + BrowserControl.openUrl(htmlpath); + } + catch(ReportModuleException e){ + Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the htmlReport", e); + } + a.stop(); + System.out.println("html in milliseconds: " + a.getElapsedTime()); + + StopWatch s = new StopWatch(); + s.start(); + ReportXLS xlsReport = new ReportXLS(); + try{ + xlsReport.generateReport(reportconfig,rr); + } + catch(ReportModuleException e){ + Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the XLS Report", e); + } + s.stop(); + System.out.println("xls in milliseconds: " + s.getElapsedTime()); + + StopWatch S = new StopWatch(); + S.start(); + ReportXML xmlReport = new ReportXML(); + try{ + xmlReport.generateReport(reportconfig,rr); + } + catch(ReportModuleException e){ + Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the XML Report", e); + } + S.stop(); + System.out.println("xml in milliseconds: " + S.getElapsedTime()); + } + }); + + + // start our threads + reportThread.start(); + + // display the window + + // create the popUp window for it + if(ReportFilter.cancel == false){ + + final JFrame frame = new JFrame(ACTION_NAME); + final JDialog popUpWindow = new JDialog(frame, ACTION_NAME, true); // to make the popUp Window to be modal + + + // initialize panel with loaded settings + + //Set the temporary label to let the user know its done and is waiting on the report + rr.progBarText(); + final ReportPanel panel = new ReportPanel(); + + + panel.setjButton1ActionListener(new ActionListener() { + + @Override + public void actionPerformed(ActionEvent e) { + popUpWindow.dispose(); + } + }); + // add the panel to the popup window + popUpWindow.add(panel); + + popUpWindow.setResizable(true); + popUpWindow.pack(); + // set the location of the popUp Window on the center of the screen + Dimension screenDimension = Toolkit.getDefaultToolkit().getScreenSize(); + double w = popUpWindow.getSize().getWidth(); + double h = popUpWindow.getSize().getHeight(); + popUpWindow.setLocation((int) ((screenDimension.getWidth() - w) / 2), (int) ((screenDimension.getHeight() - h) / 2)); + + reportThread.join(); + rr.progBarDone(); + panel.setFinishedReportText(); + popUpWindow.setVisible(true); + + + + + } + } catch (Exception ex) { + Log.get(ReportFilterAction.class).log(Level.WARNING, "Error displaying " + ACTION_NAME + " window.", ex); + } + } +} diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportUtils.java b/Report/src/org/sleuthkit/autopsy/report/ReportUtils.java new file mode 100644 index 0000000000..ba3dd55969 --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/ReportUtils.java @@ -0,0 +1,55 @@ + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.sleuthkit.autopsy.report; + +/** + * + * @author Alex + */ +public class ReportUtils { + + static String changeExtension(String originalName, String newExtension) { + int lastDot = originalName.lastIndexOf("."); + if (lastDot != -1) { + return originalName.substring(0, lastDot) + newExtension; + } else { + return originalName + newExtension; + } + } + + public static String insertPeriodically(String text, String insert, int period) { + StringBuilder builder = new StringBuilder( + text.length() + insert.length() * (text.length() / period) + 1); + + int index = 0; + String prefix = ""; + while (index < text.length()) { + // Don't put the insert in the very first iteration. + // This is easier than appending it *after* each substring + builder.append(prefix); + prefix = insert; + builder.append(text.substring(index, + Math.min(index + period, text.length()))); + index += period; + } + return builder.toString(); + } +} \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportXLS.java b/Report/src/org/sleuthkit/autopsy/report/ReportXLS.java new file mode 100644 index 0000000000..110e466fc5 --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/ReportXLS.java @@ -0,0 +1,435 @@ + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.sleuthkit.autopsy.report; + +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.File; +import java.text.DateFormat; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.Map.Entry; +import java.util.TreeMap; +import java.util.logging.Level; +import java.util.logging.Logger; +import org.apache.poi.ss.usermodel.*; +import org.apache.poi.xssf.usermodel.XSSFWorkbook; +import org.sleuthkit.autopsy.casemodule.Case; +import org.sleuthkit.datamodel.*; + +/** + * + * @author Alex + */ +public class ReportXLS implements ReportModule { + + public static Workbook wb = new XSSFWorkbook(); + private static String xlsPath = ""; + private ReportConfiguration config; + + public ReportXLS() { + //Empty the workbook first + + } + @Override + public String generateReport(ReportConfiguration reportconfig, ReportFilter rr) throws ReportModuleException { + config = reportconfig; + ReportGen reportobj = new ReportGen(); + reportobj.populateReport(reportconfig); + HashMap> report = reportobj.Results; + Workbook wbtemp = new XSSFWorkbook(); + int countGen = 0; + int countBookmark = 0; + int countCookie = 0; + int countHistory = 0; + int countDownload = 0; + int countRecentObjects = 0; + int countTrackPoint = 0; + int countInstalled = 0; + int countKeyword = 0; + int countHash = 0; + int countDevice = 0; + for (Entry> entry : report.entrySet()) { + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getTypeID()) { + countGen++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID()) { + countBookmark++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getTypeID()) { + + countCookie++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID()) { + + countHistory++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getTypeID()) { + countDownload++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getTypeID()) { + countRecentObjects++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getTypeID()) { + countTrackPoint++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getTypeID()) { + countInstalled++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) { + countKeyword++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()) { + countHash++; + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID()) { + countDevice++; + } + } + + try { + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase skCase = currentCase.getSleuthkitCase(); + String caseName = currentCase.getName(); + Integer imagecount = currentCase.getImageIDs().length; + Integer filesystemcount = currentCase.getRootObjectsCount(); + Integer totalfiles = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_REG); + Integer totaldirs = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_DIR); + DateFormat datetimeFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); + DateFormat dateFormat = new SimpleDateFormat("MM-dd-yyyy-HH-mm-ss"); + Date date = new Date(); + String datetime = datetimeFormat.format(date); + String datenotime = dateFormat.format(date); + + //The first summary report page + Sheet sheetSummary = wbtemp.createSheet("Summary"); + + //Generate a sheet per artifact type + // Sheet sheetGen = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getDisplayName()); + Sheet sheetHash = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getDisplayName()); + Sheet sheetDevice = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getDisplayName()); + Sheet sheetInstalled = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getDisplayName()); + Sheet sheetKeyword = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getDisplayName()); + // Sheet sheetTrackpoint = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getDisplayName()); + Sheet sheetRecent = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getDisplayName()); + Sheet sheetCookie = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getDisplayName()); + Sheet sheetBookmark = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getDisplayName()); + Sheet sheetDownload = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getDisplayName()); + Sheet sheetHistory = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getDisplayName()); + + //Bold/underline cell style for the top header rows + CellStyle style = wbtemp.createCellStyle(); + style.setBorderBottom((short) 2); + Font font = wbtemp.createFont(); + font.setFontHeightInPoints((short) 14); + font.setFontName("Arial"); + font.setBoldweight((short) 2); + style.setFont(font); + + //create 'default' style + CellStyle defaultstyle = wbtemp.createCellStyle(); + defaultstyle.setBorderBottom((short) 2); + Font defaultfont = wbtemp.createFont(); + defaultfont.setFontHeightInPoints((short) 14); + defaultfont.setFontName("Arial"); + defaultfont.setBoldweight((short) 2); + defaultstyle.setFont(defaultfont); + //create the rows in the worksheet for our records + //Create first row and header + // sheetGen.createRow(0); + // sheetGen.getRow(0).createCell(0).setCellValue("Name"); + // sheetGen.getRow(0).createCell(1).setCellValue("Value"); + // sheetGen.getRow(0).createCell(2).setCellValue("Date/Time"); + sheetSummary.setDefaultColumnStyle(1, defaultstyle); + sheetSummary.createRow(0).setRowStyle(style); + sheetSummary.getRow(0).createCell(0).setCellValue("Summary Information"); + sheetSummary.getRow(0).createCell(1).setCellValue(caseName); + //add some basic information + sheetSummary.createRow(1).setRowStyle(defaultstyle); + sheetSummary.getRow(1).createCell(0).setCellValue("# of Images"); + sheetSummary.getRow(1).createCell(1).setCellValue(imagecount); + sheetSummary.createRow(2); + sheetSummary.getRow(2).createCell(0).setCellValue("Filesystems found"); + sheetSummary.getRow(2).createCell(1).setCellValue(imagecount); + sheetSummary.createRow(3); + sheetSummary.getRow(3).createCell(0).setCellValue("# of Files"); + sheetSummary.getRow(3).createCell(1).setCellValue(totalfiles); + sheetSummary.createRow(4); + sheetSummary.getRow(4).createCell(0).setCellValue("# of Directories"); + sheetSummary.getRow(4).createCell(1).setCellValue(totaldirs); + sheetSummary.createRow(5); + sheetSummary.getRow(5).createCell(0).setCellValue("Date/Time"); + sheetSummary.getRow(5).createCell(1).setCellValue(datetime); + + + sheetHash.setDefaultColumnStyle(1, defaultstyle); + sheetHash.createRow(0).setRowStyle(style); + sheetHash.getRow(0).createCell(0).setCellValue("Name"); + sheetHash.getRow(0).createCell(1).setCellValue("Size"); + sheetHash.getRow(0).createCell(2).setCellValue("Hashset Name"); + + sheetDevice.setDefaultColumnStyle(1, defaultstyle); + sheetDevice.createRow(0).setRowStyle(style); + sheetDevice.getRow(0).createCell(0).setCellValue("Name"); + sheetDevice.getRow(0).createCell(1).setCellValue("Serial #"); + sheetDevice.getRow(0).createCell(2).setCellValue("Time"); + + sheetInstalled.setDefaultColumnStyle(1, defaultstyle); + sheetInstalled.createRow(0).setRowStyle(style); + sheetInstalled.getRow(0).createCell(0).setCellValue("Program Name"); + sheetInstalled.getRow(0).createCell(1).setCellValue("Install Date/Time"); + + sheetKeyword.setDefaultColumnStyle(1, defaultstyle); + sheetKeyword.createRow(0).setRowStyle(style); + sheetKeyword.getRow(0).createCell(0).setCellValue("Keyword"); + sheetKeyword.getRow(0).createCell(1).setCellValue("File Name"); + sheetKeyword.getRow(0).createCell(2).setCellValue("Preview"); + sheetKeyword.getRow(0).createCell(3).setCellValue("Keyword LIst"); + + sheetRecent.setDefaultColumnStyle(1, defaultstyle); + sheetRecent.createRow(0).setRowStyle(style); + sheetRecent.getRow(0).createCell(0).setCellValue("Name"); + sheetRecent.getRow(0).createCell(1).setCellValue("Path"); + sheetRecent.getRow(0).createCell(2).setCellValue("Related Shortcut"); + + sheetCookie.setDefaultColumnStyle(1, defaultstyle); + sheetCookie.createRow(0).setRowStyle(style); + sheetCookie.getRow(0).createCell(0).setCellValue("URL"); + sheetCookie.getRow(0).createCell(1).setCellValue("Date"); + sheetCookie.getRow(0).createCell(2).setCellValue("Name"); + sheetCookie.getRow(0).createCell(3).setCellValue("Value"); + sheetCookie.getRow(0).createCell(4).setCellValue("Program"); + + sheetBookmark.setDefaultColumnStyle(1, defaultstyle); + sheetBookmark.createRow(0).setRowStyle(style); + sheetBookmark.getRow(0).createCell(0).setCellValue("URL"); + sheetBookmark.getRow(0).createCell(1).setCellValue("Title"); + sheetBookmark.getRow(0).createCell(2).setCellValue("Program"); + + sheetDownload.setDefaultColumnStyle(1, defaultstyle); + sheetDownload.createRow(0).setRowStyle(style); + sheetDownload.getRow(0).createCell(0).setCellValue("File"); + sheetDownload.getRow(0).createCell(1).setCellValue("Source"); + sheetDownload.getRow(0).createCell(2).setCellValue("Time"); + sheetDownload.getRow(0).createCell(3).setCellValue("Program"); + + sheetHistory.setDefaultColumnStyle(1, defaultstyle); + sheetHistory.createRow(0).setRowStyle(style); + sheetHistory.getRow(0).createCell(0).setCellValue("URL"); + sheetHistory.getRow(0).createCell(1).setCellValue("Date"); + sheetHistory.getRow(0).createCell(2).setCellValue("Referrer"); + sheetHistory.getRow(0).createCell(3).setCellValue("Title"); + sheetHistory.getRow(0).createCell(4).setCellValue("Program"); + + for (int i = 0; i < wbtemp.getNumberOfSheets(); i++) { + Sheet tempsheet = wbtemp.getSheetAt(i); + tempsheet.setAutobreaks(true); + + for (Row temprow : tempsheet) { + for (Cell cell : temprow) { + cell.setCellStyle(style); + tempsheet.autoSizeColumn(cell.getColumnIndex()); + } + } + } + + int countedGen = 0; + int countedBookmark = 0; + int countedCookie = 0; + int countedHistory = 0; + int countedDownload = 0; + int countedRecentObjects = 0; + int countedTrackPoint = 0; + int countedInstalled = 0; + int countedKeyword = 0; + int countedHash = 0; + int countedDevice = 0; + + //start populating the sheets in the workbook + for (Entry> entry : report.entrySet()) { + if (ReportFilter.cancel == true) { + break; + } + int cc = 0; + Long objId = entry.getKey().getObjectID(); + FsContent file = skCase.getFsContentById(objId); + Long filesize = file.getSize(); + TreeMap attributes = new TreeMap(); + // Get all the attributes, line them up to be added. Place empty string placeholders for each attribute type + int n; + for (n = 1; n <= 36; n++) { + attributes.put(n, ""); + + } + for (BlackboardAttribute tempatt : entry.getValue()) { + if (ReportFilter.cancel == true) { + break; + } + String value = ""; + int type = tempatt.getAttributeTypeID(); + if (tempatt.getValueString() == null || "null".equals(tempatt.getValueString())) { + } else if (type == 2 || type == 33) { + value = new java.text.SimpleDateFormat("MM/dd/yyyy HH:mm:ss").format(new java.util.Date((tempatt.getValueLong()) * 1000)); + } else { + value = tempatt.getValueString(); + } + + attributes.put(type, value); + cc++; + } + + + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getTypeID()) { + countedGen++; + // Row temp = sheetGen.getRow(countedGen); + + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID()) { + countedBookmark++; + Row temp = sheetBookmark.createRow(countedBookmark); + temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())); + temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())); + temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getTypeID()) { + countedCookie++; + Row temp = sheetCookie.createRow(countedCookie); + temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())); + temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())); + temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())); + temp.createCell(3).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_VALUE.getTypeID())); + temp.createCell(4).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID()) { + countedHistory++; + Row temp = sheetHistory.createRow(countedHistory); + temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())); + temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID())); + temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_REFERRER.getTypeID())); + temp.createCell(3).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())); + temp.createCell(4).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getTypeID()) { + countedDownload++; + Row temp = sheetDownload.createRow(countedDownload); + temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH.getTypeID())); + temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID())); + temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID())); + temp.createCell(3).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getTypeID()) { + countedRecentObjects++; + Row temp = sheetRecent.createRow(countedRecentObjects); + temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())); + temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH.getTypeID())); + temp.createCell(2).setCellValue(file.getName()); + temp.createCell(3).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getTypeID()) { + // sheetTrackpoint.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getTypeID()) { + countedInstalled++; + Row temp = sheetInstalled.createRow(countedInstalled); + temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID())); + temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) { + countedKeyword++; + Row temp = sheetKeyword.createRow(countedKeyword); + temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD.getTypeID())); + temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID())); + temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_PREVIEW.getTypeID())); + temp.createCell(3).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_SET.getTypeID())); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()) { + countedHash++; + Row temp = sheetHash.createRow(countedHash); + temp.createCell(0).setCellValue(file.getName().toString()); + temp.createCell(1).setCellValue(filesize.toString()); + temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_HASHSET_NAME.getTypeID())); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID()) { + countedDevice++; + Row temp = sheetDevice.createRow(countedDevice); + temp.createCell(0).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DEVICE_MODEL.getTypeID())); + temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DEVICE_ID.getTypeID())); + temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())); + } + + + cc++; + rr.progBarSet(cc); + } + + + //write out the report to the reports folder, set the wbtemp to the primary wb object + wb = wbtemp; + xlsPath = currentCase.getCaseDirectory() + File.separator + "Reports" + File.separator + caseName + "-" + datenotime + ".xlsx"; + this.save(xlsPath); + + } catch (Exception E) { + String test = E.toString(); + } + + return xlsPath; + } + + @Override + public void save(String path) + { + try{ + FileOutputStream fos = new FileOutputStream(path); + wb.write(fos); + fos.close(); + } + catch(IOException e){ + Logger.getLogger(ReportHTML.class.getName()).log(Level.SEVERE, "Could not write out XLS report!", e); + } + + } + + @Override + public String getReportType(){ + String type = "XLS"; + return type; + } + + + @Override + public ReportConfiguration GetReportConfiguration(){ + return config; + } + + + @Override + public String getReportTypeDescription(){ + String desc = "This is an xls formatted report that is meant to be viewed in Excel."; + return desc; + } + + @Override + public String generateReport() throws ReportModuleException { + throw new UnsupportedOperationException("Not supported yet."); + } +} diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportXML.java b/Report/src/org/sleuthkit/autopsy/report/ReportXML.java new file mode 100644 index 0000000000..5f28552675 --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/ReportXML.java @@ -0,0 +1,259 @@ + /* + * + * Autopsy Forensic Browser + * + * Copyright 2012 42six Solutions. + * Contact: aebadirad 42six com + * Project Contact/Architect: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.sleuthkit.autopsy.report; + +import java.io.FileOutputStream; +import java.io.File; +import java.io.IOException; +import java.text.DateFormat; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.Map.Entry; +import java.util.logging.Level; +import java.util.logging.Logger; +import java.util.regex.Pattern; +import org.apache.commons.lang3.StringEscapeUtils; +import org.jdom.Comment; +import org.jdom.Document; +import org.jdom.Element; +import org.jdom.output.XMLOutputter; +import org.sleuthkit.autopsy.casemodule.Case; +import org.sleuthkit.autopsy.ingest.IngestManager; +import org.sleuthkit.datamodel.*; + +public class ReportXML implements ReportModule { + + public static Document xmldoc = new Document(); + private ReportConfiguration reportconfig; + private String xmlPath; + + public ReportXML() { + } + + @Override + public String generateReport(ReportConfiguration reportconfig, ReportFilter rr) throws ReportModuleException{ + ReportGen reportobj = new ReportGen(); + reportobj.populateReport(reportconfig); + HashMap> report = reportobj.Results; + try { + Case currentCase = Case.getCurrentCase(); // get the most updated case + SleuthkitCase skCase = currentCase.getSleuthkitCase(); + String caseName = currentCase.getName(); + Integer imagecount = currentCase.getImageIDs().length; + Integer filesystemcount = currentCase.getRootObjectsCount(); + Integer totalfiles = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_REG); + Integer totaldirs = skCase.countFsContentType(TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_DIR); + Element root = new Element("Case"); + xmldoc = new Document(root); + DateFormat datetimeFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss"); + DateFormat dateFormat = new SimpleDateFormat("MM-dd-yyyy-HH-mm-ss"); + Date date = new Date(); + String datetime = datetimeFormat.format(date); + String datenotime = dateFormat.format(date); + Comment comment = new Comment("XML Report Generated by Autopsy 3 on " + datetime); + root.addContent(comment); + //Create summary node involving how many of each type + Element summary = new Element("Summary"); + if (IngestManager.getDefault().isIngestRunning()) { + summary.addContent(new Element("Warning").setText("Report was run before ingest services completed!")); + } + summary.addContent(new Element("Name").setText(caseName)); + summary.addContent(new Element("Total-Images").setText(imagecount.toString())); + summary.addContent(new Element("Total-FileSystems").setText(filesystemcount.toString())); + summary.addContent(new Element("Total-Files").setText(totalfiles.toString())); + summary.addContent(new Element("Total-Directories").setText(totaldirs.toString())); + root.addContent(summary); + //generate the nodes for each of the types so we can use them later + Element nodeGen = new Element("General-Information"); + Element nodeWebBookmark = new Element("Web-Bookmarks"); + Element nodeWebCookie = new Element("Web-Cookies"); + Element nodeWebHistory = new Element("Web-History"); + Element nodeWebDownload = new Element("Web-Downloads"); + Element nodeRecentObjects = new Element("Recent-Documents"); + Element nodeTrackPoint = new Element("Track-Points"); + Element nodeInstalled = new Element("Installed-Programfiles"); + Element nodeKeyword = new Element("Keyword-Search-Hits"); + Element nodeHash = new Element("Hashset-Hits"); + Element nodeDevice = new Element("Attached-Devices"); + //remove bytes + Pattern INVALID_XML_CHARS = Pattern.compile("[^\\u0009\\u000A\\u000D\\u0020-\\uD7FF\\uE000-\\uFFFD\uD800\uDC00-\uDBFF\uDFFF]"); + for (Entry> entry : report.entrySet()) { + if (ReportFilter.cancel == true) { + break; + } + int cc = 0; + Element artifact = new Element("Artifact"); + Long objId = entry.getKey().getObjectID(); + Content cont = skCase.getContentById(objId); + Long filesize = cont.getSize(); + artifact.setAttribute("ID", objId.toString()); + artifact.setAttribute("Name", cont.accept(new NameVisitor())); + artifact.setAttribute("Size", filesize.toString()); + + // Get all the attributes for this guy + for (BlackboardAttribute tempatt : entry.getValue()) { + if (ReportFilter.cancel == true) { + break; + } + Element attribute = new Element("Attribute").setAttribute("Type", tempatt.getAttributeTypeDisplayName()); + String tempvalue = tempatt.getValueString(); + //INVALID_XML_CHARS.matcher(tempvalue).replaceAll(""); + Element value = new Element("Value").setText(tempvalue); + attribute.addContent(value); + Element context = new Element("Context").setText(StringEscapeUtils.escapeXml(tempatt.getContext())); + attribute.addContent(context); + artifact.addContent(attribute); + cc++; + } + + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getTypeID()) { + //while (entry.getValue().iterator().hasNext()) + // { + // } + nodeGen.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID()) { + + + nodeWebBookmark.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE.getTypeID()) { + + nodeWebCookie.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID()) { + + nodeWebHistory.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD.getTypeID()) { + nodeWebDownload.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT.getTypeID()) { + nodeRecentObjects.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_TRACKPOINT.getTypeID()) { + nodeTrackPoint.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getTypeID()) { + nodeInstalled.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) { + nodeKeyword.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()) { + nodeHash.addContent(artifact); + } + if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID()) { + nodeDevice.addContent(artifact); + } + cc++; + rr.progBarSet(cc); + //end of master loop + } + + //add them in the order we want them to the document + root.addContent(nodeGen); + root.addContent(nodeWebBookmark); + root.addContent(nodeWebCookie); + root.addContent(nodeWebHistory); + root.addContent(nodeWebDownload); + root.addContent(nodeRecentObjects); + root.addContent(nodeTrackPoint); + root.addContent(nodeInstalled); + root.addContent(nodeKeyword); + root.addContent(nodeHash); + root.addContent(nodeDevice); + + + //Export it the first time + xmlPath = currentCase.getCaseDirectory() + File.separator + "Reports" + File.separator + caseName + "-" + datenotime + ".xml"; + this.save(xmlPath); + + } catch (Exception e) { + Logger.getLogger(ReportXML.class.getName()).log(Level.WARNING, "Exception occurred", e); + } + + return xmlPath; + } + + @Override + public void save(String path) { + + try { + + FileOutputStream out = new FileOutputStream(path); + XMLOutputter serializer = new XMLOutputter(); + serializer.output(xmldoc, out); + out.flush(); + out.close(); + } catch (IOException e) { + System.err.println(e); + } + + } + + @Override + public String getReportType() { + String type = "XML"; + return type; + } + + @Override + public ReportConfiguration GetReportConfiguration() { + ReportConfiguration config = reportconfig; + return config; + } + + @Override + public String getReportTypeDescription() { + String desc = "This is an html formatted report that is meant to be viewed in a modern browser."; + return desc; + } + + @Override + public String generateReport() throws ReportModuleException { + throw new UnsupportedOperationException("Not supported yet."); + } + + private class NameVisitor extends ContentVisitor.Default { + + @Override + protected String defaultVisit(Content cntnt) { + throw new UnsupportedOperationException("Not supported for " + cntnt.toString()); + } + + @Override + public String visit(Directory dir) { + return dir.getName(); + } + + @Override + public String visit(Image img) { + return img.getName(); + } + + public String visit(File fil) { + return fil.getName(); + } + } +} diff --git a/Report/src/org/sleuthkit/autopsy/report/StopWatch.java b/Report/src/org/sleuthkit/autopsy/report/StopWatch.java new file mode 100644 index 0000000000..796c3af43e --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/StopWatch.java @@ -0,0 +1,60 @@ +/* + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ +package org.sleuthkit.autopsy.report; + +/** + * + * @author Alex + */ +public class StopWatch { + + private long startTime = 0; + private long stopTime = 0; + private boolean running = false; + + + public void start() { + this.startTime = System.currentTimeMillis(); + this.running = true; + } + + + public void stop() { + this.stopTime = System.currentTimeMillis(); + this.running = false; + } + + + //elaspsed time in milliseconds + public long getElapsedTime() { + long elapsed; + if (running) { + elapsed = (System.currentTimeMillis() - startTime); + } + else { + elapsed = (stopTime - startTime); + } + return elapsed; + } + + public void reset(){ + + startTime = 0; + stopTime = 0; + running = false; + } + + //elaspsed time in seconds + public long getElapsedTimeSecs() { + long elapsed; + if (running) { + elapsed = ((System.currentTimeMillis() - startTime) / 1000); + } + else { + elapsed = ((stopTime - startTime) / 1000); + } + return elapsed; + } +} \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/btn_icon_generate_report.png b/Report/src/org/sleuthkit/autopsy/report/btn_icon_generate_report.png new file mode 100644 index 0000000000000000000000000000000000000000..d27b5bfc7424bfa762792631061e55c434c61157 GIT binary patch literal 1632 zcmbVMeM}Q)7(bx`B5ooMoen(@4fsLty=!TEH;R;gK%K>=;>L6d9_>-Cw0GUzbrgn^ z4@He})0rhYr(m+oIgFwki@|Jw0;`*G7`MeaH_^DjWQk6ldTyn4EX$*th&wH0~!_KH$F;Xqbq!Wn*2BJj{61^Yd2Rv`UaWSp0j z)}dn*fyYh6QZ4e>sRD}?)^j`!r^`W_9jE}T!sM7jsaC63z&OAF3UCy|(=auuz)1k$ ziGfIJyrY=38B7ye(oTz%h@zK7(Xz5Kd6`1a@lF&Y2qMIR<7tvbno!P)ls}CXlEVxJ zTCnqsS7bOA4lzHDB#7L>I7pz-01Q(rff@%Y4TceTHqhyDy-ov^1_h=Hb36^J zRI7kqqt~nS3LL|Xm<}ijlhOo?CKFC%6WL*`nH5BewbNl;M$*+N382R{N|mJbpIB1Q z)0D{Z`5fmC7nHSx6FH%T^TPVI>9B>eGi+!d%C;1f6s>{gnYU<%iRV1<_{EdVQ}ope zwbH0cR}$g4F+k{Wl}>L^7<3q}MkcV1|8r-kbkuxEfo)UB&3|) zJUaY=?7^>_-LCyjuXl8GYeAXJ^BS6ZPI(fjwKVTyV7io_wp}T;l92P)bTl?a`ymwfzd`>8fkin#}C?7FN#P z2V0SY($H<#@Um>KQxP*9QyjQ@|5EDB!(HEE)Y~E&2SUq?o@8IyN?wmkR=Qlf3pKD7*14B{79|=h!e0TnbTXa453<+Zz+%&v&fy1$qYRucub}1|q;Fp;z|)w@YghM~6qFf4u2DaEgyGQHhUbqm|+&8f1^c!c7_oupg&$z4$#E;xyO8&y3`B|>*yXLUe#~G() zMXrbs2LDblj`j7|--=E;)wp}FdU2n1(}S^JxMRb)5BD^IWx-32j--yX-l?ZFvo>^f z^(S{dTGYLGdVK5BU7ua-y}WL*7CvS=WYp=ZWsTGJtuG*Q`0g8*4e2|xe6dSTWtb_HM_VsW;DO uRm!%j4-dvnyIU3O!Z+PZaxIO8VgPg_Y1v*TrC}iS&o>+M49BxK*8BrK>RYt{ literal 0 HcmV?d00001 diff --git a/Report/src/org/sleuthkit/autopsy/report/layer.xml b/Report/src/org/sleuthkit/autopsy/report/layer.xml new file mode 100644 index 0000000000..6265bf7284 --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/layer.xml @@ -0,0 +1,23 @@ + + + + + + + + + + + + + + + + + + + + + + + From efc98cab470ec91df6394a370a38ef48c4b6f985 Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Fri, 11 May 2012 10:29:50 -0700 Subject: [PATCH 15/22] change to report/Report.java 's getgroupedkeywords method --- .../org/sleuthkit/autopsy/report/Report.java | 47 ++++++++----------- 1 file changed, 20 insertions(+), 27 deletions(-) diff --git a/Report/src/org/sleuthkit/autopsy/report/Report.java b/Report/src/org/sleuthkit/autopsy/report/Report.java index 08848d667d..847a16c6d5 100644 --- a/Report/src/org/sleuthkit/autopsy/report/Report.java +++ b/Report/src/org/sleuthkit/autopsy/report/Report.java @@ -46,37 +46,30 @@ public class Report { Case currentCase = Case.getCurrentCase(); // get the most updated case SleuthkitCase tempDb = currentCase.getSleuthkitCase(); try { - - ResultSet uniqueresults = tempDb.runQuery("SELECT DISTINCT value_text from blackboard_attributes where attribute_type_id = '10' order by value_text ASC"); - + String temp1 = "CREATE TABLE report_keyword AS SELECT value_text as keyword,blackboard_attributes.attribute_type_id, blackboard_attributes.artifact_id FROM blackboard_attributes WHERE attribute_type_id = 10;"; + String temp2 = "CREATE TABLE report_preview AS SELECT value_text as preview, blackboard_attributes.attribute_type_id, blackboard_attributes.artifact_id FROM blackboard_attributes WHERE attribute_type_id = 11;"; + String temp3 = "CREATE TABLE report_exp AS SELECT value_text as exp, blackboard_attributes.attribute_type_id, blackboard_attributes.artifact_id FROM blackboard_attributes WHERE attribute_type_id = 12;"; + String temp4 = "CREATE TABLE report_name AS SELECT name, report_keyword.artifact_id from tsk_files,blackboard_artifacts, report_keyword WHERE blackboard_artifacts.artifact_id = report_keyword.artifact_id AND blackboard_artifacts.obj_id = tsk_files.obj_id;"; + String temp5 = "CREATE table report AS SELECT keyword,preview,exp, name from report_keyword INNER JOIN report_preview ON report_keyword.artifact_id=report_preview.artifact_id INNER JOIN report_exp ON report_preview.artifact_id=report_exp.artifact_id INNER JOIN report_name ON report_exp.artifact_id=report_name.artifact_id;"; + tempDb.runQuery(temp1+temp2+temp3+temp4+temp5); + ResultSet uniqueresults = tempDb.runQuery("select keyword, preview, exp, name FROM report ORDER BY keyword ASC"); + String keyword = ""; while (uniqueresults.next()) { - table.append("").append(uniqueresults.getString("value_text")).append(""); - table.append(""); - ArrayList artlist = new ArrayList(); - ResultSet tempresults = tempDb.runQuery("select DISTINCT artifact_id from blackboard_attributes where attribute_type_id = '10' and value_text = '" + uniqueresults.getString(1) + "'"); - while (tempresults.next()) { - artlist.add(tempDb.getBlackboardArtifact(tempresults.getLong(1))); + if(uniqueresults.getString("value_text") == null ? keyword == null : uniqueresults.getString("keyword").equals(keyword)) + { + } - - for (BlackboardArtifact art : artlist) { - String filename = tempDb.getFsContentById(art.getObjectID()).getName(); - String preview = ""; - String set = ""; - table.append(""); - ArrayList tempatts = art.getAttributes(); - for (BlackboardAttribute att : tempatts) { - if (att.getAttributeTypeID() == BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_REGEXP.getTypeID()) { - preview = ""; - } - if (att.getAttributeTypeID() == BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_PREVIEW.getTypeID()) { - set = ""; - } - } - table.append(preview).append(set).append(""); + else{ + keyword = uniqueresults.getString("keyword"); + table.append("").append(keyword).append(""); + table.append("
").append("File Name").append("PreviewKeyword List
").append(filename).append("" + att.getValueString() + "" + att.getValueString() + "
"); } - - table.append("
").append("File Name").append("PreviewKeyword List


"); + table.append("").append(uniqueresults.getString("name")).append(""); + table.append("").append(uniqueresults.getString("preview")).append("").append("").append(uniqueresults.getString("exp")).append("").append(""); + table.append("

"); } + tempDb.runQuery("DROP TABLE report_keyword; DROP TABLE report_preview; DROP TABLE report_exp; DROP TABLE report_name; DROP TABLE report;"); + } catch (Exception e) { Logger.getLogger(Report.class.getName()).log(Level.WARNING, "Exception occurred", e); } From 88251cb997e12e5410fb47117f5843d85992c69d Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Fri, 11 May 2012 15:13:58 -0700 Subject: [PATCH 16/22] Reporting caps fix Signed-off-by: Alex Ebadirad --- .../autopsy/report/Bundle.properties | 2 +- .../sleuthkit/autopsy/report/ReportHTML.java | 1 + .../org/sleuthkit/autopsy/report/layer.xml | 21 +++++++++++++------ 3 files changed, 17 insertions(+), 7 deletions(-) diff --git a/Report/src/org/sleuthkit/autopsy/report/Bundle.properties b/Report/src/org/sleuthkit/autopsy/report/Bundle.properties index 5f3a9a6ebf..7937053bb0 100644 --- a/Report/src/org/sleuthkit/autopsy/report/Bundle.properties +++ b/Report/src/org/sleuthkit/autopsy/report/Bundle.properties @@ -1,5 +1,5 @@ OpenIDE-Module-Name=Report -Toolbars/Reports/org-sleuthkit-autopsy-report-reportAction.shadow=Reports +Toolbars/Reports/org-sleuthkit-autopsy-report-ReportAction.shadow=Reports ReportFilter.progBar.string= ReportFilter.cancelButton.actionCommand= ReportFilter.cancelButton.text=Cancel diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java b/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java index a3440ae98b..cf858a12af 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java @@ -464,5 +464,6 @@ public class ReportHTML implements ReportModule{ public String generateReport() throws ReportModuleException { throw new UnsupportedOperationException("Not supported yet."); } + } \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/layer.xml b/Report/src/org/sleuthkit/autopsy/report/layer.xml index 6265bf7284..5888a01825 100644 --- a/Report/src/org/sleuthkit/autopsy/report/layer.xml +++ b/Report/src/org/sleuthkit/autopsy/report/layer.xml @@ -5,15 +5,24 @@ - + - + + + + + + + - - - - + + + + + + + From 61dba172ec1934c9bdcc9d6c61e62ff88998d400 Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Mon, 14 May 2012 09:45:39 -0700 Subject: [PATCH 17/22] Tweaks to report/Report.java --- RecentActivity/nbproject/genfiles.properties | 8 ++-- RecentActivity/nbproject/project.properties | 1 + RecentActivity/nbproject/project.xml | 10 ++--- .../autopsy/recentactivity/Bundle.properties | 1 + .../autopsy/recentactivity/dbconnect.java | 3 -- Report/nbproject/genfiles.properties | 8 ++-- Report/nbproject/project.xml | 8 ++++ .../org/sleuthkit/autopsy/report/Report.java | 44 +++++++++++++++---- .../autopsy/report/ReportFilter.form | 2 +- .../autopsy/report/ReportFilter.java | 1 + .../sleuthkit/autopsy/report/ReportUtils.java | 20 +++++++++ .../sleuthkit/autopsy/report/ReportXML.java | 8 +++- .../org/sleuthkit/autopsy/report/layer.xml | 13 +++--- 13 files changed, 92 insertions(+), 35 deletions(-) diff --git a/RecentActivity/nbproject/genfiles.properties b/RecentActivity/nbproject/genfiles.properties index 9e5bb239dc..ac6636ed07 100644 --- a/RecentActivity/nbproject/genfiles.properties +++ b/RecentActivity/nbproject/genfiles.properties @@ -1,8 +1,8 @@ -build.xml.data.CRC32=dacaa05a +build.xml.data.CRC32=f4b57a2d build.xml.script.CRC32=d323407a -build.xml.stylesheet.CRC32=a56c6a5b@1.46.1 +build.xml.stylesheet.CRC32=a56c6a5b@1.46.2 # This file is used by a NetBeans-based IDE to track changes in generated files such as build-impl.xml. # Do not edit this file. You may delete it but then the IDE will never regenerate such files for you. -nbproject/build-impl.xml.data.CRC32=dacaa05a +nbproject/build-impl.xml.data.CRC32=f4b57a2d nbproject/build-impl.xml.script.CRC32=aef16a21 -nbproject/build-impl.xml.stylesheet.CRC32=238281d1@1.46.1 +nbproject/build-impl.xml.stylesheet.CRC32=238281d1@1.46.2 diff --git a/RecentActivity/nbproject/project.properties b/RecentActivity/nbproject/project.properties index c2587f0f66..87fc09e95f 100644 --- a/RecentActivity/nbproject/project.properties +++ b/RecentActivity/nbproject/project.properties @@ -1,5 +1,6 @@ file.reference.gson-2.1.jar=release/modules/ext/gson-2.1.jar file.reference.jdom-1.1.2.jar=release/modules/ext/jdom-1.1.2.jar file.reference.sqlite-jdbc-3.7.6.3-20110609.081603-3.jar=release/modules/ext/sqlite-jdbc-3.7.6.3-20110609.081603-3.jar +is.autoload=true javac.source=1.6 javac.compilerargs=-Xlint -Xlint:-serial diff --git a/RecentActivity/nbproject/project.xml b/RecentActivity/nbproject/project.xml index c6387afb84..8b4a1e91da 100644 --- a/RecentActivity/nbproject/project.xml +++ b/RecentActivity/nbproject/project.xml @@ -178,14 +178,10 @@ 0.0 - - org.sleuthkit.autopsy.report - - 1.0 - - - + + org.sleuthkit.autopsy.recentactivity + ext/sqlite-jdbc-3.7.6.3-20110609.081603-3.jar release/modules/ext/sqlite-jdbc-3.7.6.3-20110609.081603-3.jar diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Bundle.properties b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Bundle.properties index fc21672edd..3e1a5cd2cb 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Bundle.properties +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Bundle.properties @@ -1,3 +1,4 @@ +OpenIDE-Module-Display-Category=Java OpenIDE-Module-Name=RecentActivity RecentActivityTopComponent.makeNodesButton.text=Get Recent Activity RecentActivityTopComponent.jLabel1.text=Filter Options diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/dbconnect.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/dbconnect.java index 67272f5900..19064301f8 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/dbconnect.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/dbconnect.java @@ -15,9 +15,6 @@ import java.sql.*; public dbconnect(String sDriverForClass, String sUrlKey) throws Exception { init(sDriverForClass, sUrlKey); - //Statement stmt = conn.createStatement(); - //String selecthistory = "SELECT moz_historyvisits.id,url,title,visit_count,visit_date,from_visit,rev_host FROM moz_places, moz_historyvisits WHERE moz_places.id = moz_historyvisits.place_id AND hidden = 0"; - // ResultSet rs = stmt.executeQuery(selecthistory); } diff --git a/Report/nbproject/genfiles.properties b/Report/nbproject/genfiles.properties index 03f0e6b880..2e8895c1f4 100644 --- a/Report/nbproject/genfiles.properties +++ b/Report/nbproject/genfiles.properties @@ -1,8 +1,8 @@ -build.xml.data.CRC32=38c0b1aa +build.xml.data.CRC32=d88c1ca9 build.xml.script.CRC32=bbb1c310 -build.xml.stylesheet.CRC32=a56c6a5b@1.46.1 +build.xml.stylesheet.CRC32=a56c6a5b@1.46.2 # This file is used by a NetBeans-based IDE to track changes in generated files such as build-impl.xml. # Do not edit this file. You may delete it but then the IDE will never regenerate such files for you. -nbproject/build-impl.xml.data.CRC32=38c0b1aa +nbproject/build-impl.xml.data.CRC32=d88c1ca9 nbproject/build-impl.xml.script.CRC32=1562aec2 -nbproject/build-impl.xml.stylesheet.CRC32=238281d1@1.46.1 +nbproject/build-impl.xml.stylesheet.CRC32=238281d1@1.46.2 diff --git a/Report/nbproject/project.xml b/Report/nbproject/project.xml index b7a7ee39b9..6deb5c1af8 100644 --- a/Report/nbproject/project.xml +++ b/Report/nbproject/project.xml @@ -135,6 +135,14 @@ 0.0 + + org.sleuthkit.autopsy.recentactivity + + + + 1.0 + + diff --git a/Report/src/org/sleuthkit/autopsy/report/Report.java b/Report/src/org/sleuthkit/autopsy/report/Report.java index 847a16c6d5..43a5f7a52c 100644 --- a/Report/src/org/sleuthkit/autopsy/report/Report.java +++ b/Report/src/org/sleuthkit/autopsy/report/Report.java @@ -20,7 +20,9 @@ */ package org.sleuthkit.autopsy.report; -import java.sql.ResultSet; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileOutputStream; import java.util.ArrayList; import java.util.HashMap; import java.util.Map; @@ -30,6 +32,8 @@ import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.datamodel.BlackboardArtifact; import org.sleuthkit.datamodel.BlackboardAttribute; import org.sleuthkit.datamodel.SleuthkitCase; +import java.sql.*; +import org.sleuthkit.autopsy.recentactivity.dbconnect; /** * @@ -37,7 +41,7 @@ import org.sleuthkit.datamodel.SleuthkitCase; */ public class Report { - private void report() { + private void Report() { } public String getGroupedKeywordHit() { @@ -46,30 +50,52 @@ public class Report { Case currentCase = Case.getCurrentCase(); // get the most updated case SleuthkitCase tempDb = currentCase.getSleuthkitCase(); try { + ReportUtils util = new ReportUtils(); + util.copy(new FileInputStream(currentCase.getCaseDirectory()+File.separator+"autopsy.db"), new FileOutputStream(currentCase.getCaseDirectory()+File.separator+"autopsy-copy.db")); + dbconnect tempdbconnect = new dbconnect("org.sqlite.JDBC", "jdbc:sqlite:"+currentCase.getCaseDirectory()+File.separator+"autopsy-copy.db"); + tempdbconnect.executeStmt("DROP TABLE IF EXISTS report_keyword;"); + tempdbconnect.executeStmt("DROP TABLE IF EXISTS report_preview;"); + tempdbconnect.executeStmt("DROP TABLE IF EXISTS report_exp;"); + tempdbconnect.executeStmt("DROP TABLE IF EXISTS report_name;"); + tempdbconnect.executeStmt("DROP TABLE IF EXISTS report;"); String temp1 = "CREATE TABLE report_keyword AS SELECT value_text as keyword,blackboard_attributes.attribute_type_id, blackboard_attributes.artifact_id FROM blackboard_attributes WHERE attribute_type_id = 10;"; String temp2 = "CREATE TABLE report_preview AS SELECT value_text as preview, blackboard_attributes.attribute_type_id, blackboard_attributes.artifact_id FROM blackboard_attributes WHERE attribute_type_id = 11;"; String temp3 = "CREATE TABLE report_exp AS SELECT value_text as exp, blackboard_attributes.attribute_type_id, blackboard_attributes.artifact_id FROM blackboard_attributes WHERE attribute_type_id = 12;"; String temp4 = "CREATE TABLE report_name AS SELECT name, report_keyword.artifact_id from tsk_files,blackboard_artifacts, report_keyword WHERE blackboard_artifacts.artifact_id = report_keyword.artifact_id AND blackboard_artifacts.obj_id = tsk_files.obj_id;"; - String temp5 = "CREATE table report AS SELECT keyword,preview,exp, name from report_keyword INNER JOIN report_preview ON report_keyword.artifact_id=report_preview.artifact_id INNER JOIN report_exp ON report_preview.artifact_id=report_exp.artifact_id INNER JOIN report_name ON report_exp.artifact_id=report_name.artifact_id;"; - tempDb.runQuery(temp1+temp2+temp3+temp4+temp5); - ResultSet uniqueresults = tempDb.runQuery("select keyword, preview, exp, name FROM report ORDER BY keyword ASC"); + String temp5 = "CREATE TABLE report AS SELECT keyword,preview,exp, name from report_keyword INNER JOIN report_preview ON report_keyword.artifact_id=report_preview.artifact_id INNER JOIN report_exp ON report_preview.artifact_id=report_exp.artifact_id INNER JOIN report_name ON report_exp.artifact_id=report_name.artifact_id;"; + tempdbconnect.executeStmt(temp1); + tempdbconnect.executeStmt(temp2); + tempdbconnect.executeStmt(temp3); + tempdbconnect.executeStmt(temp4); + tempdbconnect.executeStmt(temp5); + ResultSet uniqueresults = tempdbconnect.executeQry("SELECT keyword, preview, exp, name FROM report ORDER BY keyword ASC"); String keyword = ""; while (uniqueresults.next()) { - if(uniqueresults.getString("value_text") == null ? keyword == null : uniqueresults.getString("keyword").equals(keyword)) + if(uniqueresults.getString("keyword") == null ? keyword == null : uniqueresults.getString("keyword").equals(keyword)) { } else{ + table.append("

"); keyword = uniqueresults.getString("keyword"); table.append("").append(keyword).append(""); table.append(""); } table.append(""); table.append("").append("").append(""); - table.append("
").append("File Name").append("PreviewKeyword List
").append(uniqueresults.getString("name")).append("").append(uniqueresults.getString("preview")).append("").append(uniqueresults.getString("exp")).append("


"); + } - tempDb.runQuery("DROP TABLE report_keyword; DROP TABLE report_preview; DROP TABLE report_exp; DROP TABLE report_name; DROP TABLE report;"); - + tempDb.close(); + tempdbconnect.executeStmt("DROP TABLE IF EXISTS report_keyword;"); + tempdbconnect.executeStmt("DROP TABLE IF EXISTS report_preview;"); + tempdbconnect.executeStmt("DROP TABLE IF EXISTS report_exp;"); + tempdbconnect.executeStmt("DROP TABLE IF EXISTS report_name;"); + tempdbconnect.executeStmt("DROP TABLE IF EXISTS report;"); + tempdbconnect.closeConnection(); + + File f1 = new File(currentCase.getCaseDirectory()+File.separator+"autopsy-copy.db"); + boolean success = f1.delete(); + } catch (Exception e) { Logger.getLogger(Report.class.getName()).log(Level.WARNING, "Exception occurred", e); } diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportFilter.form b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.form index 53b9485c2f..0718f0450a 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportFilter.form +++ b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.form @@ -1,4 +1,4 @@ - +
diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java index 88c236ecb9..84ffaf3bf5 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java @@ -195,6 +195,7 @@ private void jButton1ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRS progBar.setStringPainted(true); progBar.setValue(0); filters.clear(); + config.resetGenArtifactTypes(); if (jCheckBox1.isSelected()) { try { config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK, true); diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportUtils.java b/Report/src/org/sleuthkit/autopsy/report/ReportUtils.java index ba3dd55969..8c5b86f554 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportUtils.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportUtils.java @@ -20,6 +20,12 @@ */ package org.sleuthkit.autopsy.report; +import java.io.BufferedInputStream; +import java.io.BufferedOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; + /** * * @author Alex @@ -52,4 +58,18 @@ public class ReportUtils { } return builder.toString(); } + + public static void copy(InputStream in, OutputStream out) throws IOException { + + BufferedInputStream bin = new BufferedInputStream(in); + BufferedOutputStream bout = new BufferedOutputStream(out); + + while (true) { + int datum = bin.read(); + if (datum == -1) + break; + bout.write(datum); + } + bout.flush(); + } } \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportXML.java b/Report/src/org/sleuthkit/autopsy/report/ReportXML.java index 5f28552675..90d980ae66 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportXML.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportXML.java @@ -106,10 +106,14 @@ public class ReportXML implements ReportModule { Long objId = entry.getKey().getObjectID(); Content cont = skCase.getContentById(objId); Long filesize = cont.getSize(); - artifact.setAttribute("ID", objId.toString()); + try{ + artifact.setAttribute("ID", objId.toString()); artifact.setAttribute("Name", cont.accept(new NameVisitor())); artifact.setAttribute("Size", filesize.toString()); - + } + catch(Exception e){ + Logger.getLogger(ReportXML.class.getName()).log(Level.WARNING, "Visitor content exception occurred:", e); + } // Get all the attributes for this guy for (BlackboardAttribute tempatt : entry.getValue()) { if (ReportFilter.cancel == true) { diff --git a/Report/src/org/sleuthkit/autopsy/report/layer.xml b/Report/src/org/sleuthkit/autopsy/report/layer.xml index 5888a01825..700d9fc5ff 100644 --- a/Report/src/org/sleuthkit/autopsy/report/layer.xml +++ b/Report/src/org/sleuthkit/autopsy/report/layer.xml @@ -4,8 +4,11 @@ - - + + + + + @@ -16,10 +19,10 @@ - + @@ -29,4 +32,4 @@ - + \ No newline at end of file From 1e7e4d9f056a40957238d1a27eda3ca1889a8f63 Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Mon, 14 May 2012 09:54:26 -0700 Subject: [PATCH 18/22] Minor bugfix to Report.java --- Report/src/org/sleuthkit/autopsy/report/Report.java | 1 - 1 file changed, 1 deletion(-) diff --git a/Report/src/org/sleuthkit/autopsy/report/Report.java b/Report/src/org/sleuthkit/autopsy/report/Report.java index 43a5f7a52c..73542a0467 100644 --- a/Report/src/org/sleuthkit/autopsy/report/Report.java +++ b/Report/src/org/sleuthkit/autopsy/report/Report.java @@ -85,7 +85,6 @@ public class Report { table.append("").append(uniqueresults.getString("preview")).append("").append("").append(uniqueresults.getString("exp")).append("").append(""); } - tempDb.close(); tempdbconnect.executeStmt("DROP TABLE IF EXISTS report_keyword;"); tempdbconnect.executeStmt("DROP TABLE IF EXISTS report_preview;"); tempdbconnect.executeStmt("DROP TABLE IF EXISTS report_exp;"); From 641d23771fe29975818593996950c0541cd0ca91 Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Mon, 14 May 2012 15:48:20 -0700 Subject: [PATCH 19/22] Report register service basic check in, unfinished UI changes Signed-off-by: Alex Ebadirad --- .../autopsy/recentactivity/ExtractIE.java | 4 +- .../autopsy/report/Bundle.properties | 5 - .../autopsy/report/ReportFilter.form | 103 +++------- .../autopsy/report/ReportFilter.java | 177 +++++++----------- .../autopsy/report/ReportFilterAction.java | 9 +- .../sleuthkit/autopsy/report/ReportHTML.java | 19 +- .../autopsy/report/ReportModule.java | 10 +- .../sleuthkit/autopsy/report/ReportXLS.java | 21 ++- .../sleuthkit/autopsy/report/ReportXML.java | 27 ++- .../org/sleuthkit/autopsy/report/layer.xml | 4 +- .../register/ReportRegisterService.java | 164 ++++++++++++++++ 11 files changed, 325 insertions(+), 218 deletions(-) create mode 100644 Report/src/org/sleuthkit/autopsy/report/register/ReportRegisterService.java diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java index d7072e8221..3fe84d144e 100755 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java @@ -129,7 +129,7 @@ public class ExtractIE { // implements BrowserActivity { Long datetime = Favorite.getCrtime(); String Tempdate = datetime.toString() + "000"; datetime = Long.valueOf(Tempdate); - String domain = Util.extractDomain(url); + String domain = Util.getBaseDomain(url); try { BlackboardArtifact bbart = Favorite.newArtifact(ARTIFACT_TYPE.TSK_WEB_BOOKMARK); Collection bbattributes = new ArrayList(); @@ -485,7 +485,7 @@ public class ExtractIE { // implements BrowserActivity { realurl = realurl.replaceAll(":(.*?):", ""); realurl = realurl.replace(":Host:", ""); realurl = realurl.trim(); - domain = Util.extractDomain(realurl); + domain = Util.getBaseDomain(realurl); } if (!ddtime.isEmpty()) { ddtime = ddtime.replace("T", " "); diff --git a/Report/src/org/sleuthkit/autopsy/report/Bundle.properties b/Report/src/org/sleuthkit/autopsy/report/Bundle.properties index 7937053bb0..af5d6ace1a 100644 --- a/Report/src/org/sleuthkit/autopsy/report/Bundle.properties +++ b/Report/src/org/sleuthkit/autopsy/report/Bundle.properties @@ -3,15 +3,10 @@ Toolbars/Reports/org-sleuthkit-autopsy-report-ReportAction.shadow=Reports ReportFilter.progBar.string= ReportFilter.cancelButton.actionCommand= ReportFilter.cancelButton.text=Cancel -ReportFilter.jCheckBox3.text=Keyword Hits -ReportFilter.jCheckBox4.text=Hashlist Hits -ReportFilter.jCheckBox5.text=System Information ReportFilter.jButton1.text=Generate Report ReportFilter.jButton2.label= ReportFilter.jButton2.actionCommand= ReportFilter.jButton2.text= -ReportFilter.jCheckBox1.text=Internet History -ReportFilter.jCheckBox2.text=General Info ReportPanel.jLabel1.text=jLabel1 ReportPanel.saveReport.actionCommand= ReportPanel.saveReport.text=Export Report... diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportFilter.form b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.form index 0718f0450a..696ce472f9 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportFilter.form +++ b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.form @@ -18,7 +18,7 @@ - + @@ -36,28 +36,16 @@ - + + + - - + + - - - - - - - - - - - - - - @@ -67,73 +55,20 @@ - - - - + + + - - - - - - - - + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -176,5 +111,23 @@ + + + + + + + + + + + + + + + + + + diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java index 84ffaf3bf5..6749299855 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java @@ -20,12 +20,19 @@ */ package org.sleuthkit.autopsy.report; +import java.awt.GridLayout; import java.awt.event.ActionListener; import java.util.ArrayList; import java.util.logging.Level; import java.util.logging.Logger; +import javax.swing.BorderFactory; +import javax.swing.JCheckBox; +import javax.swing.JLabel; +import javax.swing.JPanel; import javax.swing.SwingUtilities; import javax.swing.SwingWorker; +import javax.swing.border.Border; +import org.openide.util.Lookup; import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.datamodel.BlackboardArtifact; import org.sleuthkit.datamodel.SleuthkitCase; @@ -50,9 +57,11 @@ public class ReportFilter extends javax.swing.JPanel { */ public ReportFilter() { initComponents(); + createReports(); cancel = false; try{ config.getAllTypes(); + } catch(ReportModuleException ex) { @@ -70,40 +79,16 @@ public class ReportFilter extends javax.swing.JPanel { private void initComponents() { jButton2 = new javax.swing.JButton(); - jCheckBox1 = new javax.swing.JCheckBox(); - jCheckBox2 = new javax.swing.JCheckBox(); - jCheckBox3 = new javax.swing.JCheckBox(); - jCheckBox4 = new javax.swing.JCheckBox(); - jCheckBox5 = new javax.swing.JCheckBox(); jButton1 = new javax.swing.JButton(); progBar = new javax.swing.JProgressBar(); cancelButton = new javax.swing.JButton(); + filterpanel = new JPanel(new GridLayout(0, 1)); jButton2.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jButton2.text")); // NOI18N jButton2.setActionCommand(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jButton2.actionCommand")); // NOI18N jButton2.setLabel(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jButton2.label")); // NOI18N - setPreferredSize(new java.awt.Dimension(250, 193)); - - jCheckBox1.setSelected(true); - jCheckBox1.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jCheckBox1.text")); // NOI18N - jCheckBox1.addActionListener(new java.awt.event.ActionListener() { - public void actionPerformed(java.awt.event.ActionEvent evt) { - jCheckBox1ActionPerformed(evt); - } - }); - - jCheckBox2.setSelected(true); - jCheckBox2.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jCheckBox2.text")); // NOI18N - - jCheckBox3.setSelected(true); - jCheckBox3.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jCheckBox3.text")); // NOI18N - - jCheckBox4.setSelected(true); - jCheckBox4.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jCheckBox4.text")); // NOI18N - - jCheckBox5.setSelected(true); - jCheckBox5.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jCheckBox5.text")); // NOI18N + setPreferredSize(new java.awt.Dimension(325, 200)); jButton1.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jButton1.text")); // NOI18N jButton1.addMouseListener(new java.awt.event.MouseAdapter() { @@ -133,6 +118,17 @@ public class ReportFilter extends javax.swing.JPanel { } }); + javax.swing.GroupLayout filterpanelLayout = new javax.swing.GroupLayout(filterpanel); + filterpanel.setLayout(filterpanelLayout); + filterpanelLayout.setHorizontalGroup( + filterpanelLayout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGap(0, 306, Short.MAX_VALUE) + ); + filterpanelLayout.setVerticalGroup( + filterpanelLayout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGap(0, 100, Short.MAX_VALUE) + ); + javax.swing.GroupLayout layout = new javax.swing.GroupLayout(this); this.setLayout(layout); layout.setHorizontalGroup( @@ -140,49 +136,29 @@ public class ReportFilter extends javax.swing.JPanel { .addGroup(layout.createSequentialGroup() .addContainerGap() .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(filterpanel, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addComponent(jButton1) .addGroup(layout.createSequentialGroup() - .addComponent(jButton1) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) - .addComponent(cancelButton) - .addGap(156, 156, 156)) - .addComponent(jCheckBox3) - .addGroup(layout.createSequentialGroup() - .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jCheckBox2) - .addComponent(jCheckBox1)) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jCheckBox5) - .addComponent(jCheckBox4))) - .addComponent(progBar, javax.swing.GroupLayout.PREFERRED_SIZE, 231, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addComponent(progBar, javax.swing.GroupLayout.PREFERRED_SIZE, 231, javax.swing.GroupLayout.PREFERRED_SIZE) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addComponent(cancelButton))) .addContainerGap()) ); layout.setVerticalGroup( layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(layout.createSequentialGroup() .addContainerGap() - .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) - .addComponent(jCheckBox1) - .addComponent(jCheckBox4)) + .addComponent(filterpanel, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addGap(18, 18, 18) - .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) - .addComponent(jCheckBox2) - .addComponent(jCheckBox5)) - .addGap(18, 18, 18) - .addComponent(jCheckBox3) - .addGap(18, 18, 18) - .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) - .addComponent(jButton1, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) - .addComponent(cancelButton, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) + .addComponent(jButton1, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addComponent(progBar, javax.swing.GroupLayout.DEFAULT_SIZE, 23, Short.MAX_VALUE) + .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(progBar, javax.swing.GroupLayout.DEFAULT_SIZE, 23, Short.MAX_VALUE) + .addComponent(cancelButton, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) .addContainerGap()) ); }// //GEN-END:initComponents -private void jCheckBox1ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jCheckBox1ActionPerformed -}//GEN-LAST:event_jCheckBox1ActionPerformed - public void getfilters(java.awt.event.ActionEvent evt) { jButton1ActionPerformed(evt); } @@ -196,57 +172,6 @@ private void jButton1ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRS progBar.setValue(0); filters.clear(); config.resetGenArtifactTypes(); - if (jCheckBox1.isSelected()) { - try { - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_BOOKMARK, true); - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_COOKIE, true); - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_HISTORY, true); - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_WEB_DOWNLOAD, true); - - filters.add(2); - filters.add(3); - filters.add(4); - filters.add(5); - } catch (ReportModuleException ex) { - logger.log(Level.WARNING, "", ex); - } - } - if (jCheckBox2.isSelected()) { - try { - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO, true); - filters.add(1); - } catch (ReportModuleException ex) { - logger.log(Level.WARNING, "", ex); - } - } - if (jCheckBox3.isSelected()) { - try { - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT, true); - filters.add(9); - } catch (ReportModuleException ex) { - logger.log(Level.WARNING, "", ex); - } - } - if (jCheckBox4.isSelected()) { - try { - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT, true); - filters.add(10); - } catch (ReportModuleException ex) { - logger.log(Level.WARNING, "", ex); - } - - } - if (jCheckBox5.isSelected()) { - try { - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_RECENT_OBJECT, true); - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG, true); - config.setGenArtifactType(BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED, true); - filters.add(6); - filters.add(8); - filters.add(11); - } catch (ReportModuleException ex) { - } - } getReports(); }//GEN-LAST:event_jButton1ActionPerformed @@ -299,6 +224,36 @@ private void jButton1MouseReleased(java.awt.event.MouseEvent evt) {//GEN-FIRST:e } }); } + + public void createReports() { + SwingUtilities.invokeLater(new Runnable() { + + @Override + public void run() { + Border border = BorderFactory.createTitledBorder("Reporting Modules"); + filterpanel.setBorder(border); + for (ReportModule m : Lookup.getDefault().lookupAll(ReportModule.class)) + { + String name = m.getName(); + String desc = m.getReportTypeDescription(); + + JCheckBox ch = new JCheckBox(); + ch.setText(name); + ch.setToolTipText(desc); + ch.setSelected(false); + filterpanel.add(ch); + } + + JCheckBox ch = new JCheckBox(); + ch.setText("133454"); + ch.setToolTipText("235325353"); + ch.setSelected(false); + filterpanel.add(ch); + filterpanel.revalidate(); + filterpanel.repaint(); + } + }); + } public void progBarDone() { int max = progBar.getMaximum(); @@ -340,15 +295,13 @@ private void jButton1MouseReleased(java.awt.event.MouseEvent evt) {//GEN-FIRST:e jButton2.addActionListener(e); cancelButton.addActionListener(e); } + + // Variables declaration - do not modify//GEN-BEGIN:variables private javax.swing.JButton cancelButton; + private javax.swing.JPanel filterpanel; private javax.swing.JButton jButton1; private javax.swing.JButton jButton2; - private javax.swing.JCheckBox jCheckBox1; - private javax.swing.JCheckBox jCheckBox2; - private javax.swing.JCheckBox jCheckBox3; - private javax.swing.JCheckBox jCheckBox4; - private javax.swing.JCheckBox jCheckBox5; private javax.swing.JProgressBar progBar; // End of variables declaration//GEN-END:variables } diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportFilterAction.java b/Report/src/org/sleuthkit/autopsy/report/ReportFilterAction.java index 141f409937..a184fe958d 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportFilterAction.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportFilterAction.java @@ -20,11 +20,17 @@ package org.sleuthkit.autopsy.report; import java.awt.Container; import java.awt.Dimension; +import java.awt.GridLayout; import java.awt.Toolkit; import java.util.logging.Level; +import javax.swing.BorderFactory; +import javax.swing.JCheckBox; import javax.swing.JDialog; import javax.swing.JFrame; +import javax.swing.JPanel; +import javax.swing.border.Border; import org.openide.util.HelpCtx; +import org.openide.util.Lookup; import org.sleuthkit.autopsy.coreutils.Log; /** @@ -50,7 +56,7 @@ class ReportFilterAction { cpane = frame.getContentPane(); // initialize panel with loaded settings final ReportFilter panel = new ReportFilter(); - + // add the panel to the popup window popUpWindow.add(panel); popUpWindow.pack(); @@ -61,7 +67,6 @@ class ReportFilterAction { double w = popUpWindow.getSize().getWidth(); double h = popUpWindow.getSize().getHeight(); popUpWindow.setLocation((int) ((screenDimension.getWidth() - w) / 2), (int) ((screenDimension.getHeight() - h) / 2)); - // display the window popUpWindow.setVisible(true); diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java b/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java index cf858a12af..0459148c87 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java @@ -36,6 +36,7 @@ import java.util.logging.Level; import java.util.logging.Logger; import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.autopsy.ingest.IngestManager; +import org.sleuthkit.autopsy.report.register.ReportRegisterService; import org.sleuthkit.datamodel.BlackboardArtifact; import org.sleuthkit.datamodel.BlackboardAttribute; import org.sleuthkit.datamodel.FsContent; @@ -53,9 +54,17 @@ public class ReportHTML implements ReportModule{ private static StringBuilder formatted_header = new StringBuilder(); private static String htmlPath = ""; private ReportConfiguration config; + private static ReportRegisterService instance = null; ReportHTML(){ + } + + public static synchronized ReportRegisterService getDefault() { + if (instance == null) { + instance = new ReportRegisterService(); + } + return instance; } @Override @@ -425,6 +434,12 @@ public class ReportHTML implements ReportModule{ return htmlPath; } + @Override + public String getName(){ + String name = "HTML"; + return name; + } + @Override public void save(String path) @@ -460,10 +475,6 @@ public class ReportHTML implements ReportModule{ return desc; } - @Override - public String generateReport() throws ReportModuleException { - throw new UnsupportedOperationException("Not supported yet."); - } } \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportModule.java b/Report/src/org/sleuthkit/autopsy/report/ReportModule.java index 26c2c4b191..c6ee6d21fe 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportModule.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportModule.java @@ -32,9 +32,6 @@ public interface ReportModule { * @return absolute file path to the report generated * @throws ReportModuleException if report generation failed */ - public String generateReport() throws ReportModuleException; - - //If it uses a report configuration and reports back to the gui its progress public String generateReport(ReportConfiguration config, ReportFilter rr) throws ReportModuleException; /** @@ -51,6 +48,13 @@ public interface ReportModule { * @return */ public String getReportType(); + + /** + * Returns a basic string name for the report. What is 'officially' titled. + * + * @return + */ + public String getName(); /** * Returns the reportconfiguration object that was created diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportXLS.java b/Report/src/org/sleuthkit/autopsy/report/ReportXLS.java index 110e466fc5..f9b5753632 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportXLS.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportXLS.java @@ -35,6 +35,7 @@ import java.util.logging.Logger; import org.apache.poi.ss.usermodel.*; import org.apache.poi.xssf.usermodel.XSSFWorkbook; import org.sleuthkit.autopsy.casemodule.Case; +import org.sleuthkit.autopsy.report.register.ReportRegisterService; import org.sleuthkit.datamodel.*; /** @@ -46,11 +47,19 @@ public class ReportXLS implements ReportModule { public static Workbook wb = new XSSFWorkbook(); private static String xlsPath = ""; private ReportConfiguration config; - + private static ReportRegisterService instance = null; public ReportXLS() { //Empty the workbook first } + + public static synchronized ReportRegisterService getDefault() { + if (instance == null) { + instance = new ReportRegisterService(); + } + return instance; + } + @Override public String generateReport(ReportConfiguration reportconfig, ReportFilter rr) throws ReportModuleException { config = reportconfig; @@ -409,6 +418,12 @@ public class ReportXLS implements ReportModule { } + @Override + public String getName(){ + String name = "Excel"; + return name; + } + @Override public String getReportType(){ String type = "XLS"; @@ -428,8 +443,4 @@ public class ReportXLS implements ReportModule { return desc; } - @Override - public String generateReport() throws ReportModuleException { - throw new UnsupportedOperationException("Not supported yet."); - } } diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportXML.java b/Report/src/org/sleuthkit/autopsy/report/ReportXML.java index 90d980ae66..341396d522 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportXML.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportXML.java @@ -39,6 +39,7 @@ import org.jdom.Element; import org.jdom.output.XMLOutputter; import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.autopsy.ingest.IngestManager; +import org.sleuthkit.autopsy.report.register.ReportRegisterService; import org.sleuthkit.datamodel.*; public class ReportXML implements ReportModule { @@ -46,9 +47,17 @@ public class ReportXML implements ReportModule { public static Document xmldoc = new Document(); private ReportConfiguration reportconfig; private String xmlPath; + private static ReportRegisterService instance = null; public ReportXML() { } + + public static synchronized ReportRegisterService getDefault() { + if (instance == null) { + instance = new ReportRegisterService(); + } + return instance; + } @Override public String generateReport(ReportConfiguration reportconfig, ReportFilter rr) throws ReportModuleException{ @@ -215,6 +224,12 @@ public class ReportXML implements ReportModule { } } + + @Override + public String getName(){ + String name = "Default XML"; + return name; + } @Override public String getReportType() { @@ -234,11 +249,6 @@ public class ReportXML implements ReportModule { return desc; } - @Override - public String generateReport() throws ReportModuleException { - throw new UnsupportedOperationException("Not supported yet."); - } - private class NameVisitor extends ContentVisitor.Default { @Override @@ -255,9 +265,10 @@ public class ReportXML implements ReportModule { public String visit(Image img) { return img.getName(); } - - public String visit(File fil) { - return fil.getName(); + + //@Override + public String visit(File file) { + return file.getName(); } } } diff --git a/Report/src/org/sleuthkit/autopsy/report/layer.xml b/Report/src/org/sleuthkit/autopsy/report/layer.xml index 700d9fc5ff..2fd0ca927b 100644 --- a/Report/src/org/sleuthkit/autopsy/report/layer.xml +++ b/Report/src/org/sleuthkit/autopsy/report/layer.xml @@ -12,9 +12,9 @@
- + - + diff --git a/Report/src/org/sleuthkit/autopsy/report/register/ReportRegisterService.java b/Report/src/org/sleuthkit/autopsy/report/register/ReportRegisterService.java new file mode 100644 index 0000000000..d798aae729 --- /dev/null +++ b/Report/src/org/sleuthkit/autopsy/report/register/ReportRegisterService.java @@ -0,0 +1,164 @@ +/* + * Autopsy Forensic Browser + * + * Copyright 2011 Basis Technology Corp. + * Contact: carrier sleuthkit org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.sleuthkit.autopsy.report.register; + +import java.beans.PropertyChangeListener; +import java.util.logging.Level; +import java.util.logging.Logger; +import org.sleuthkit.autopsy.ingest.IngestImageWorkerController; +import org.sleuthkit.autopsy.ingest.IngestManagerProxy; +import org.sleuthkit.autopsy.ingest.IngestMessage; +import org.sleuthkit.autopsy.ingest.IngestMessage.MessageType; +import org.sleuthkit.autopsy.ingest.IngestServiceImage; +import org.sleuthkit.datamodel.Image; + +/** + * Example implementation of an image ingest service + * + */ +public final class ReportRegisterService implements IngestServiceImage { + + private static final Logger logger = Logger.getLogger(ReportRegisterService.class.getName()); + private static ReportRegisterService defaultInstance = null; + private IngestManagerProxy managerProxy; + private static int messageId = 0; + + //public constructor is required + //as multiple instances are created for processing multiple images simultenously + public ReportRegisterService() { + } + + //default instance used for service registration + public static synchronized ReportRegisterService getDefault() { + if (defaultInstance == null) { + defaultInstance = new ReportRegisterService(); + } + return defaultInstance; + } + + @Override + public void process(Image image, IngestImageWorkerController controller) { + logger.log(Level.INFO, "process() " + this.toString()); + + managerProxy.postMessage(IngestMessage.createMessage(++messageId, MessageType.INFO, this, "Processing " + image.getName())); + + //service specific Image processing code here + //example: + + //if we know amount of work units, we can switch to determinate and update progress bar + int filesToProcess = 100; + controller.switchToDeterminate(filesToProcess); + int processedFiles = 0; + + while (filesToProcess-- > 0) { + + //check if should terminate on every loop iteration + if (controller.isCancelled()) { + return; + } + try { + //do the work + Thread.sleep(500); + //post message to user if found something interesting + managerProxy.postMessage(IngestMessage.createMessage(processedFiles, MessageType.INFO, this, "Processed " + image.getName() + ": " + Integer.toString(processedFiles))); + + //update progress + controller.progress(++processedFiles); + } catch (InterruptedException e) { + } + } + + + } + + @Override + public void complete() { + logger.log(Level.INFO, "complete() " + this.toString()); + + final IngestMessage msg = IngestMessage.createMessage(++messageId, MessageType.INFO, this, "completed image processing"); + managerProxy.postMessage(msg); + + //service specific cleanup due to completion here + } + + @Override + public String getName() { + return "Example Image Service"; + } + + @Override + public String getDescription() { + return "Example Image Service description"; + } + + @Override + public void init(IngestManagerProxy managerProxy) { + logger.log(Level.INFO, "init() " + this.toString()); + this.managerProxy = managerProxy; + + //service specific initialization here + + } + + @Override + public void stop() { + logger.log(Level.INFO, "stop()"); + + //service specific cleanup due to interruption here + } + + @Override + public ServiceType getType() { + return ServiceType.Image; + } + + @Override + public boolean hasSimpleConfiguration() { + return false; + } + + @Override + public boolean hasAdvancedConfiguration() { + return false; + } + + @Override + public javax.swing.JPanel getSimpleConfiguration() { + return null; + } + + @Override + public javax.swing.JPanel getAdvancedConfiguration() { + return null; + } + + @Override + public boolean hasBackgroundJobsRunning() { + return false; + } + + + @Override + public void saveAdvancedConfiguration() { + } + + @Override + public void saveSimpleConfiguration() { + } +} From a06fb7f142dfea50acfdaf64e2fc7b3bfe1298ae Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Tue, 15 May 2012 00:53:04 -0700 Subject: [PATCH 20/22] report action UI changes, improvements using new service lookup --- .../autopsy/report/ReportAction.java | 103 +++++++++++++++-- .../autopsy/report/ReportFilter.form | 80 +++++-------- .../autopsy/report/ReportFilter.java | 91 ++++----------- .../sleuthkit/autopsy/report/ReportHTML.java | 11 +- .../autopsy/report/ReportModule.java | 8 ++ .../autopsy/report/ReportPanelAction.java | 1 - .../sleuthkit/autopsy/report/ReportXLS.java | 106 +++++++++--------- .../sleuthkit/autopsy/report/ReportXML.java | 72 ++++++------ .../org/sleuthkit/autopsy/report/layer.xml | 16 ++- 9 files changed, 271 insertions(+), 217 deletions(-) diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportAction.java b/Report/src/org/sleuthkit/autopsy/report/ReportAction.java index b8c40bdadb..848ffb6a92 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportAction.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportAction.java @@ -20,30 +20,31 @@ */ package org.sleuthkit.autopsy.report; -import java.awt.Component; -import java.awt.Dimension; -import java.awt.Toolkit; +import java.awt.*; import java.awt.event.ActionEvent; import java.awt.event.ActionListener; +import java.awt.event.ItemEvent; +import java.awt.event.ItemListener; import java.beans.PropertyChangeEvent; import java.beans.PropertyChangeListener; import java.io.File; +import java.util.ArrayList; import java.util.logging.Level; import java.util.logging.Logger; -import javax.swing.ImageIcon; -import javax.swing.JButton; -import javax.swing.JDialog; -import javax.swing.JFrame; +import javax.swing.*; +import javax.swing.border.Border; import org.openide.awt.ActionID; import org.openide.awt.ActionReference; import org.openide.awt.ActionReferences; import org.openide.awt.ActionRegistration; import org.openide.util.HelpCtx; +import org.openide.util.Lookup; import org.openide.util.NbBundle.Messages; import org.openide.util.actions.CallableSystemAction; import org.openide.util.actions.Presenter; import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.autopsy.coreutils.Log; +import org.sleuthkit.datamodel.BlackboardArtifact; @ActionID(category = "Tools", id = "org.sleuthkit.autopsy.report.ReportAction") @@ -57,6 +58,10 @@ public final class ReportAction extends CallableSystemAction implements Presente private JButton toolbarButton = new JButton(); private static final String ACTION_NAME = "Generate Report"; static final Logger logger = Logger.getLogger(ReportAction.class.getName()); + private JPanel panel; + private ArrayList reportList = new ArrayList(); + private ArrayList configList = new ArrayList(); + public ReportAction() { setEnabled(false); @@ -106,6 +111,33 @@ public final class ReportAction extends CallableSystemAction implements Presente }); } + + private class reportListener implements ItemListener { + + @Override + public void itemStateChanged(ItemEvent e) { + Object source = e.getItem(); + JCheckBox comp = (JCheckBox)source; + String name = comp.getName(); + JRadioButton buttan = null; + Component[] comps = comp.getParent().getComponents(); + for(Component c : comps) + { + if(c.getName().equals(name+"p")) + { + buttan = (JRadioButton)c; + } + } + if(e.getStateChange() == ItemEvent.DESELECTED) + { + buttan.setEnabled(false); + } + if(e.getStateChange() == ItemEvent.SELECTED) + { + buttan.setEnabled(true); + } + } + }; @Override public void actionPerformed(ActionEvent e) { @@ -114,7 +146,7 @@ public final class ReportAction extends CallableSystemAction implements Presente // create the popUp window for it final JFrame frame = new JFrame(ACTION_NAME); final JDialog popUpWindow = new JDialog(frame, ACTION_NAME, true); // to make the popUp Window to be modal - + popUpWindow.setLayout(new GridLayout(0, 1)); // initialize panel with loaded settings final ReportFilter panel = new ReportFilter(); panel.setjButton2ActionListener(new ActionListener() { @@ -124,9 +156,60 @@ public final class ReportAction extends CallableSystemAction implements Presente popUpWindow.dispose(); } }); + final reportListener listener = new reportListener(); + final JPanel filterpanel = new JPanel(new GridLayout(0, 2, 5, 5)); + final JPanel artpanel = new JPanel(new GridLayout(0, 3, 5, 5)); + SwingUtilities.invokeLater(new Runnable() { + @Override + public void run() { + + Border border = BorderFactory.createTitledBorder("Reporting Modules"); + filterpanel.setBorder(border); + filterpanel.setComponentOrientation(ComponentOrientation.LEFT_TO_RIGHT); + filterpanel.setAlignmentY(Component.TOP_ALIGNMENT); + filterpanel.setAlignmentX(Component.LEFT_ALIGNMENT); + filterpanel.setSize(300, 100); + ButtonGroup previewGroup = new ButtonGroup(); + for (ReportModule m : Lookup.getDefault().lookupAll(ReportModule.class)) { + String name = m.getName(); + String desc = m.getReportTypeDescription(); + JCheckBox ch = new JCheckBox(); + ch.setAlignmentY(Component.TOP_ALIGNMENT); + ch.setText(name); + ch.setName(m.getClass().getName()); + ch.setToolTipText(desc); + ch.setSelected(true); + + JRadioButton cb = new JRadioButton("Preview"); + previewGroup.add(cb); + cb.setName(m.getClass().getName()+"p"); + filterpanel.add(cb, 0); + ch.addItemListener(listener); + filterpanel.add(ch, 0); + } + Border artborder = BorderFactory.createTitledBorder("Report Data"); + artpanel.setBorder(artborder); + artpanel.setComponentOrientation(ComponentOrientation.LEFT_TO_RIGHT); + artpanel.setAlignmentY(Component.TOP_ALIGNMENT); + artpanel.setAlignmentX(Component.LEFT_ALIGNMENT); + artpanel.setSize(300, 100); + for (BlackboardArtifact.ARTIFACT_TYPE a : panel.config.config.keySet()) { + JCheckBox ce = new JCheckBox(); + ce.setText(a.getDisplayName()); + ce.setToolTipText(a.getDisplayName()); + ce.setName(a.getLabel()); + ce.setSelected(true); + artpanel.add(ce); + } + + } + }); + popUpWindow.add(filterpanel, 0); + popUpWindow.add(artpanel, 1); // add the panel to the popup window - popUpWindow.add(panel); + popUpWindow.add(panel, 2); + popUpWindow.pack(); popUpWindow.setResizable(false); @@ -145,7 +228,7 @@ public final class ReportAction extends CallableSystemAction implements Presente Log.get(ReportFilterAction.class).log(Level.WARNING, "Error displaying " + ACTION_NAME + " window.", ex); } } - + @Override public void performAction() { } diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportFilter.form b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.form index 696ce472f9..83cfc136ca 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportFilter.form +++ b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.form @@ -1,4 +1,4 @@ - +
@@ -18,7 +18,7 @@ - + @@ -36,53 +36,39 @@ - + - - - - - + + + + + + + + - + + - - - - - - - + + + - + - - - - - - - - - - - - - - @@ -97,6 +83,20 @@ + + + + + + + + + + + + + + @@ -111,23 +111,5 @@ - - - - - - - - - - - - - - - - - - diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java index 6749299855..e3d1b2fe4e 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java @@ -56,8 +56,8 @@ public class ReportFilter extends javax.swing.JPanel { * Creates new form ReportFilter */ public ReportFilter() { + this.setLayout(new GridLayout(0,1)); initComponents(); - createReports(); cancel = false; try{ config.getAllTypes(); @@ -79,16 +79,22 @@ public class ReportFilter extends javax.swing.JPanel { private void initComponents() { jButton2 = new javax.swing.JButton(); - jButton1 = new javax.swing.JButton(); progBar = new javax.swing.JProgressBar(); + jButton1 = new javax.swing.JButton(); cancelButton = new javax.swing.JButton(); - filterpanel = new JPanel(new GridLayout(0, 1)); jButton2.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jButton2.text")); // NOI18N jButton2.setActionCommand(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jButton2.actionCommand")); // NOI18N jButton2.setLabel(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jButton2.label")); // NOI18N - setPreferredSize(new java.awt.Dimension(325, 200)); + setPreferredSize(new java.awt.Dimension(325, 75)); + + progBar.setDoubleBuffered(true); + progBar.setEnabled(false); + progBar.setName(""); // NOI18N + progBar.setPreferredSize(new java.awt.Dimension(146, 15)); + progBar.setString(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.progBar.string")); // NOI18N + progBar.setStringPainted(true); jButton1.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.jButton1.text")); // NOI18N jButton1.addMouseListener(new java.awt.event.MouseAdapter() { @@ -102,13 +108,6 @@ public class ReportFilter extends javax.swing.JPanel { } }); - progBar.setDoubleBuffered(true); - progBar.setEnabled(false); - progBar.setName(""); // NOI18N - progBar.setPreferredSize(new java.awt.Dimension(146, 15)); - progBar.setString(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.progBar.string")); // NOI18N - progBar.setStringPainted(true); - cancelButton.setText(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.cancelButton.text")); // NOI18N cancelButton.setActionCommand(org.openide.util.NbBundle.getMessage(ReportFilter.class, "ReportFilter.cancelButton.actionCommand")); // NOI18N cancelButton.setEnabled(false); @@ -118,17 +117,6 @@ public class ReportFilter extends javax.swing.JPanel { } }); - javax.swing.GroupLayout filterpanelLayout = new javax.swing.GroupLayout(filterpanel); - filterpanel.setLayout(filterpanelLayout); - filterpanelLayout.setHorizontalGroup( - filterpanelLayout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGap(0, 306, Short.MAX_VALUE) - ); - filterpanelLayout.setVerticalGroup( - filterpanelLayout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGap(0, 100, Short.MAX_VALUE) - ); - javax.swing.GroupLayout layout = new javax.swing.GroupLayout(this); this.setLayout(layout); layout.setHorizontalGroup( @@ -136,26 +124,25 @@ public class ReportFilter extends javax.swing.JPanel { .addGroup(layout.createSequentialGroup() .addContainerGap() .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(filterpanel, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) - .addComponent(jButton1) .addGroup(layout.createSequentialGroup() - .addComponent(progBar, javax.swing.GroupLayout.PREFERRED_SIZE, 231, javax.swing.GroupLayout.PREFERRED_SIZE) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) - .addComponent(cancelButton))) - .addContainerGap()) + .addComponent(jButton1) + .addContainerGap()) + .addGroup(layout.createSequentialGroup() + .addComponent(progBar, javax.swing.GroupLayout.DEFAULT_SIZE, 221, Short.MAX_VALUE) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addComponent(cancelButton) + .addGap(24, 24, 24)))) ); layout.setVerticalGroup( layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(layout.createSequentialGroup() - .addContainerGap() - .addComponent(filterpanel, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) - .addGap(18, 18, 18) - .addComponent(jButton1, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addGap(19, 19, 19) + .addComponent(jButton1) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) - .addComponent(progBar, javax.swing.GroupLayout.DEFAULT_SIZE, 23, Short.MAX_VALUE) - .addComponent(cancelButton, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) - .addContainerGap()) + .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING, false) + .addComponent(cancelButton, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addComponent(progBar, javax.swing.GroupLayout.PREFERRED_SIZE, 23, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) ); }// //GEN-END:initComponents @@ -225,36 +212,7 @@ private void jButton1MouseReleased(java.awt.event.MouseEvent evt) {//GEN-FIRST:e }); } - public void createReports() { - SwingUtilities.invokeLater(new Runnable() { - - @Override - public void run() { - Border border = BorderFactory.createTitledBorder("Reporting Modules"); - filterpanel.setBorder(border); - for (ReportModule m : Lookup.getDefault().lookupAll(ReportModule.class)) - { - String name = m.getName(); - String desc = m.getReportTypeDescription(); - - JCheckBox ch = new JCheckBox(); - ch.setText(name); - ch.setToolTipText(desc); - ch.setSelected(false); - filterpanel.add(ch); - } - - JCheckBox ch = new JCheckBox(); - ch.setText("133454"); - ch.setToolTipText("235325353"); - ch.setSelected(false); - filterpanel.add(ch); - filterpanel.revalidate(); - filterpanel.repaint(); - } - }); - } - + public void progBarDone() { int max = progBar.getMaximum(); progBar.setValue(max); @@ -299,7 +257,6 @@ private void jButton1MouseReleased(java.awt.event.MouseEvent evt) {//GEN-FIRST:e // Variables declaration - do not modify//GEN-BEGIN:variables private javax.swing.JButton cancelButton; - private javax.swing.JPanel filterpanel; private javax.swing.JButton jButton1; private javax.swing.JButton jButton2; private javax.swing.JProgressBar progBar; diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java b/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java index 0459148c87..c355d92fdc 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java @@ -54,15 +54,15 @@ public class ReportHTML implements ReportModule{ private static StringBuilder formatted_header = new StringBuilder(); private static String htmlPath = ""; private ReportConfiguration config; - private static ReportRegisterService instance = null; + private static ReportHTML instance = null; ReportHTML(){ } - public static synchronized ReportRegisterService getDefault() { + public static synchronized ReportHTML getDefault() { if (instance == null) { - instance = new ReportRegisterService(); + instance = new ReportHTML(); } return instance; } @@ -475,6 +475,11 @@ public class ReportHTML implements ReportModule{ return desc; } + @Override + public void getPreview(String path) { + BrowserControl.openUrl(path); + } + } \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportModule.java b/Report/src/org/sleuthkit/autopsy/report/ReportModule.java index c6ee6d21fe..a20a7dd810 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportModule.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportModule.java @@ -68,4 +68,12 @@ public interface ReportModule { * module generates */ public String getReportTypeDescription(); + + + /** + * Calls to the report module to execute a method to display the report that was generated. + *@param String the path to the file + * + */ + public void getPreview(String path); } \ No newline at end of file diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportPanelAction.java b/Report/src/org/sleuthkit/autopsy/report/ReportPanelAction.java index 713ad22f4d..6941b2d17e 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportPanelAction.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportPanelAction.java @@ -75,7 +75,6 @@ public class ReportPanelAction { ReportHTML htmlReport = new ReportHTML(); try{ String htmlpath = htmlReport.generateReport(reportconfig, rr); - BrowserControl.openUrl(htmlpath); } catch(ReportModuleException e){ Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the htmlReport", e); diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportXLS.java b/Report/src/org/sleuthkit/autopsy/report/ReportXLS.java index f9b5753632..894a17d68c 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportXLS.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportXLS.java @@ -20,6 +20,8 @@ */ package org.sleuthkit.autopsy.report; +import java.awt.Desktop; +import java.io.File; import java.io.FileOutputStream; import java.io.IOException; import java.io.File; @@ -35,7 +37,6 @@ import java.util.logging.Logger; import org.apache.poi.ss.usermodel.*; import org.apache.poi.xssf.usermodel.XSSFWorkbook; import org.sleuthkit.autopsy.casemodule.Case; -import org.sleuthkit.autopsy.report.register.ReportRegisterService; import org.sleuthkit.datamodel.*; /** @@ -47,26 +48,26 @@ public class ReportXLS implements ReportModule { public static Workbook wb = new XSSFWorkbook(); private static String xlsPath = ""; private ReportConfiguration config; - private static ReportRegisterService instance = null; + private static ReportXLS instance = null; + public ReportXLS() { //Empty the workbook first - } - - public static synchronized ReportRegisterService getDefault() { + + public static synchronized ReportXLS getDefault() { if (instance == null) { - instance = new ReportRegisterService(); + instance = new ReportXLS(); } return instance; } - + @Override - public String generateReport(ReportConfiguration reportconfig, ReportFilter rr) throws ReportModuleException { - config = reportconfig; - ReportGen reportobj = new ReportGen(); - reportobj.populateReport(reportconfig); - HashMap> report = reportobj.Results; - Workbook wbtemp = new XSSFWorkbook(); + public String generateReport(ReportConfiguration reportconfig, ReportFilter rr) throws ReportModuleException { + config = reportconfig; + ReportGen reportobj = new ReportGen(); + reportobj.populateReport(reportconfig); + HashMap> report = reportobj.Results; + Workbook wbtemp = new XSSFWorkbook(); int countGen = 0; int countBookmark = 0; int countCookie = 0; @@ -132,7 +133,7 @@ public class ReportXLS implements ReportModule { //The first summary report page Sheet sheetSummary = wbtemp.createSheet("Summary"); - + //Generate a sheet per artifact type // Sheet sheetGen = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO.getDisplayName()); Sheet sheetHash = wbtemp.createSheet(BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getDisplayName()); @@ -154,7 +155,7 @@ public class ReportXLS implements ReportModule { font.setFontName("Arial"); font.setBoldweight((short) 2); style.setFont(font); - + //create 'default' style CellStyle defaultstyle = wbtemp.createCellStyle(); defaultstyle.setBorderBottom((short) 2); @@ -196,7 +197,7 @@ public class ReportXLS implements ReportModule { sheetHash.getRow(0).createCell(0).setCellValue("Name"); sheetHash.getRow(0).createCell(1).setCellValue("Size"); sheetHash.getRow(0).createCell(2).setCellValue("Hashset Name"); - + sheetDevice.setDefaultColumnStyle(1, defaultstyle); sheetDevice.createRow(0).setRowStyle(style); sheetDevice.getRow(0).createCell(0).setCellValue("Name"); @@ -393,54 +394,59 @@ public class ReportXLS implements ReportModule { //write out the report to the reports folder, set the wbtemp to the primary wb object - wb = wbtemp; - xlsPath = currentCase.getCaseDirectory() + File.separator + "Reports" + File.separator + caseName + "-" + datenotime + ".xlsx"; - this.save(xlsPath); + wb = wbtemp; + xlsPath = currentCase.getCaseDirectory() + File.separator + "Reports" + File.separator + caseName + "-" + datenotime + ".xlsx"; + this.save(xlsPath); } catch (Exception E) { String test = E.toString(); } - return xlsPath; + return xlsPath; } - - @Override - public void save(String path) - { - try{ - FileOutputStream fos = new FileOutputStream(path); - wb.write(fos); - fos.close(); - } - catch(IOException e){ - Logger.getLogger(ReportHTML.class.getName()).log(Level.SEVERE, "Could not write out XLS report!", e); - } - - } - - @Override - public String getName(){ - String name = "Excel"; - return name; - } - - @Override - public String getReportType(){ - String type = "XLS"; - return type; - } - @Override - public ReportConfiguration GetReportConfiguration(){ + public void save(String path) { + try { + FileOutputStream fos = new FileOutputStream(path); + wb.write(fos); + fos.close(); + } catch (IOException e) { + Logger.getLogger(ReportXLS.class.getName()).log(Level.SEVERE, "Could not write out XLS report!", e); + } + + } + + @Override + public String getName() { + String name = "Excel"; + return name; + } + + @Override + public String getReportType() { + String type = "XLS"; + return type; + } + + @Override + public ReportConfiguration GetReportConfiguration() { return config; } - @Override - public String getReportTypeDescription(){ + public String getReportTypeDescription() { String desc = "This is an xls formatted report that is meant to be viewed in Excel."; return desc; } + @Override + public void getPreview(String path) { + File file = new File(path); + try { + Desktop.getDesktop().open(file); + } catch (IOException e) { + Logger.getLogger(ReportXLS.class.getName()).log(Level.SEVERE, "Could not open XLS report! ", e); + } + } } diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportXML.java b/Report/src/org/sleuthkit/autopsy/report/ReportXML.java index 341396d522..73760c1dea 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportXML.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportXML.java @@ -47,22 +47,22 @@ public class ReportXML implements ReportModule { public static Document xmldoc = new Document(); private ReportConfiguration reportconfig; private String xmlPath; - private static ReportRegisterService instance = null; + private static ReportXML instance = null; public ReportXML() { } - - public static synchronized ReportRegisterService getDefault() { + + public static synchronized ReportXML getDefault() { if (instance == null) { - instance = new ReportRegisterService(); + instance = new ReportXML(); } return instance; } @Override - public String generateReport(ReportConfiguration reportconfig, ReportFilter rr) throws ReportModuleException{ - ReportGen reportobj = new ReportGen(); - reportobj.populateReport(reportconfig); + public String generateReport(ReportConfiguration reportconfig, ReportFilter rr) throws ReportModuleException { + ReportGen reportobj = new ReportGen(); + reportobj.populateReport(reportconfig); HashMap> report = reportobj.Results; try { Case currentCase = Case.getCurrentCase(); // get the most updated case @@ -115,13 +115,12 @@ public class ReportXML implements ReportModule { Long objId = entry.getKey().getObjectID(); Content cont = skCase.getContentById(objId); Long filesize = cont.getSize(); - try{ - artifact.setAttribute("ID", objId.toString()); - artifact.setAttribute("Name", cont.accept(new NameVisitor())); - artifact.setAttribute("Size", filesize.toString()); - } - catch(Exception e){ - Logger.getLogger(ReportXML.class.getName()).log(Level.WARNING, "Visitor content exception occurred:", e); + try { + artifact.setAttribute("ID", objId.toString()); + artifact.setAttribute("Name", cont.accept(new NameVisitor())); + artifact.setAttribute("Size", filesize.toString()); + } catch (Exception e) { + Logger.getLogger(ReportXML.class.getName()).log(Level.WARNING, "Visitor content exception occurred:", e); } // Get all the attributes for this guy for (BlackboardAttribute tempatt : entry.getValue()) { @@ -196,11 +195,11 @@ public class ReportXML implements ReportModule { root.addContent(nodeKeyword); root.addContent(nodeHash); root.addContent(nodeDevice); - - + + //Export it the first time - xmlPath = currentCase.getCaseDirectory() + File.separator + "Reports" + File.separator + caseName + "-" + datenotime + ".xml"; - this.save(xmlPath); + xmlPath = currentCase.getCaseDirectory() + File.separator + "Reports" + File.separator + caseName + "-" + datenotime + ".xml"; + this.save(xmlPath); } catch (Exception e) { Logger.getLogger(ReportXML.class.getName()).log(Level.WARNING, "Exception occurred", e); @@ -211,24 +210,24 @@ public class ReportXML implements ReportModule { @Override public void save(String path) { - + try { - - FileOutputStream out = new FileOutputStream(path); - XMLOutputter serializer = new XMLOutputter(); - serializer.output(xmldoc, out); - out.flush(); - out.close(); - } catch (IOException e) { - System.err.println(e); - } - + + FileOutputStream out = new FileOutputStream(path); + XMLOutputter serializer = new XMLOutputter(); + serializer.output(xmldoc, out); + out.flush(); + out.close(); + } catch (IOException e) { + System.err.println(e); + } + } - + @Override - public String getName(){ - String name = "Default XML"; - return name; + public String getName() { + String name = "Default XML"; + return name; } @Override @@ -243,6 +242,11 @@ public class ReportXML implements ReportModule { return config; } + @Override + public void getPreview(String path) { + BrowserControl.openUrl(path); + } + @Override public String getReportTypeDescription() { String desc = "This is an html formatted report that is meant to be viewed in a modern browser."; @@ -265,7 +269,7 @@ public class ReportXML implements ReportModule { public String visit(Image img) { return img.getName(); } - + //@Override public String visit(File file) { return file.getName(); diff --git a/Report/src/org/sleuthkit/autopsy/report/layer.xml b/Report/src/org/sleuthkit/autopsy/report/layer.xml index 2fd0ca927b..9722211874 100644 --- a/Report/src/org/sleuthkit/autopsy/report/layer.xml +++ b/Report/src/org/sleuthkit/autopsy/report/layer.xml @@ -12,9 +12,19 @@
- - - + + + + + + + + + + + + + From 6594de3e376805df1432810818beab962772137c Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Tue, 15 May 2012 03:05:55 -0700 Subject: [PATCH 21/22] Bug fixes and tweaks to GUI and report framework Signed-off-by: Alex Ebadirad --- .../autopsy/report/ReportAction.java | 131 ++++++--- .../autopsy/report/ReportConfiguration.java | 4 +- .../autopsy/report/ReportFilter.java | 25 +- .../autopsy/report/ReportFilterAction.java | 6 - .../sleuthkit/autopsy/report/ReportHTML.java | 1 - .../autopsy/report/ReportPanelAction.java | 249 ++++++++++-------- .../sleuthkit/autopsy/report/ReportXML.java | 1 - .../org/sleuthkit/autopsy/report/layer.xml | 23 +- .../register/ReportRegisterService.java | 164 ------------ 9 files changed, 251 insertions(+), 353 deletions(-) delete mode 100644 Report/src/org/sleuthkit/autopsy/report/register/ReportRegisterService.java diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportAction.java b/Report/src/org/sleuthkit/autopsy/report/ReportAction.java index 848ffb6a92..e8142cc9c1 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportAction.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportAction.java @@ -46,25 +46,23 @@ import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.autopsy.coreutils.Log; import org.sleuthkit.datamodel.BlackboardArtifact; -@ActionID(category = "Tools", -id = "org.sleuthkit.autopsy.report.ReportAction") +@ActionID(category = "Tools", id = "org.sleuthkit.autopsy.report.ReportAction") @ActionRegistration(displayName = "#CTL_ReportAction") -@ActionReferences({ - @ActionReference(path = "Menu/Tools", position = 80) -}) -@Messages("CTL_ReportAction=Run Report") +@ActionReferences(value = { + @ActionReference(path = "Menu/Tools", position = 80)}) +@Messages(value = "CTL_ReportAction=Run Report") public final class ReportAction extends CallableSystemAction implements Presenter.Toolbar { private JButton toolbarButton = new JButton(); private static final String ACTION_NAME = "Generate Report"; static final Logger logger = Logger.getLogger(ReportAction.class.getName()); private JPanel panel; - private ArrayList reportList = new ArrayList(); - private ArrayList configList = new ArrayList(); - + public static ArrayList reportList = new ArrayList(); + public static String preview; + public static ReportConfiguration config; public ReportAction() { - setEnabled(false); + setEnabled(false); Case.addPropertyChangeListener(new PropertyChangeListener() { @Override @@ -86,12 +84,12 @@ public final class ReportAction extends CallableSystemAction implements Presente Case newCase = (Case) evt.getNewValue(); if (newCase != null) { - boolean exists = (new File(newCase.getCaseDirectory() + "\\Reports")).exists(); + boolean exists = (new File(newCase.getCaseDirectory() + File.separator + "Reports")).exists(); if (exists) { // report directory exists -- don't need to do anything } else { // report directory does not exist -- create it - boolean reportCreate = (new File(newCase.getCaseDirectory() + "\\Reports")).mkdirs(); + boolean reportCreate = (new File(newCase.getCaseDirectory() + File.separator + "Reports")).mkdirs(); if (!reportCreate) { logger.log(Level.WARNING, "Could not create Reports directory for case. It does not exist."); } @@ -106,38 +104,79 @@ public final class ReportAction extends CallableSystemAction implements Presente @Override public void actionPerformed(ActionEvent e) { - ReportAction.this.actionPerformed(e); + ReportPanel.this.actionPerformed(e); } }); } - + private class reportListener implements ItemListener { - @Override - public void itemStateChanged(ItemEvent e) { - Object source = e.getItem(); - JCheckBox comp = (JCheckBox)source; - String name = comp.getName(); - JRadioButton buttan = null; - Component[] comps = comp.getParent().getComponents(); - for(Component c : comps) - { - if(c.getName().equals(name+"p")) - { - buttan = (JRadioButton)c; - } - } - if(e.getStateChange() == ItemEvent.DESELECTED) - { - buttan.setEnabled(false); - } - if(e.getStateChange() == ItemEvent.SELECTED) - { - buttan.setEnabled(true); - } - } - }; + @Override + public void itemStateChanged(ItemEvent e) { + Object source = e.getItem(); + JCheckBox comp = (JCheckBox) source; + String name = comp.getName(); + JRadioButton buttan = null; + Component[] comps = comp.getParent().getComponents(); + for (Component c : comps) { + if (c.getName().equals(name + "p")) { + buttan = (JRadioButton) c; + } + } + if (e.getStateChange() == ItemEvent.DESELECTED) { + buttan.setEnabled(false); + } + if (e.getStateChange() == ItemEvent.SELECTED) { + buttan.setEnabled(true); + } + } + }; + + private class configListener implements ItemListener { + + @Override + public void itemStateChanged(ItemEvent e) { + Object source = e.getItem(); + JCheckBox comp = (JCheckBox) source; + String name = comp.getName(); + BlackboardArtifact.ARTIFACT_TYPE type = BlackboardArtifact.ARTIFACT_TYPE.valueOf(name); + if (e.getStateChange() == ItemEvent.DESELECTED) { + try { + config.setGenArtifactType(type, Boolean.FALSE); + } catch (ReportModuleException ex) { + } + } + if (e.getStateChange() == ItemEvent.SELECTED) { + try { + config.setGenArtifactType(type, Boolean.TRUE); + } catch (ReportModuleException ex) { + } + } + } + }; + + private class previewListener implements ItemListener { + + @Override + public void itemStateChanged(ItemEvent e) { + Object source = e.getItem(); + JRadioButton comp = (JRadioButton) source; + String name = comp.getName(); + JRadioButton buttan = new JRadioButton(); + Component[] comps = comp.getParent().getComponents(); + for (Component c : comps) { + if (c.getName().equals(name)) { + buttan = (JRadioButton) c; + } + } + if (e.getStateChange() == ItemEvent.SELECTED) { + String temp = buttan.getName(); + temp = temp.substring(0, temp.length()-1); + preview = temp; + } + } + }; @Override public void actionPerformed(ActionEvent e) { @@ -157,6 +196,11 @@ public final class ReportAction extends CallableSystemAction implements Presente } }); final reportListener listener = new reportListener(); + final configListener clistener = new configListener(); + final previewListener plistener = new previewListener(); + preview = ""; + reportList.clear(); + config = new ReportConfiguration(); final JPanel filterpanel = new JPanel(new GridLayout(0, 2, 5, 5)); final JPanel artpanel = new JPanel(new GridLayout(0, 3, 5, 5)); SwingUtilities.invokeLater(new Runnable() { @@ -170,7 +214,7 @@ public final class ReportAction extends CallableSystemAction implements Presente filterpanel.setAlignmentY(Component.TOP_ALIGNMENT); filterpanel.setAlignmentX(Component.LEFT_ALIGNMENT); filterpanel.setSize(300, 100); - ButtonGroup previewGroup = new ButtonGroup(); + ButtonGroup previewGroup = new ButtonGroup(); for (ReportModule m : Lookup.getDefault().lookupAll(ReportModule.class)) { String name = m.getName(); String desc = m.getReportTypeDescription(); @@ -180,12 +224,14 @@ public final class ReportAction extends CallableSystemAction implements Presente ch.setName(m.getClass().getName()); ch.setToolTipText(desc); ch.setSelected(true); - + JRadioButton cb = new JRadioButton("Preview"); previewGroup.add(cb); - cb.setName(m.getClass().getName()+"p"); + cb.setName(m.getClass().getName() + "p"); + cb.addItemListener(plistener); filterpanel.add(cb, 0); ch.addItemListener(listener); + reportList.add(ch); filterpanel.add(ch, 0); } Border artborder = BorderFactory.createTitledBorder("Report Data"); @@ -200,6 +246,7 @@ public final class ReportAction extends CallableSystemAction implements Presente ce.setToolTipText(a.getDisplayName()); ce.setName(a.getLabel()); ce.setSelected(true); + ce.addItemListener(clistener); artpanel.add(ce); } @@ -228,7 +275,7 @@ public final class ReportAction extends CallableSystemAction implements Presente Log.get(ReportFilterAction.class).log(Level.WARNING, "Error displaying " + ACTION_NAME + " window.", ex); } } - + @Override public void performAction() { } diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java b/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java index c04a8d3f9d..405a328645 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportConfiguration.java @@ -50,7 +50,7 @@ class ReportConfiguration { try { ArrayList arttypes = skCase.getBlackboardArtifactTypes(); for (BlackboardArtifact.ARTIFACT_TYPE type : arttypes) { - config.put(type, Boolean.FALSE); + config.put(type, Boolean.TRUE); } } catch (Exception ex) { @@ -73,7 +73,7 @@ class ReportConfiguration { try { ArrayList arttypes = skCase.getBlackboardArtifactTypes(); for (BlackboardArtifact.ARTIFACT_TYPE type : arttypes) { - config.put(type, Boolean.FALSE); + config.put(type, Boolean.TRUE); } } catch (Exception ex) { diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java index e3d1b2fe4e..86ef0f121d 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportFilter.java @@ -25,12 +25,7 @@ import java.awt.event.ActionListener; import java.util.ArrayList; import java.util.logging.Level; import java.util.logging.Logger; -import javax.swing.BorderFactory; -import javax.swing.JCheckBox; -import javax.swing.JLabel; -import javax.swing.JPanel; -import javax.swing.SwingUtilities; -import javax.swing.SwingWorker; +import javax.swing.*; import javax.swing.border.Border; import org.openide.util.Lookup; import org.sleuthkit.autopsy.casemodule.Case; @@ -157,17 +152,27 @@ private void jButton1ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRS cancelButton.setEnabled(true); progBar.setStringPainted(true); progBar.setValue(0); - filters.clear(); + ReportConfiguration newConfig = ReportAction.config; + String preview = ReportAction.preview; + ArrayList reportList = ReportAction.reportList; + ArrayList classList = new ArrayList(); + for(JCheckBox box : reportList) + { + if(box.isSelected()){ + classList.add(box.getName()); + + } + } config.resetGenArtifactTypes(); - getReports(); + getReports(newConfig, classList, preview); }//GEN-LAST:event_jButton1ActionPerformed - public void getReports() { + public void getReports(final ReportConfiguration reportConfig, final ArrayList classList, final String preview) { new SwingWorker() { @Override protected Void doInBackground() throws Exception { - rpa.reportGenerate(config, panel); + rpa.reportGenerate(reportConfig, classList, preview, panel); return null; } diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportFilterAction.java b/Report/src/org/sleuthkit/autopsy/report/ReportFilterAction.java index a184fe958d..3dbee14e68 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportFilterAction.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportFilterAction.java @@ -20,17 +20,11 @@ package org.sleuthkit.autopsy.report; import java.awt.Container; import java.awt.Dimension; -import java.awt.GridLayout; import java.awt.Toolkit; import java.util.logging.Level; -import javax.swing.BorderFactory; -import javax.swing.JCheckBox; import javax.swing.JDialog; import javax.swing.JFrame; -import javax.swing.JPanel; -import javax.swing.border.Border; import org.openide.util.HelpCtx; -import org.openide.util.Lookup; import org.sleuthkit.autopsy.coreutils.Log; /** diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java b/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java index c355d92fdc..0a456945cc 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java @@ -36,7 +36,6 @@ import java.util.logging.Level; import java.util.logging.Logger; import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.autopsy.ingest.IngestManager; -import org.sleuthkit.autopsy.report.register.ReportRegisterService; import org.sleuthkit.datamodel.BlackboardArtifact; import org.sleuthkit.datamodel.BlackboardAttribute; import org.sleuthkit.datamodel.FsContent; diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportPanelAction.java b/Report/src/org/sleuthkit/autopsy/report/ReportPanelAction.java index 6941b2d17e..7feedfd07d 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportPanelAction.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportPanelAction.java @@ -24,6 +24,8 @@ import java.awt.Dimension; import java.awt.Toolkit; import java.awt.event.ActionEvent; import java.awt.event.ActionListener; +import java.lang.reflect.Method; +import java.util.ArrayList; import java.util.logging.Level; import java.util.logging.Logger; import javax.swing.JDialog; @@ -36,127 +38,152 @@ import org.sleuthkit.autopsy.coreutils.Log; * @author Alex */ public class ReportPanelAction { - private static final String ACTION_NAME = "Report Preview"; - private StringBuilder viewReport = new StringBuilder(); - public ReportPanelAction(){ - - } - - public void reportGenerate(final ReportConfiguration reportconfig, final ReportFilter rr){ - try { - //Clear any old reports in the string - viewReport.setLength(0); - + private static final String ACTION_NAME = "Report Preview"; + private StringBuilder viewReport = new StringBuilder(); + + public ReportPanelAction() { + } + + public void reportGenerate(final ReportConfiguration reportconfig, final ArrayList classList, final String preview, final ReportFilter rr) { + try { + //Clear any old reports in the string + viewReport.setLength(0); + + // Generate the reports and create the hashmap - final ReportGen report = new ReportGen(); - //see what reports we need to run and run them - //Set progress bar to move while doing this - SwingUtilities.invokeLater(new Runnable() { + final ReportGen report = new ReportGen(); + //see what reports we need to run and run them + //Set progress bar to move while doing this + SwingUtilities.invokeLater(new Runnable() { + @Override public void run() { - rr.progBarStartText(); - }}); - report.populateReport(reportconfig); - SwingUtilities.invokeLater(new Runnable() { + rr.progBarStartText(); + } + }); + report.populateReport(reportconfig); + SwingUtilities.invokeLater(new Runnable() { + @Override public void run() { - rr.progBarCount(2*report.Results.size()); - }}); - //Turn our results into the appropriate xml/html reports - //TODO: add a way for users to select what they will run when - Thread reportThread = new Thread(new Runnable() - { + rr.progBarCount(2 * report.Results.size()); + } + }); + //Turn our results into the appropriate xml/html reports + //TODO: add a way for users to select what they will run when + Thread reportThread = new Thread(new Runnable() { + @Override - public void run() - { - StopWatch a = new StopWatch(); - a.start(); - ReportHTML htmlReport = new ReportHTML(); - try{ - String htmlpath = htmlReport.generateReport(reportconfig, rr); - } - catch(ReportModuleException e){ - Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the htmlReport", e); - } - a.stop(); - System.out.println("html in milliseconds: " + a.getElapsedTime()); + public void run() { - StopWatch s = new StopWatch(); - s.start(); - ReportXLS xlsReport = new ReportXLS(); - try{ - xlsReport.generateReport(reportconfig,rr); - } - catch(ReportModuleException e){ - Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the XLS Report", e); - } - s.stop(); - System.out.println("xls in milliseconds: " + s.getElapsedTime()); - - StopWatch S = new StopWatch(); - S.start(); - ReportXML xmlReport = new ReportXML(); - try{ - xmlReport.generateReport(reportconfig,rr); - } - catch(ReportModuleException e){ - Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the XML Report", e); - } - S.stop(); - System.out.println("xml in milliseconds: " + S.getElapsedTime()); - } - }); - - - // start our threads - reportThread.start(); - - // display the window - - // create the popUp window for it - if(ReportFilter.cancel == false){ - - final JFrame frame = new JFrame(ACTION_NAME); - final JDialog popUpWindow = new JDialog(frame, ACTION_NAME, true); // to make the popUp Window to be modal - - - // initialize panel with loaded settings - - //Set the temporary label to let the user know its done and is waiting on the report - rr.progBarText(); - final ReportPanel panel = new ReportPanel(); - - - panel.setjButton1ActionListener(new ActionListener() { - - @Override - public void actionPerformed(ActionEvent e) { - popUpWindow.dispose(); + for (String s : classList) { + + try { + Class reportclass = Class.forName(s); + Object reportObject = reportclass.newInstance(); + Class[] argTypes = new Class[] { ReportConfiguration.class, ReportFilter.class}; + Method generatereport = reportclass.getDeclaredMethod("generateReport",argTypes); + Object invoke = generatereport.invoke(reportObject,reportconfig,rr); + String path = invoke.toString(); + Class[] argTypes2 = new Class[] { String.class}; + Method getpreview = reportclass.getMethod("getPreview",argTypes2); + + + if(s == null ? preview == null : s.equals(preview)) + { + getpreview.invoke(reportObject,path); } - }); - // add the panel to the popup window - popUpWindow.add(panel); - - popUpWindow.setResizable(true); - popUpWindow.pack(); - // set the location of the popUp Window on the center of the screen - Dimension screenDimension = Toolkit.getDefaultToolkit().getScreenSize(); - double w = popUpWindow.getSize().getWidth(); - double h = popUpWindow.getSize().getHeight(); - popUpWindow.setLocation((int) ((screenDimension.getWidth() - w) / 2), (int) ((screenDimension.getHeight() - h) / 2)); - - reportThread.join(); - rr.progBarDone(); - panel.setFinishedReportText(); - popUpWindow.setVisible(true); - - - - - } + + } catch (Exception e) { + + } + } + +// StopWatch a = new StopWatch(); +// a.start(); +// ReportHTML htmlReport = new ReportHTML(); +// try { +// String htmlpath = htmlReport.generateReport(reportconfig, rr); +// } catch (ReportModuleException e) { +// Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the htmlReport", e); +// } +// a.stop(); +// System.out.println("html in milliseconds: " + a.getElapsedTime()); +// +// StopWatch s = new StopWatch(); +// s.start(); +// ReportXLS xlsReport = new ReportXLS(); +// try { +// xlsReport.generateReport(reportconfig, rr); +// } catch (ReportModuleException e) { +// Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the XLS Report", e); +// } +// s.stop(); +// System.out.println("xls in milliseconds: " + s.getElapsedTime()); +// +// StopWatch S = new StopWatch(); +// S.start(); +// ReportXML xmlReport = new ReportXML(); +// try { +// xmlReport.generateReport(reportconfig, rr); +// } catch (ReportModuleException e) { +// Logger.getLogger(ReportHTML.class.getName()).log(Level.WARNING, "Exception occurred in generating the XML Report", e); +// } +// S.stop(); +// System.out.println("xml in milliseconds: " + S.getElapsedTime()); + } + }); + + + // start our threads + reportThread.start(); + + // display the window + + // create the popUp window for it + if (ReportFilter.cancel == false) { + + final JFrame frame = new JFrame(ACTION_NAME); + final JDialog popUpWindow = new JDialog(frame, ACTION_NAME, true); // to make the popUp Window to be modal + + + // initialize panel with loaded settings + + //Set the temporary label to let the user know its done and is waiting on the report + rr.progBarText(); + final ReportPanel panel = new ReportPanel(); + + + panel.setjButton1ActionListener(new ActionListener() { + + @Override + public void actionPerformed(ActionEvent e) { + popUpWindow.dispose(); + } + }); + // add the panel to the popup window + popUpWindow.add(panel); + + popUpWindow.setResizable(true); + popUpWindow.pack(); + // set the location of the popUp Window on the center of the screen + Dimension screenDimension = Toolkit.getDefaultToolkit().getScreenSize(); + double w = popUpWindow.getSize().getWidth(); + double h = popUpWindow.getSize().getHeight(); + popUpWindow.setLocation((int) ((screenDimension.getWidth() - w) / 2), (int) ((screenDimension.getHeight() - h) / 2)); + + reportThread.join(); + rr.progBarDone(); + panel.setFinishedReportText(); + popUpWindow.setVisible(true); + + + + + } } catch (Exception ex) { Log.get(ReportFilterAction.class).log(Level.WARNING, "Error displaying " + ACTION_NAME + " window.", ex); } - } + } } diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportXML.java b/Report/src/org/sleuthkit/autopsy/report/ReportXML.java index 73760c1dea..7858100fde 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportXML.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportXML.java @@ -39,7 +39,6 @@ import org.jdom.Element; import org.jdom.output.XMLOutputter; import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.autopsy.ingest.IngestManager; -import org.sleuthkit.autopsy.report.register.ReportRegisterService; import org.sleuthkit.datamodel.*; public class ReportXML implements ReportModule { diff --git a/Report/src/org/sleuthkit/autopsy/report/layer.xml b/Report/src/org/sleuthkit/autopsy/report/layer.xml index 9722211874..910891e120 100644 --- a/Report/src/org/sleuthkit/autopsy/report/layer.xml +++ b/Report/src/org/sleuthkit/autopsy/report/layer.xml @@ -1,11 +1,6 @@ - - - - - @@ -15,25 +10,21 @@ - + - + - + - + - - + @@ -41,5 +32,5 @@ - - \ No newline at end of file + + diff --git a/Report/src/org/sleuthkit/autopsy/report/register/ReportRegisterService.java b/Report/src/org/sleuthkit/autopsy/report/register/ReportRegisterService.java deleted file mode 100644 index d798aae729..0000000000 --- a/Report/src/org/sleuthkit/autopsy/report/register/ReportRegisterService.java +++ /dev/null @@ -1,164 +0,0 @@ -/* - * Autopsy Forensic Browser - * - * Copyright 2011 Basis Technology Corp. - * Contact: carrier sleuthkit org - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.sleuthkit.autopsy.report.register; - -import java.beans.PropertyChangeListener; -import java.util.logging.Level; -import java.util.logging.Logger; -import org.sleuthkit.autopsy.ingest.IngestImageWorkerController; -import org.sleuthkit.autopsy.ingest.IngestManagerProxy; -import org.sleuthkit.autopsy.ingest.IngestMessage; -import org.sleuthkit.autopsy.ingest.IngestMessage.MessageType; -import org.sleuthkit.autopsy.ingest.IngestServiceImage; -import org.sleuthkit.datamodel.Image; - -/** - * Example implementation of an image ingest service - * - */ -public final class ReportRegisterService implements IngestServiceImage { - - private static final Logger logger = Logger.getLogger(ReportRegisterService.class.getName()); - private static ReportRegisterService defaultInstance = null; - private IngestManagerProxy managerProxy; - private static int messageId = 0; - - //public constructor is required - //as multiple instances are created for processing multiple images simultenously - public ReportRegisterService() { - } - - //default instance used for service registration - public static synchronized ReportRegisterService getDefault() { - if (defaultInstance == null) { - defaultInstance = new ReportRegisterService(); - } - return defaultInstance; - } - - @Override - public void process(Image image, IngestImageWorkerController controller) { - logger.log(Level.INFO, "process() " + this.toString()); - - managerProxy.postMessage(IngestMessage.createMessage(++messageId, MessageType.INFO, this, "Processing " + image.getName())); - - //service specific Image processing code here - //example: - - //if we know amount of work units, we can switch to determinate and update progress bar - int filesToProcess = 100; - controller.switchToDeterminate(filesToProcess); - int processedFiles = 0; - - while (filesToProcess-- > 0) { - - //check if should terminate on every loop iteration - if (controller.isCancelled()) { - return; - } - try { - //do the work - Thread.sleep(500); - //post message to user if found something interesting - managerProxy.postMessage(IngestMessage.createMessage(processedFiles, MessageType.INFO, this, "Processed " + image.getName() + ": " + Integer.toString(processedFiles))); - - //update progress - controller.progress(++processedFiles); - } catch (InterruptedException e) { - } - } - - - } - - @Override - public void complete() { - logger.log(Level.INFO, "complete() " + this.toString()); - - final IngestMessage msg = IngestMessage.createMessage(++messageId, MessageType.INFO, this, "completed image processing"); - managerProxy.postMessage(msg); - - //service specific cleanup due to completion here - } - - @Override - public String getName() { - return "Example Image Service"; - } - - @Override - public String getDescription() { - return "Example Image Service description"; - } - - @Override - public void init(IngestManagerProxy managerProxy) { - logger.log(Level.INFO, "init() " + this.toString()); - this.managerProxy = managerProxy; - - //service specific initialization here - - } - - @Override - public void stop() { - logger.log(Level.INFO, "stop()"); - - //service specific cleanup due to interruption here - } - - @Override - public ServiceType getType() { - return ServiceType.Image; - } - - @Override - public boolean hasSimpleConfiguration() { - return false; - } - - @Override - public boolean hasAdvancedConfiguration() { - return false; - } - - @Override - public javax.swing.JPanel getSimpleConfiguration() { - return null; - } - - @Override - public javax.swing.JPanel getAdvancedConfiguration() { - return null; - } - - @Override - public boolean hasBackgroundJobsRunning() { - return false; - } - - - @Override - public void saveAdvancedConfiguration() { - } - - @Override - public void saveSimpleConfiguration() { - } -} From 7a23eedfaaf033205d09bbbe5d4769d4e81cd530 Mon Sep 17 00:00:00 2001 From: Alex Ebadirad Date: Tue, 15 May 2012 03:38:46 -0700 Subject: [PATCH 22/22] Changed how progress bar works. --- .../autopsy/report/ReportAction.java | 2 +- .../sleuthkit/autopsy/report/ReportHTML.java | 7 ++----- .../autopsy/report/ReportModule.java | 2 +- .../autopsy/report/ReportPanelAction.java | 19 ++++++++++--------- .../sleuthkit/autopsy/report/ReportXLS.java | 6 +----- .../sleuthkit/autopsy/report/ReportXML.java | 5 ++--- 6 files changed, 17 insertions(+), 24 deletions(-) diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportAction.java b/Report/src/org/sleuthkit/autopsy/report/ReportAction.java index e8142cc9c1..6e148c83eb 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportAction.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportAction.java @@ -104,7 +104,7 @@ public final class ReportAction extends CallableSystemAction implements Presente @Override public void actionPerformed(ActionEvent e) { - ReportPanel.this.actionPerformed(e); + ReportAction.this.actionPerformed(e); } }); diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java b/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java index 0a456945cc..8d7b606ca1 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportHTML.java @@ -67,7 +67,7 @@ public class ReportHTML implements ReportModule{ } @Override - public String generateReport(ReportConfiguration reportconfig, ReportFilter rr) throws ReportModuleException { + public String generateReport(ReportConfiguration reportconfig) throws ReportModuleException { config = reportconfig; ReportGen reportobj = new ReportGen(); reportobj.populateReport(reportconfig); @@ -239,7 +239,6 @@ public class ReportHTML implements ReportModule{ if (ReportFilter.cancel == true) { break; } - int cc = 0; if (alt > 0) { altRow = " class=\"alt\""; @@ -286,7 +285,7 @@ public class ReportHTML implements ReportModule{ } value = ReportUtils.insertPeriodically(value, "
", 30); attributes.put(type, value); - cc++; + } @@ -370,8 +369,6 @@ public class ReportHTML implements ReportModule{ artifact.append(""); nodeDevice.append(artifact); } - cc++; - rr.progBarSet(cc); } //Add them back in order //formatted_Report.append(nodeGen); diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportModule.java b/Report/src/org/sleuthkit/autopsy/report/ReportModule.java index a20a7dd810..7178888ee0 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportModule.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportModule.java @@ -32,7 +32,7 @@ public interface ReportModule { * @return absolute file path to the report generated * @throws ReportModuleException if report generation failed */ - public String generateReport(ReportConfiguration config, ReportFilter rr) throws ReportModuleException; + public String generateReport(ReportConfiguration config) throws ReportModuleException; /** * This saves a copy of the report (current one) to another place specified diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportPanelAction.java b/Report/src/org/sleuthkit/autopsy/report/ReportPanelAction.java index 7feedfd07d..2ac1aa5844 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportPanelAction.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportPanelAction.java @@ -41,7 +41,7 @@ public class ReportPanelAction { private static final String ACTION_NAME = "Report Preview"; private StringBuilder viewReport = new StringBuilder(); - + private int cc = 0; public ReportPanelAction() { } @@ -62,12 +62,11 @@ public class ReportPanelAction { rr.progBarStartText(); } }); - report.populateReport(reportconfig); SwingUtilities.invokeLater(new Runnable() { @Override public void run() { - rr.progBarCount(2 * report.Results.size()); + rr.progBarCount(classList.size()); } }); //Turn our results into the appropriate xml/html reports @@ -78,13 +77,13 @@ public class ReportPanelAction { public void run() { for (String s : classList) { - + cc++; try { Class reportclass = Class.forName(s); Object reportObject = reportclass.newInstance(); - Class[] argTypes = new Class[] { ReportConfiguration.class, ReportFilter.class}; + Class[] argTypes = new Class[] { ReportConfiguration.class}; Method generatereport = reportclass.getDeclaredMethod("generateReport",argTypes); - Object invoke = generatereport.invoke(reportObject,reportconfig,rr); + Object invoke = generatereport.invoke(reportObject,reportconfig); String path = invoke.toString(); Class[] argTypes2 = new Class[] { String.class}; Method getpreview = reportclass.getMethod("getPreview",argTypes2); @@ -94,10 +93,11 @@ public class ReportPanelAction { { getpreview.invoke(reportObject,path); } - + } catch (Exception e) { } + rr.progBarSet(cc); } // StopWatch a = new StopWatch(); @@ -151,7 +151,7 @@ public class ReportPanelAction { // initialize panel with loaded settings //Set the temporary label to let the user know its done and is waiting on the report - rr.progBarText(); + final ReportPanel panel = new ReportPanel(); @@ -173,7 +173,8 @@ public class ReportPanelAction { double h = popUpWindow.getSize().getHeight(); popUpWindow.setLocation((int) ((screenDimension.getWidth() - w) / 2), (int) ((screenDimension.getHeight() - h) / 2)); - reportThread.join(); + reportThread.join(); + rr.progBarText(); rr.progBarDone(); panel.setFinishedReportText(); popUpWindow.setVisible(true); diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportXLS.java b/Report/src/org/sleuthkit/autopsy/report/ReportXLS.java index 894a17d68c..94a72b0454 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportXLS.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportXLS.java @@ -62,7 +62,7 @@ public class ReportXLS implements ReportModule { } @Override - public String generateReport(ReportConfiguration reportconfig, ReportFilter rr) throws ReportModuleException { + public String generateReport(ReportConfiguration reportconfig) throws ReportModuleException { config = reportconfig; ReportGen reportobj = new ReportGen(); reportobj.populateReport(reportconfig); @@ -386,10 +386,6 @@ public class ReportXLS implements ReportModule { temp.createCell(1).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DEVICE_ID.getTypeID())); temp.createCell(2).setCellValue(attributes.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID())); } - - - cc++; - rr.progBarSet(cc); } diff --git a/Report/src/org/sleuthkit/autopsy/report/ReportXML.java b/Report/src/org/sleuthkit/autopsy/report/ReportXML.java index 7858100fde..8f50db617b 100644 --- a/Report/src/org/sleuthkit/autopsy/report/ReportXML.java +++ b/Report/src/org/sleuthkit/autopsy/report/ReportXML.java @@ -59,7 +59,7 @@ public class ReportXML implements ReportModule { } @Override - public String generateReport(ReportConfiguration reportconfig, ReportFilter rr) throws ReportModuleException { + public String generateReport(ReportConfiguration reportconfig) throws ReportModuleException { ReportGen reportobj = new ReportGen(); reportobj.populateReport(reportconfig); HashMap> report = reportobj.Results; @@ -177,8 +177,7 @@ public class ReportXML implements ReportModule { if (entry.getKey().getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_DEVICE_ATTACHED.getTypeID()) { nodeDevice.addContent(artifact); } - cc++; - rr.progBarSet(cc); + //end of master loop }