mirror of
https://github.com/overcuriousity/autopsy-flatpak.git
synced 2025-07-12 16:06:15 +00:00
Merge branch 'develop' of github.com:sleuthkit/autopsy into ds_summary_report_7893
This commit is contained in:
commit
31f5f1fc7f
@ -32,9 +32,9 @@ import org.sleuthkit.autopsy.centralrepository.datamodel.CentralRepository;
|
|||||||
* Action for accessing the Search Other Cases dialog.
|
* Action for accessing the Search Other Cases dialog.
|
||||||
*/
|
*/
|
||||||
@ActionID(category = "Tools", id = "org.sleuthkit.autopsy.allcasessearch.AllCasesSearchAction")
|
@ActionID(category = "Tools", id = "org.sleuthkit.autopsy.allcasessearch.AllCasesSearchAction")
|
||||||
@ActionRegistration(displayName = "#CTL_OtherCasesSearchAction=Search All Cases", lazy = false)
|
@ActionRegistration(displayName = "#CTL_OtherCasesSearchAction=Search Central Repository", lazy = false)
|
||||||
@ActionReference(path = "Menu/Tools", position = 201)
|
@ActionReference(path = "Menu/Tools", position = 201)
|
||||||
@NbBundle.Messages({"CTL_AllCasesSearchAction=Search All Cases"})
|
@NbBundle.Messages({"CTL_AllCasesSearchAction=Search Central Repository"})
|
||||||
public class AllCasesSearchAction extends CallableSystemAction {
|
public class AllCasesSearchAction extends CallableSystemAction {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@ -54,7 +54,7 @@ public class AllCasesSearchAction extends CallableSystemAction {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@NbBundle.Messages({
|
@NbBundle.Messages({
|
||||||
"AllCasesSearchAction.getName.text=Search All Cases"})
|
"AllCasesSearchAction.getName.text=Search Central Repository"})
|
||||||
@Override
|
@Override
|
||||||
public String getName() {
|
public String getName() {
|
||||||
return Bundle.AllCasesSearchAction_getName_text();
|
return Bundle.AllCasesSearchAction_getName_text();
|
||||||
|
@ -24,27 +24,39 @@
|
|||||||
<Layout>
|
<Layout>
|
||||||
<DimensionLayout dim="0">
|
<DimensionLayout dim="0">
|
||||||
<Group type="103" groupAlignment="0" attributes="0">
|
<Group type="103" groupAlignment="0" attributes="0">
|
||||||
<Group type="102" alignment="0" attributes="0">
|
<Group type="102" attributes="0">
|
||||||
<EmptySpace max="-2" attributes="0"/>
|
<EmptySpace max="-2" attributes="0"/>
|
||||||
<Group type="103" groupAlignment="0" attributes="0">
|
<Group type="103" groupAlignment="0" attributes="0">
|
||||||
<Component id="descriptionLabel" pref="430" max="32767" attributes="0"/>
|
<Component id="descriptionLabel" max="32767" attributes="0"/>
|
||||||
|
<Group type="102" alignment="0" attributes="0">
|
||||||
|
<Component id="casesLabel" max="32767" attributes="0"/>
|
||||||
|
<EmptySpace max="-2" attributes="0"/>
|
||||||
|
<Component id="searchButton" min="-2" max="-2" attributes="0"/>
|
||||||
|
</Group>
|
||||||
<Group type="102" alignment="0" attributes="0">
|
<Group type="102" alignment="0" attributes="0">
|
||||||
<Group type="103" groupAlignment="0" attributes="0">
|
<Group type="103" groupAlignment="0" attributes="0">
|
||||||
<Component id="correlationValueLabel" alignment="0" min="-2" max="-2" attributes="0"/>
|
<Component id="correlationValueLabel" alignment="0" min="-2" max="-2" attributes="0"/>
|
||||||
<Component id="correlationTypeLabel" alignment="0" min="-2" max="-2" attributes="0"/>
|
<Component id="correlationTypeLabel" alignment="0" min="-2" max="-2" attributes="0"/>
|
||||||
</Group>
|
</Group>
|
||||||
<EmptySpace type="unrelated" max="-2" attributes="0"/>
|
<EmptySpace type="unrelated" max="-2" attributes="0"/>
|
||||||
|
<Group type="103" groupAlignment="0" attributes="0">
|
||||||
|
<Group type="102" attributes="0">
|
||||||
|
<Component id="normalizedLabel" min="-2" max="-2" attributes="0"/>
|
||||||
|
<EmptySpace min="0" pref="0" max="32767" attributes="0"/>
|
||||||
|
</Group>
|
||||||
|
<Group type="102" attributes="0">
|
||||||
<Group type="103" groupAlignment="0" attributes="0">
|
<Group type="103" groupAlignment="0" attributes="0">
|
||||||
<Component id="correlationTypeComboBox" max="32767" attributes="0"/>
|
<Component id="correlationTypeComboBox" max="32767" attributes="0"/>
|
||||||
<Component id="correlationValueTextField" max="32767" attributes="0"/>
|
<Group type="102" attributes="0">
|
||||||
|
<Component id="correlationValueScrollPane" min="-2" pref="379" max="-2" attributes="0"/>
|
||||||
|
<EmptySpace min="0" pref="0" max="32767" attributes="0"/>
|
||||||
|
</Group>
|
||||||
|
</Group>
|
||||||
|
<EmptySpace min="-2" pref="142" max="-2" attributes="0"/>
|
||||||
|
</Group>
|
||||||
<Component id="errorLabel" alignment="0" max="32767" attributes="0"/>
|
<Component id="errorLabel" alignment="0" max="32767" attributes="0"/>
|
||||||
</Group>
|
</Group>
|
||||||
</Group>
|
</Group>
|
||||||
<Group type="102" alignment="1" attributes="0">
|
|
||||||
<Component id="casesLabel" max="32767" attributes="0"/>
|
|
||||||
<EmptySpace type="separate" max="-2" attributes="0"/>
|
|
||||||
<Component id="searchButton" min="-2" max="-2" attributes="0"/>
|
|
||||||
</Group>
|
|
||||||
</Group>
|
</Group>
|
||||||
<EmptySpace max="-2" attributes="0"/>
|
<EmptySpace max="-2" attributes="0"/>
|
||||||
</Group>
|
</Group>
|
||||||
@ -60,17 +72,19 @@
|
|||||||
<Component id="correlationTypeComboBox" alignment="3" min="-2" max="-2" attributes="0"/>
|
<Component id="correlationTypeComboBox" alignment="3" min="-2" max="-2" attributes="0"/>
|
||||||
<Component id="correlationTypeLabel" alignment="3" min="-2" max="-2" attributes="0"/>
|
<Component id="correlationTypeLabel" alignment="3" min="-2" max="-2" attributes="0"/>
|
||||||
</Group>
|
</Group>
|
||||||
<EmptySpace min="-2" pref="15" max="-2" attributes="0"/>
|
<EmptySpace min="-2" pref="18" max="-2" attributes="0"/>
|
||||||
<Group type="103" groupAlignment="3" attributes="0">
|
<Group type="103" groupAlignment="0" attributes="0">
|
||||||
<Component id="correlationValueTextField" alignment="3" min="-2" max="-2" attributes="0"/>
|
<Component id="correlationValueLabel" min="-2" max="-2" attributes="0"/>
|
||||||
<Component id="correlationValueLabel" alignment="3" min="-2" max="-2" attributes="0"/>
|
<Component id="correlationValueScrollPane" min="-2" pref="190" max="-2" attributes="0"/>
|
||||||
</Group>
|
</Group>
|
||||||
<EmptySpace max="-2" attributes="0"/>
|
<EmptySpace max="-2" attributes="0"/>
|
||||||
|
<Component id="normalizedLabel" min="-2" max="-2" attributes="0"/>
|
||||||
|
<EmptySpace pref="19" max="32767" attributes="0"/>
|
||||||
<Component id="errorLabel" min="-2" max="-2" attributes="0"/>
|
<Component id="errorLabel" min="-2" max="-2" attributes="0"/>
|
||||||
<EmptySpace pref="20" max="32767" attributes="0"/>
|
<EmptySpace max="-2" attributes="0"/>
|
||||||
<Group type="103" groupAlignment="3" attributes="0">
|
<Group type="103" groupAlignment="0" attributes="0">
|
||||||
<Component id="searchButton" alignment="3" min="-2" max="-2" attributes="0"/>
|
<Component id="casesLabel" alignment="1" min="-2" max="-2" attributes="0"/>
|
||||||
<Component id="casesLabel" alignment="3" min="-2" max="-2" attributes="0"/>
|
<Component id="searchButton" alignment="1" min="-2" max="-2" attributes="0"/>
|
||||||
</Group>
|
</Group>
|
||||||
<EmptySpace max="-2" attributes="0"/>
|
<EmptySpace max="-2" attributes="0"/>
|
||||||
</Group>
|
</Group>
|
||||||
@ -85,16 +99,6 @@
|
|||||||
</Property>
|
</Property>
|
||||||
</Properties>
|
</Properties>
|
||||||
</Component>
|
</Component>
|
||||||
<Component class="javax.swing.JTextField" name="correlationValueTextField">
|
|
||||||
<Properties>
|
|
||||||
<Property name="text" type="java.lang.String" editor="org.netbeans.modules.i18n.form.FormI18nStringEditor">
|
|
||||||
<ResourceString bundle="org/sleuthkit/autopsy/allcasessearch/Bundle.properties" key="AllCasesSearchDialog.correlationValueTextField.text" replaceFormat="org.openide.util.NbBundle.getMessage({sourceFileName}.class, "{key}")"/>
|
|
||||||
</Property>
|
|
||||||
</Properties>
|
|
||||||
<Events>
|
|
||||||
<EventHandler event="keyReleased" listener="java.awt.event.KeyListener" parameters="java.awt.event.KeyEvent" handler="valueFieldKeyReleaseListener"/>
|
|
||||||
</Events>
|
|
||||||
</Component>
|
|
||||||
<Component class="javax.swing.JButton" name="searchButton">
|
<Component class="javax.swing.JButton" name="searchButton">
|
||||||
<Properties>
|
<Properties>
|
||||||
<Property name="text" type="java.lang.String" editor="org.netbeans.modules.i18n.form.FormI18nStringEditor">
|
<Property name="text" type="java.lang.String" editor="org.netbeans.modules.i18n.form.FormI18nStringEditor">
|
||||||
@ -158,5 +162,30 @@
|
|||||||
</Property>
|
</Property>
|
||||||
</Properties>
|
</Properties>
|
||||||
</Component>
|
</Component>
|
||||||
|
<Container class="javax.swing.JScrollPane" name="correlationValueScrollPane">
|
||||||
|
<AuxValues>
|
||||||
|
<AuxValue name="autoScrollPane" type="java.lang.Boolean" value="true"/>
|
||||||
|
</AuxValues>
|
||||||
|
|
||||||
|
<Layout class="org.netbeans.modules.form.compat2.layouts.support.JScrollPaneSupportLayout"/>
|
||||||
|
<SubComponents>
|
||||||
|
<Component class="javax.swing.JTextArea" name="correlationValueTextArea">
|
||||||
|
<Properties>
|
||||||
|
<Property name="columns" type="int" value="20"/>
|
||||||
|
<Property name="rows" type="int" value="5"/>
|
||||||
|
<Property name="text" type="java.lang.String" editor="org.netbeans.modules.i18n.form.FormI18nStringEditor">
|
||||||
|
<ResourceString bundle="org/sleuthkit/autopsy/allcasessearch/Bundle.properties" key="AllCasesSearchDialog.correlationValueTextArea.text" replaceFormat="org.openide.util.NbBundle.getMessage({sourceFileName}.class, "{key}")"/>
|
||||||
|
</Property>
|
||||||
|
</Properties>
|
||||||
|
</Component>
|
||||||
|
</SubComponents>
|
||||||
|
</Container>
|
||||||
|
<Component class="javax.swing.JLabel" name="normalizedLabel">
|
||||||
|
<Properties>
|
||||||
|
<Property name="text" type="java.lang.String" editor="org.netbeans.modules.i18n.form.FormI18nStringEditor">
|
||||||
|
<ResourceString bundle="org/sleuthkit/autopsy/allcasessearch/Bundle.properties" key="AllCasesSearchDialog.normalizedLabel.text" replaceFormat="org.openide.util.NbBundle.getMessage({sourceFileName}.class, "{key}")"/>
|
||||||
|
</Property>
|
||||||
|
</Properties>
|
||||||
|
</Component>
|
||||||
</SubComponents>
|
</SubComponents>
|
||||||
</Form>
|
</Form>
|
||||||
|
@ -21,8 +21,10 @@ package org.sleuthkit.autopsy.allcasessearch;
|
|||||||
import java.awt.Color;
|
import java.awt.Color;
|
||||||
import java.awt.event.ItemEvent;
|
import java.awt.event.ItemEvent;
|
||||||
import java.awt.event.ItemListener;
|
import java.awt.event.ItemListener;
|
||||||
|
import java.text.Collator;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
|
import java.util.Collections;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.concurrent.ExecutionException;
|
import java.util.concurrent.ExecutionException;
|
||||||
import java.util.logging.Level;
|
import java.util.logging.Level;
|
||||||
@ -30,6 +32,7 @@ import javax.swing.JFrame;
|
|||||||
import javax.swing.SwingWorker;
|
import javax.swing.SwingWorker;
|
||||||
import javax.swing.event.DocumentEvent;
|
import javax.swing.event.DocumentEvent;
|
||||||
import javax.swing.event.DocumentListener;
|
import javax.swing.event.DocumentListener;
|
||||||
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.openide.nodes.Node;
|
import org.openide.nodes.Node;
|
||||||
import org.openide.util.NbBundle.Messages;
|
import org.openide.util.NbBundle.Messages;
|
||||||
import org.openide.windows.TopComponent;
|
import org.openide.windows.TopComponent;
|
||||||
@ -48,9 +51,9 @@ import org.sleuthkit.autopsy.datamodel.EmptyNode;
|
|||||||
import org.sleuthkit.autopsy.centralrepository.datamodel.CentralRepository;
|
import org.sleuthkit.autopsy.centralrepository.datamodel.CentralRepository;
|
||||||
|
|
||||||
@Messages({
|
@Messages({
|
||||||
"AllCasesSearchDialog.dialogTitle.text=Search All Cases",
|
"AllCasesSearchDialog.dialogTitle.text=Search Central Repository",
|
||||||
"AllCasesSearchDialog.resultsTitle.text=All Cases",
|
"AllCasesSearchDialog.resultsTitle.text=All Cases",
|
||||||
"AllCasesSearchDialog.resultsDescription.text=All Cases Search",
|
"AllCasesSearchDialog.resultsDescription.text=Search Central Repository",
|
||||||
"AllCasesSearchDialog.emptyNode.text=No results found.",
|
"AllCasesSearchDialog.emptyNode.text=No results found.",
|
||||||
"AllCasesSearchDialog.validation.invalidHash=The supplied value is not a valid MD5 hash.",
|
"AllCasesSearchDialog.validation.invalidHash=The supplied value is not a valid MD5 hash.",
|
||||||
"AllCasesSearchDialog.validation.invalidEmail=The supplied value is not a valid e-mail address.",
|
"AllCasesSearchDialog.validation.invalidEmail=The supplied value is not a valid e-mail address.",
|
||||||
@ -63,14 +66,14 @@ import org.sleuthkit.autopsy.centralrepository.datamodel.CentralRepository;
|
|||||||
"AllCasesSearchDialog.validation.invalidIccid=The supplied value is not a valid ICCID number.",
|
"AllCasesSearchDialog.validation.invalidIccid=The supplied value is not a valid ICCID number.",
|
||||||
"AllCasesSearchDialog.validation.genericMessage=The supplied value is not valid.",
|
"AllCasesSearchDialog.validation.genericMessage=The supplied value is not valid.",
|
||||||
"# {0} - number of cases",
|
"# {0} - number of cases",
|
||||||
"AllCasesSearchDialog.caseLabel.text=The current Central Repository contains {0} case(s)."
|
"AllCasesSearchDialog.caseLabel.text=The Central Repository contains {0} case(s)."
|
||||||
})
|
})
|
||||||
/**
|
/**
|
||||||
* The Search All Cases dialog allows users to search for specific types of
|
* The Search All Cases dialog allows users to search for specific types of
|
||||||
* correlation properties in the Central Repository.
|
* correlation properties in the Central Repository.
|
||||||
*/
|
*/
|
||||||
@SuppressWarnings("PMD.SingularField") // UI widgets cause lots of false positives
|
@SuppressWarnings("PMD.SingularField") // UI widgets cause lots of false positives
|
||||||
final class AllCasesSearchDialog extends javax.swing.JDialog {
|
final class AllCasesSearchDialog extends javax.swing.JDialog {
|
||||||
|
|
||||||
private static final Logger logger = Logger.getLogger(AllCasesSearchDialog.class.getName());
|
private static final Logger logger = Logger.getLogger(AllCasesSearchDialog.class.getName());
|
||||||
private static final long serialVersionUID = 1L;
|
private static final long serialVersionUID = 1L;
|
||||||
@ -95,20 +98,22 @@ final class AllCasesSearchDialog extends javax.swing.JDialog {
|
|||||||
* @param type The correlation type.
|
* @param type The correlation type.
|
||||||
* @param value The value to be matched.
|
* @param value The value to be matched.
|
||||||
*/
|
*/
|
||||||
private void search(CorrelationAttributeInstance.Type type, String value) {
|
private void search(CorrelationAttributeInstance.Type type, String[] values) {
|
||||||
new SwingWorker<List<CorrelationAttributeInstance>, Void>() {
|
new SwingWorker<List<CorrelationAttributeInstance>, Void>() {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected List<CorrelationAttributeInstance> doInBackground() {
|
protected List<CorrelationAttributeInstance> doInBackground() {
|
||||||
List<CorrelationAttributeInstance> correlationInstances = new ArrayList<>();
|
List<CorrelationAttributeInstance> correlationInstances = new ArrayList<>();
|
||||||
|
|
||||||
|
for (String value : values) {
|
||||||
try {
|
try {
|
||||||
correlationInstances = CentralRepository.getInstance().getArtifactInstancesByTypeValue(type, value);
|
correlationInstances.addAll(CentralRepository.getInstance().getArtifactInstancesByTypeValue(type, value));
|
||||||
} catch (CentralRepoException ex) {
|
} catch (CentralRepoException ex) {
|
||||||
logger.log(Level.SEVERE, "Unable to connect to the Central Repository database.", ex);
|
logger.log(Level.SEVERE, "Unable to connect to the Central Repository database.", ex);
|
||||||
} catch (CorrelationAttributeNormalizationException ex) {
|
} catch (CorrelationAttributeNormalizationException ex) {
|
||||||
logger.log(Level.SEVERE, "Unable to retrieve data from the Central Repository.", ex);
|
logger.log(Level.SEVERE, "Unable to retrieve data from the Central Repository.", ex);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return correlationInstances;
|
return correlationInstances;
|
||||||
}
|
}
|
||||||
@ -125,8 +130,8 @@ final class AllCasesSearchDialog extends javax.swing.JDialog {
|
|||||||
AllCasesSearchNode searchNode = new AllCasesSearchNode(correlationInstances);
|
AllCasesSearchNode searchNode = new AllCasesSearchNode(correlationInstances);
|
||||||
TableFilterNode tableFilterNode = new TableFilterNode(searchNode, true, searchNode.getName());
|
TableFilterNode tableFilterNode = new TableFilterNode(searchNode, true, searchNode.getName());
|
||||||
|
|
||||||
String resultsText = String.format("%s (%s; \"%s\")",
|
String resultsText = String.format("%s (%s)",
|
||||||
Bundle.AllCasesSearchDialog_resultsTitle_text(), type.getDisplayName(), value);
|
Bundle.AllCasesSearchDialog_resultsTitle_text(), type.getDisplayName());
|
||||||
final TopComponent searchResultWin;
|
final TopComponent searchResultWin;
|
||||||
if (correlationInstances.isEmpty()) {
|
if (correlationInstances.isEmpty()) {
|
||||||
Node emptyNode = new TableFilterNode(
|
Node emptyNode = new TableFilterNode(
|
||||||
@ -155,26 +160,21 @@ final class AllCasesSearchDialog extends javax.swing.JDialog {
|
|||||||
private void initComponents() {
|
private void initComponents() {
|
||||||
|
|
||||||
correlationValueLabel = new javax.swing.JLabel();
|
correlationValueLabel = new javax.swing.JLabel();
|
||||||
correlationValueTextField = new javax.swing.JTextField();
|
|
||||||
searchButton = new javax.swing.JButton();
|
searchButton = new javax.swing.JButton();
|
||||||
correlationTypeComboBox = new javax.swing.JComboBox<>();
|
correlationTypeComboBox = new javax.swing.JComboBox<>();
|
||||||
correlationTypeLabel = new javax.swing.JLabel();
|
correlationTypeLabel = new javax.swing.JLabel();
|
||||||
errorLabel = new javax.swing.JLabel();
|
errorLabel = new javax.swing.JLabel();
|
||||||
descriptionLabel = new javax.swing.JLabel();
|
descriptionLabel = new javax.swing.JLabel();
|
||||||
casesLabel = new javax.swing.JLabel();
|
casesLabel = new javax.swing.JLabel();
|
||||||
|
correlationValueScrollPane = new javax.swing.JScrollPane();
|
||||||
|
correlationValueTextArea = new javax.swing.JTextArea();
|
||||||
|
normalizedLabel = new javax.swing.JLabel();
|
||||||
|
|
||||||
setDefaultCloseOperation(javax.swing.WindowConstants.DISPOSE_ON_CLOSE);
|
setDefaultCloseOperation(javax.swing.WindowConstants.DISPOSE_ON_CLOSE);
|
||||||
setResizable(false);
|
setResizable(false);
|
||||||
|
|
||||||
org.openide.awt.Mnemonics.setLocalizedText(correlationValueLabel, org.openide.util.NbBundle.getMessage(AllCasesSearchDialog.class, "AllCasesSearchDialog.correlationValueLabel.text")); // NOI18N
|
org.openide.awt.Mnemonics.setLocalizedText(correlationValueLabel, org.openide.util.NbBundle.getMessage(AllCasesSearchDialog.class, "AllCasesSearchDialog.correlationValueLabel.text")); // NOI18N
|
||||||
|
|
||||||
correlationValueTextField.setText(org.openide.util.NbBundle.getMessage(AllCasesSearchDialog.class, "AllCasesSearchDialog.correlationValueTextField.text")); // NOI18N
|
|
||||||
correlationValueTextField.addKeyListener(new java.awt.event.KeyAdapter() {
|
|
||||||
public void keyReleased(java.awt.event.KeyEvent evt) {
|
|
||||||
valueFieldKeyReleaseListener(evt);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
org.openide.awt.Mnemonics.setLocalizedText(searchButton, org.openide.util.NbBundle.getMessage(AllCasesSearchDialog.class, "AllCasesSearchDialog.searchButton.text")); // NOI18N
|
org.openide.awt.Mnemonics.setLocalizedText(searchButton, org.openide.util.NbBundle.getMessage(AllCasesSearchDialog.class, "AllCasesSearchDialog.searchButton.text")); // NOI18N
|
||||||
searchButton.addActionListener(new java.awt.event.ActionListener() {
|
searchButton.addActionListener(new java.awt.event.ActionListener() {
|
||||||
public void actionPerformed(java.awt.event.ActionEvent evt) {
|
public void actionPerformed(java.awt.event.ActionEvent evt) {
|
||||||
@ -198,6 +198,13 @@ final class AllCasesSearchDialog extends javax.swing.JDialog {
|
|||||||
casesLabel.setHorizontalAlignment(javax.swing.SwingConstants.LEFT);
|
casesLabel.setHorizontalAlignment(javax.swing.SwingConstants.LEFT);
|
||||||
org.openide.awt.Mnemonics.setLocalizedText(casesLabel, org.openide.util.NbBundle.getMessage(AllCasesSearchDialog.class, "AllCasesSearchDialog.casesLabel.text")); // NOI18N
|
org.openide.awt.Mnemonics.setLocalizedText(casesLabel, org.openide.util.NbBundle.getMessage(AllCasesSearchDialog.class, "AllCasesSearchDialog.casesLabel.text")); // NOI18N
|
||||||
|
|
||||||
|
correlationValueTextArea.setColumns(20);
|
||||||
|
correlationValueTextArea.setRows(5);
|
||||||
|
correlationValueTextArea.setText(org.openide.util.NbBundle.getMessage(AllCasesSearchDialog.class, "AllCasesSearchDialog.correlationValueTextArea.text")); // NOI18N
|
||||||
|
correlationValueScrollPane.setViewportView(correlationValueTextArea);
|
||||||
|
|
||||||
|
org.openide.awt.Mnemonics.setLocalizedText(normalizedLabel, org.openide.util.NbBundle.getMessage(AllCasesSearchDialog.class, "AllCasesSearchDialog.normalizedLabel.text")); // NOI18N
|
||||||
|
|
||||||
javax.swing.GroupLayout layout = new javax.swing.GroupLayout(getContentPane());
|
javax.swing.GroupLayout layout = new javax.swing.GroupLayout(getContentPane());
|
||||||
getContentPane().setLayout(layout);
|
getContentPane().setLayout(layout);
|
||||||
layout.setHorizontalGroup(
|
layout.setHorizontalGroup(
|
||||||
@ -205,20 +212,28 @@ final class AllCasesSearchDialog extends javax.swing.JDialog {
|
|||||||
.addGroup(layout.createSequentialGroup()
|
.addGroup(layout.createSequentialGroup()
|
||||||
.addContainerGap()
|
.addContainerGap()
|
||||||
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
|
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
|
||||||
.addComponent(descriptionLabel, javax.swing.GroupLayout.DEFAULT_SIZE, 430, Short.MAX_VALUE)
|
.addComponent(descriptionLabel)
|
||||||
|
.addGroup(layout.createSequentialGroup()
|
||||||
|
.addComponent(casesLabel, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
|
||||||
|
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
|
||||||
|
.addComponent(searchButton))
|
||||||
.addGroup(layout.createSequentialGroup()
|
.addGroup(layout.createSequentialGroup()
|
||||||
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
|
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
|
||||||
.addComponent(correlationValueLabel)
|
.addComponent(correlationValueLabel)
|
||||||
.addComponent(correlationTypeLabel))
|
.addComponent(correlationTypeLabel))
|
||||||
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED)
|
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED)
|
||||||
|
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
|
||||||
|
.addGroup(layout.createSequentialGroup()
|
||||||
|
.addComponent(normalizedLabel)
|
||||||
|
.addGap(0, 0, Short.MAX_VALUE))
|
||||||
|
.addGroup(layout.createSequentialGroup()
|
||||||
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
|
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
|
||||||
.addComponent(correlationTypeComboBox, 0, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
|
.addComponent(correlationTypeComboBox, 0, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
|
||||||
.addComponent(correlationValueTextField)
|
.addGroup(layout.createSequentialGroup()
|
||||||
.addComponent(errorLabel, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)))
|
.addComponent(correlationValueScrollPane, javax.swing.GroupLayout.PREFERRED_SIZE, 379, javax.swing.GroupLayout.PREFERRED_SIZE)
|
||||||
.addGroup(javax.swing.GroupLayout.Alignment.TRAILING, layout.createSequentialGroup()
|
.addGap(0, 0, Short.MAX_VALUE)))
|
||||||
.addComponent(casesLabel, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
|
.addGap(142, 142, 142))
|
||||||
.addGap(18, 18, 18)
|
.addComponent(errorLabel, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE))))
|
||||||
.addComponent(searchButton)))
|
|
||||||
.addContainerGap())
|
.addContainerGap())
|
||||||
);
|
);
|
||||||
layout.setVerticalGroup(
|
layout.setVerticalGroup(
|
||||||
@ -230,16 +245,18 @@ final class AllCasesSearchDialog extends javax.swing.JDialog {
|
|||||||
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE)
|
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE)
|
||||||
.addComponent(correlationTypeComboBox, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
|
.addComponent(correlationTypeComboBox, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
|
||||||
.addComponent(correlationTypeLabel))
|
.addComponent(correlationTypeLabel))
|
||||||
.addGap(15, 15, 15)
|
.addGap(18, 18, 18)
|
||||||
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE)
|
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
|
||||||
.addComponent(correlationValueTextField, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
|
.addComponent(correlationValueLabel)
|
||||||
.addComponent(correlationValueLabel))
|
.addComponent(correlationValueScrollPane, javax.swing.GroupLayout.PREFERRED_SIZE, 190, javax.swing.GroupLayout.PREFERRED_SIZE))
|
||||||
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
|
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
|
||||||
|
.addComponent(normalizedLabel)
|
||||||
|
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, 19, Short.MAX_VALUE)
|
||||||
.addComponent(errorLabel)
|
.addComponent(errorLabel)
|
||||||
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, 20, Short.MAX_VALUE)
|
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
|
||||||
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE)
|
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
|
||||||
.addComponent(searchButton)
|
.addComponent(casesLabel, javax.swing.GroupLayout.Alignment.TRAILING)
|
||||||
.addComponent(casesLabel))
|
.addComponent(searchButton, javax.swing.GroupLayout.Alignment.TRAILING))
|
||||||
.addContainerGap())
|
.addContainerGap())
|
||||||
);
|
);
|
||||||
|
|
||||||
@ -251,10 +268,13 @@ final class AllCasesSearchDialog extends javax.swing.JDialog {
|
|||||||
|
|
||||||
private void searchButtonActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_searchButtonActionPerformed
|
private void searchButtonActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_searchButtonActionPerformed
|
||||||
CorrelationAttributeInstance.Type correlationType = selectedCorrelationType;
|
CorrelationAttributeInstance.Type correlationType = selectedCorrelationType;
|
||||||
String correlationValue = correlationValueTextField.getText().trim();
|
String correlationValue = correlationValueTextArea.getText().trim();
|
||||||
|
|
||||||
if (validateInputs(correlationType, correlationValue)) {
|
String[] correlationValueLines = correlationValue.split("\r\n|\n|\r");
|
||||||
search(correlationType, correlationValue);
|
// for (String correlationValueLine : lines) {
|
||||||
|
|
||||||
|
if (validateInputs(correlationType, correlationValueLines)) {
|
||||||
|
search(correlationType, correlationValueLines);
|
||||||
dispose();
|
dispose();
|
||||||
} else {
|
} else {
|
||||||
String validationMessage;
|
String validationMessage;
|
||||||
@ -291,10 +311,12 @@ final class AllCasesSearchDialog extends javax.swing.JDialog {
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
errorLabel.setText(validationMessage);
|
errorLabel.setText(validationMessage);
|
||||||
searchButton.setEnabled(false);
|
searchButton.setEnabled(false);
|
||||||
correlationValueTextField.grabFocus();
|
correlationValueTextArea.grabFocus();
|
||||||
}
|
}
|
||||||
|
// }
|
||||||
}//GEN-LAST:event_searchButtonActionPerformed
|
}//GEN-LAST:event_searchButtonActionPerformed
|
||||||
|
|
||||||
private void correlationTypeComboBoxActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_correlationTypeComboBoxActionPerformed
|
private void correlationTypeComboBoxActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_correlationTypeComboBoxActionPerformed
|
||||||
@ -302,11 +324,6 @@ final class AllCasesSearchDialog extends javax.swing.JDialog {
|
|||||||
errorLabel.setText("");
|
errorLabel.setText("");
|
||||||
}//GEN-LAST:event_correlationTypeComboBoxActionPerformed
|
}//GEN-LAST:event_correlationTypeComboBoxActionPerformed
|
||||||
|
|
||||||
private void valueFieldKeyReleaseListener(java.awt.event.KeyEvent evt) {//GEN-FIRST:event_valueFieldKeyReleaseListener
|
|
||||||
//make error message go away when the user enters anything in the value field
|
|
||||||
errorLabel.setText("");
|
|
||||||
}//GEN-LAST:event_valueFieldKeyReleaseListener
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Validate the supplied input.
|
* Validate the supplied input.
|
||||||
*
|
*
|
||||||
@ -315,9 +332,11 @@ final class AllCasesSearchDialog extends javax.swing.JDialog {
|
|||||||
*
|
*
|
||||||
* @return True if the input is valid for the given type; otherwise false.
|
* @return True if the input is valid for the given type; otherwise false.
|
||||||
*/
|
*/
|
||||||
private boolean validateInputs(CorrelationAttributeInstance.Type type, String value) {
|
private boolean validateInputs(CorrelationAttributeInstance.Type type, String[] values) {
|
||||||
try {
|
try {
|
||||||
|
for (String value : values) {
|
||||||
CorrelationAttributeNormalizer.normalize(type, value);
|
CorrelationAttributeNormalizer.normalize(type, value);
|
||||||
|
}
|
||||||
} catch (CorrelationAttributeNormalizationException ex) {
|
} catch (CorrelationAttributeNormalizationException ex) {
|
||||||
// No need to log this.
|
// No need to log this.
|
||||||
return false;
|
return false;
|
||||||
@ -339,15 +358,33 @@ final class AllCasesSearchDialog extends javax.swing.JDialog {
|
|||||||
CentralRepository dbManager = CentralRepository.getInstance();
|
CentralRepository dbManager = CentralRepository.getInstance();
|
||||||
correlationTypes.clear();
|
correlationTypes.clear();
|
||||||
correlationTypes.addAll(dbManager.getDefinedCorrelationTypes());
|
correlationTypes.addAll(dbManager.getDefinedCorrelationTypes());
|
||||||
|
// correlationTypes.addAll(java.util.Collections.sort(dbManager.getDefinedCorrelationTypes(), Collator.getInstance()));
|
||||||
int numberOfCases = dbManager.getCases().size();
|
int numberOfCases = dbManager.getCases().size();
|
||||||
casesLabel.setText(Bundle.AllCasesSearchDialog_caseLabel_text(numberOfCases));
|
casesLabel.setText(Bundle.AllCasesSearchDialog_caseLabel_text(numberOfCases));
|
||||||
} catch (CentralRepoException ex) {
|
} catch (CentralRepoException ex) {
|
||||||
logger.log(Level.SEVERE, "Unable to connect to the Central Repository database.", ex);
|
logger.log(Level.SEVERE, "Unable to connect to the Central Repository database.", ex);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
List<String> displayNames = new ArrayList<>();
|
||||||
for (CorrelationAttributeInstance.Type type : correlationTypes) {
|
for (CorrelationAttributeInstance.Type type : correlationTypes) {
|
||||||
correlationTypeComboBox.addItem(type.getDisplayName());
|
String displayName = type.getDisplayName();
|
||||||
|
if (displayName.toLowerCase().contains("addresses")) {
|
||||||
|
type.setDisplayName(displayName.replace("Addresses", "Address"));
|
||||||
|
} else if (displayName.toLowerCase().equals("files")) {
|
||||||
|
type.setDisplayName("File MD5");
|
||||||
|
} else if (displayName.toLowerCase().endsWith("s") && !displayName.toLowerCase().endsWith("address")) {
|
||||||
|
type.setDisplayName(StringUtils.substring(displayName, 0, displayName.length() - 1));
|
||||||
|
} else {
|
||||||
|
type.setDisplayName(displayName);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
displayNames.add(type.getDisplayName());
|
||||||
|
}
|
||||||
|
Collections.sort(displayNames);
|
||||||
|
for (String displayName : displayNames) {
|
||||||
|
correlationTypeComboBox.addItem(displayName);
|
||||||
|
}
|
||||||
|
|
||||||
correlationTypeComboBox.setSelectedIndex(0);
|
correlationTypeComboBox.setSelectedIndex(0);
|
||||||
|
|
||||||
correlationTypeComboBox.addItemListener(new ItemListener() {
|
correlationTypeComboBox.addItemListener(new ItemListener() {
|
||||||
@ -364,7 +401,7 @@ final class AllCasesSearchDialog extends javax.swing.JDialog {
|
|||||||
/*
|
/*
|
||||||
* Create listener for text input.
|
* Create listener for text input.
|
||||||
*/
|
*/
|
||||||
correlationValueTextField.getDocument().addDocumentListener(new DocumentListener() {
|
correlationValueTextArea.getDocument().addDocumentListener(new DocumentListener() {
|
||||||
@Override
|
@Override
|
||||||
public void changedUpdate(DocumentEvent e) {
|
public void changedUpdate(DocumentEvent e) {
|
||||||
updateSearchButton();
|
updateSearchButton();
|
||||||
@ -440,7 +477,7 @@ final class AllCasesSearchDialog extends javax.swing.JDialog {
|
|||||||
text = "";
|
text = "";
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
correlationValueTextFieldPrompt = new TextPrompt(text, correlationValueTextField);
|
correlationValueTextFieldPrompt = new TextPrompt(text, correlationValueTextArea);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets the foreground color and transparency of the text prompt.
|
* Sets the foreground color and transparency of the text prompt.
|
||||||
@ -470,7 +507,7 @@ final class AllCasesSearchDialog extends javax.swing.JDialog {
|
|||||||
* been provided for the correlation property value.
|
* been provided for the correlation property value.
|
||||||
*/
|
*/
|
||||||
private void updateSearchButton() {
|
private void updateSearchButton() {
|
||||||
searchButton.setEnabled(correlationValueTextField.getText().isEmpty() == false);
|
searchButton.setEnabled(correlationValueTextArea.getText().isEmpty() == false);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -486,9 +523,11 @@ final class AllCasesSearchDialog extends javax.swing.JDialog {
|
|||||||
private javax.swing.JComboBox<String> correlationTypeComboBox;
|
private javax.swing.JComboBox<String> correlationTypeComboBox;
|
||||||
private javax.swing.JLabel correlationTypeLabel;
|
private javax.swing.JLabel correlationTypeLabel;
|
||||||
private javax.swing.JLabel correlationValueLabel;
|
private javax.swing.JLabel correlationValueLabel;
|
||||||
private javax.swing.JTextField correlationValueTextField;
|
private javax.swing.JScrollPane correlationValueScrollPane;
|
||||||
|
private javax.swing.JTextArea correlationValueTextArea;
|
||||||
private javax.swing.JLabel descriptionLabel;
|
private javax.swing.JLabel descriptionLabel;
|
||||||
private javax.swing.JLabel errorLabel;
|
private javax.swing.JLabel errorLabel;
|
||||||
|
private javax.swing.JLabel normalizedLabel;
|
||||||
private javax.swing.JButton searchButton;
|
private javax.swing.JButton searchButton;
|
||||||
// End of variables declaration//GEN-END:variables
|
// End of variables declaration//GEN-END:variables
|
||||||
}
|
}
|
||||||
|
@ -1,10 +1,11 @@
|
|||||||
|
|
||||||
AllCasesSearchDialog.descriptionLabel.text=<html>Search the Central Repository for correlation properties with a specified value. The search is case insensitive.</html>
|
AllCasesSearchDialog.descriptionLabel.text=<html>Search the Central Repository for the given values.</html>
|
||||||
AllCasesSearchDialog.errorLabel.text=\
|
AllCasesSearchDialog.errorLabel.text=\
|
||||||
AllCasesSearchDialog.correlationTypeLabel.text=Correlation Property Type:
|
AllCasesSearchDialog.correlationTypeLabel.text=Type:
|
||||||
AllCasesSearchDialog.searchButton.AccessibleContext.accessibleDescription=
|
AllCasesSearchDialog.searchButton.AccessibleContext.accessibleDescription=
|
||||||
AllCasesSearchDialog.searchButton.AccessibleContext.accessibleName=Search
|
AllCasesSearchDialog.searchButton.AccessibleContext.accessibleName=Search
|
||||||
AllCasesSearchDialog.searchButton.text=Search
|
AllCasesSearchDialog.searchButton.text=Search
|
||||||
AllCasesSearchDialog.correlationValueTextField.text=
|
AllCasesSearchDialog.correlationValueLabel.text=Value:
|
||||||
AllCasesSearchDialog.correlationValueLabel.text=Correlation Property Value:
|
|
||||||
AllCasesSearchDialog.casesLabel.text=\
|
AllCasesSearchDialog.casesLabel.text=\
|
||||||
|
AllCasesSearchDialog.correlationValueTextArea.text=
|
||||||
|
AllCasesSearchDialog.normalizedLabel.text=Values will be normalized to ensure consistent case and formatting.
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
|
|
||||||
AllCasesSearchAction.getName.text=Search All Cases
|
AllCasesSearchAction.getName.text=Search Central Repository
|
||||||
# {0} - number of cases
|
# {0} - number of cases
|
||||||
AllCasesSearchDialog.caseLabel.text=The current Central Repository contains {0} case(s).
|
AllCasesSearchDialog.caseLabel.text=The Central Repository contains {0} case(s).
|
||||||
AllCasesSearchDialog.correlationValueTextField.domainExample=Example: "domain.com"
|
AllCasesSearchDialog.correlationValueTextField.domainExample=Example: "domain.com"
|
||||||
AllCasesSearchDialog.correlationValueTextField.emailExample=Example: "user@host.com"
|
AllCasesSearchDialog.correlationValueTextField.emailExample=Example: "user@host.com"
|
||||||
AllCasesSearchDialog.correlationValueTextField.filesExample=Example: "f0e1d2c3b4a5968778695a4b3c2d1e0f"
|
AllCasesSearchDialog.correlationValueTextField.filesExample=Example: "f0e1d2c3b4a5968778695a4b3c2d1e0f"
|
||||||
@ -12,19 +12,20 @@ AllCasesSearchDialog.correlationValueTextField.macExample=Example: "0C-14-F2-01-
|
|||||||
AllCasesSearchDialog.correlationValueTextField.phoneExample=Example: "(800)123-4567"
|
AllCasesSearchDialog.correlationValueTextField.phoneExample=Example: "(800)123-4567"
|
||||||
AllCasesSearchDialog.correlationValueTextField.ssidExample=Example: "WirelessNetwork-5G"
|
AllCasesSearchDialog.correlationValueTextField.ssidExample=Example: "WirelessNetwork-5G"
|
||||||
AllCasesSearchDialog.correlationValueTextField.usbExample=Example: "4&1234567&0"
|
AllCasesSearchDialog.correlationValueTextField.usbExample=Example: "4&1234567&0"
|
||||||
AllCasesSearchDialog.descriptionLabel.text=<html>Search the Central Repository for correlation properties with a specified value. The search is case insensitive.</html>
|
AllCasesSearchDialog.descriptionLabel.text=<html>Search the Central Repository for the given values.</html>
|
||||||
AllCasesSearchDialog.dialogTitle.text=Search All Cases
|
AllCasesSearchDialog.dialogTitle.text=Search Central Repository
|
||||||
AllCasesSearchDialog.emptyNode.text=No results found.
|
AllCasesSearchDialog.emptyNode.text=No results found.
|
||||||
AllCasesSearchDialog.errorLabel.text=\
|
AllCasesSearchDialog.errorLabel.text=\
|
||||||
AllCasesSearchDialog.correlationTypeLabel.text=Correlation Property Type:
|
AllCasesSearchDialog.correlationTypeLabel.text=Type:
|
||||||
AllCasesSearchDialog.resultsDescription.text=All Cases Search
|
AllCasesSearchDialog.resultsDescription.text=Search Central Repository
|
||||||
AllCasesSearchDialog.resultsTitle.text=All Cases
|
AllCasesSearchDialog.resultsTitle.text=All Cases
|
||||||
AllCasesSearchDialog.searchButton.AccessibleContext.accessibleDescription=
|
AllCasesSearchDialog.searchButton.AccessibleContext.accessibleDescription=
|
||||||
AllCasesSearchDialog.searchButton.AccessibleContext.accessibleName=Search
|
AllCasesSearchDialog.searchButton.AccessibleContext.accessibleName=Search
|
||||||
AllCasesSearchDialog.searchButton.text=Search
|
AllCasesSearchDialog.searchButton.text=Search
|
||||||
AllCasesSearchDialog.correlationValueTextField.text=
|
AllCasesSearchDialog.correlationValueLabel.text=Value:
|
||||||
AllCasesSearchDialog.correlationValueLabel.text=Correlation Property Value:
|
|
||||||
AllCasesSearchDialog.casesLabel.text=\
|
AllCasesSearchDialog.casesLabel.text=\
|
||||||
|
AllCasesSearchDialog.correlationValueTextArea.text=
|
||||||
|
AllCasesSearchDialog.normalizedLabel.text=Values will be normalized to ensure consistent case and formatting.
|
||||||
AllCasesSearchDialog.validation.genericMessage=The supplied value is not valid.
|
AllCasesSearchDialog.validation.genericMessage=The supplied value is not valid.
|
||||||
AllCasesSearchDialog.validation.invalidDomain=The supplied value is not a valid domain.
|
AllCasesSearchDialog.validation.invalidDomain=The supplied value is not a valid domain.
|
||||||
AllCasesSearchDialog.validation.invalidEmail=The supplied value is not a valid e-mail address.
|
AllCasesSearchDialog.validation.invalidEmail=The supplied value is not a valid e-mail address.
|
||||||
@ -43,4 +44,5 @@ CorrelationAttributeInstanceNode.columnName.device=Device
|
|||||||
CorrelationAttributeInstanceNode.columnName.known=Known
|
CorrelationAttributeInstanceNode.columnName.known=Known
|
||||||
CorrelationAttributeInstanceNode.columnName.name=Name
|
CorrelationAttributeInstanceNode.columnName.name=Name
|
||||||
CorrelationAttributeInstanceNode.columnName.path=Path
|
CorrelationAttributeInstanceNode.columnName.path=Path
|
||||||
CTL_AllCasesSearchAction=Search All Cases
|
CorrelationAttributeInstanceNode.columnName.value=Value
|
||||||
|
CTL_AllCasesSearchAction=Search Central Repository
|
||||||
|
@ -22,7 +22,6 @@ AllCasesSearchDialog.resultsTitle.text=\u3059\u3079\u3066\u306e\u30b1\u30fc\u30b
|
|||||||
AllCasesSearchDialog.searchButton.AccessibleContext.accessibleDescription=
|
AllCasesSearchDialog.searchButton.AccessibleContext.accessibleDescription=
|
||||||
AllCasesSearchDialog.searchButton.AccessibleContext.accessibleName=\u691c\u7d22
|
AllCasesSearchDialog.searchButton.AccessibleContext.accessibleName=\u691c\u7d22
|
||||||
AllCasesSearchDialog.searchButton.text=\u691c\u7d22
|
AllCasesSearchDialog.searchButton.text=\u691c\u7d22
|
||||||
AllCasesSearchDialog.correlationValueTextField.text=
|
|
||||||
AllCasesSearchDialog.correlationValueLabel.text=\u76f8\u95a2\u5206\u6790\u30d7\u30ed\u30d1\u30c6\u30a3\u5024:
|
AllCasesSearchDialog.correlationValueLabel.text=\u76f8\u95a2\u5206\u6790\u30d7\u30ed\u30d1\u30c6\u30a3\u5024:
|
||||||
AllCasesSearchDialog.casesLabel.text=\
|
AllCasesSearchDialog.casesLabel.text=\
|
||||||
AllCasesSearchDialog.validation.genericMessage=\u63d0\u4f9b\u3055\u308c\u305f\u5024\u306f\u6709\u52b9\u3067\u306f\u3042\u308a\u307e\u305b\u3093\u3002
|
AllCasesSearchDialog.validation.genericMessage=\u63d0\u4f9b\u3055\u308c\u305f\u5024\u306f\u6709\u52b9\u3067\u306f\u3042\u308a\u307e\u305b\u3093\u3002
|
||||||
|
@ -84,6 +84,7 @@ public final class CorrelationAttributeInstanceNode extends DisplayableItemNode
|
|||||||
"CorrelationAttributeInstanceNode.columnName.name=Name",
|
"CorrelationAttributeInstanceNode.columnName.name=Name",
|
||||||
"CorrelationAttributeInstanceNode.columnName.case=Case",
|
"CorrelationAttributeInstanceNode.columnName.case=Case",
|
||||||
"CorrelationAttributeInstanceNode.columnName.dataSource=Data Source",
|
"CorrelationAttributeInstanceNode.columnName.dataSource=Data Source",
|
||||||
|
"CorrelationAttributeInstanceNode.columnName.value=Value",
|
||||||
"CorrelationAttributeInstanceNode.columnName.known=Known",
|
"CorrelationAttributeInstanceNode.columnName.known=Known",
|
||||||
"CorrelationAttributeInstanceNode.columnName.path=Path",
|
"CorrelationAttributeInstanceNode.columnName.path=Path",
|
||||||
"CorrelationAttributeInstanceNode.columnName.comment=Comment",
|
"CorrelationAttributeInstanceNode.columnName.comment=Comment",
|
||||||
@ -109,6 +110,7 @@ public final class CorrelationAttributeInstanceNode extends DisplayableItemNode
|
|||||||
final String dataSourceName = dataSource.getName();
|
final String dataSourceName = dataSource.getName();
|
||||||
final String known = centralRepoFile.getKnownStatus().getName();
|
final String known = centralRepoFile.getKnownStatus().getName();
|
||||||
final String comment = centralRepoFile.getComment();
|
final String comment = centralRepoFile.getComment();
|
||||||
|
final String value = centralRepoFile.getCorrelationValue();
|
||||||
final String device = dataSource.getDeviceID();
|
final String device = dataSource.getDeviceID();
|
||||||
|
|
||||||
final String NO_DESCR = "";
|
final String NO_DESCR = "";
|
||||||
@ -122,6 +124,9 @@ public final class CorrelationAttributeInstanceNode extends DisplayableItemNode
|
|||||||
sheetSet.put(new NodeProperty<>(
|
sheetSet.put(new NodeProperty<>(
|
||||||
Bundle.CorrelationAttributeInstanceNode_columnName_dataSource(),
|
Bundle.CorrelationAttributeInstanceNode_columnName_dataSource(),
|
||||||
Bundle.CorrelationAttributeInstanceNode_columnName_dataSource(), NO_DESCR, dataSourceName));
|
Bundle.CorrelationAttributeInstanceNode_columnName_dataSource(), NO_DESCR, dataSourceName));
|
||||||
|
sheetSet.put(new NodeProperty<>(
|
||||||
|
Bundle.CorrelationAttributeInstanceNode_columnName_value(),
|
||||||
|
Bundle.CorrelationAttributeInstanceNode_columnName_value(), NO_DESCR, value));
|
||||||
sheetSet.put(new NodeProperty<>(
|
sheetSet.put(new NodeProperty<>(
|
||||||
Bundle.CorrelationAttributeInstanceNode_columnName_known(),
|
Bundle.CorrelationAttributeInstanceNode_columnName_known(),
|
||||||
Bundle.CorrelationAttributeInstanceNode_columnName_known(), NO_DESCR, known));
|
Bundle.CorrelationAttributeInstanceNode_columnName_known(), NO_DESCR, known));
|
||||||
|
@ -269,16 +269,16 @@ public class CorrelationAttributeInstance implements Serializable {
|
|||||||
* @throws CentralRepoException if the Type's dbTableName has invalid
|
* @throws CentralRepoException if the Type's dbTableName has invalid
|
||||||
* characters/format
|
* characters/format
|
||||||
*/
|
*/
|
||||||
@Messages({"CorrelationType.FILES.displayName=Files",
|
@Messages({"CorrelationType.FILES.displayName=File MD5",
|
||||||
"CorrelationType.DOMAIN.displayName=Domains",
|
"CorrelationType.DOMAIN.displayName=Domain",
|
||||||
"CorrelationType.EMAIL.displayName=Email Addresses",
|
"CorrelationType.EMAIL.displayName=Email Address",
|
||||||
"CorrelationType.PHONE.displayName=Phone Numbers",
|
"CorrelationType.PHONE.displayName=Phone Number",
|
||||||
"CorrelationType.USBID.displayName=USB Devices",
|
"CorrelationType.USBID.displayName=USB Device",
|
||||||
"CorrelationType.SSID.displayName=Wireless Networks",
|
"CorrelationType.SSID.displayName=Wireless Network",
|
||||||
"CorrelationType.MAC.displayName=MAC Addresses",
|
"CorrelationType.MAC.displayName=MAC Address",
|
||||||
"CorrelationType.IMEI.displayName=IMEI Number",
|
"CorrelationType.IMEI.displayName=IMEI Number",
|
||||||
"CorrelationType.IMSI.displayName=IMSI Number",
|
"CorrelationType.IMSI.displayName=IMSI Number",
|
||||||
"CorrelationType.PROG_NAME.displayName=Installed Programs",
|
"CorrelationType.PROG_NAME.displayName=Installed Program",
|
||||||
"CorrelationType.ICCID.displayName=ICCID Number",
|
"CorrelationType.ICCID.displayName=ICCID Number",
|
||||||
"CorrelationType.OS_ACCOUNT.displayName=Os Account"})
|
"CorrelationType.OS_ACCOUNT.displayName=Os Account"})
|
||||||
public static List<CorrelationAttributeInstance.Type> getDefaultCorrelationTypes() throws CentralRepoException {
|
public static List<CorrelationAttributeInstance.Type> getDefaultCorrelationTypes() throws CentralRepoException {
|
||||||
|
@ -27,10 +27,12 @@ import java.nio.file.Paths;
|
|||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.logging.Level;
|
import java.util.logging.Level;
|
||||||
|
import org.apache.poi.EmptyFileException;
|
||||||
import org.apache.poi.poifs.filesystem.DirectoryEntry;
|
import org.apache.poi.poifs.filesystem.DirectoryEntry;
|
||||||
import org.apache.poi.poifs.filesystem.DocumentEntry;
|
import org.apache.poi.poifs.filesystem.DocumentEntry;
|
||||||
import org.apache.poi.poifs.filesystem.DocumentInputStream;
|
import org.apache.poi.poifs.filesystem.DocumentInputStream;
|
||||||
import org.apache.poi.poifs.filesystem.Entry;
|
import org.apache.poi.poifs.filesystem.Entry;
|
||||||
|
import org.apache.poi.poifs.filesystem.NotOLE2FileException;
|
||||||
import org.apache.poi.poifs.filesystem.POIFSFileSystem;
|
import org.apache.poi.poifs.filesystem.POIFSFileSystem;
|
||||||
import org.openide.util.NbBundle.Messages;
|
import org.openide.util.NbBundle.Messages;
|
||||||
import org.sleuthkit.autopsy.casemodule.Case;
|
import org.sleuthkit.autopsy.casemodule.Case;
|
||||||
@ -62,7 +64,6 @@ final class ExtractJumpLists extends Extract {
|
|||||||
|
|
||||||
private static final String JUMPLIST_TSK_COMMENT = "Jumplist File";
|
private static final String JUMPLIST_TSK_COMMENT = "Jumplist File";
|
||||||
private static final String RA_DIR_NAME = "RecentActivity"; //NON-NLS
|
private static final String RA_DIR_NAME = "RecentActivity"; //NON-NLS
|
||||||
private static final String MODULE_OUTPUT_DIR = "ModuleOutput"; //NON-NLS
|
|
||||||
private static final String AUTOMATIC_DESTINATIONS_FILE_DIRECTORY = "%/AppData/Roaming/Microsoft/Windows/Recent/AutomaticDestinations/";
|
private static final String AUTOMATIC_DESTINATIONS_FILE_DIRECTORY = "%/AppData/Roaming/Microsoft/Windows/Recent/AutomaticDestinations/";
|
||||||
private static final String JUMPLIST_DIR_NAME = "jumplists"; //NON-NLS
|
private static final String JUMPLIST_DIR_NAME = "jumplists"; //NON-NLS
|
||||||
private static final String VERSION_NUMBER = "1.0.0"; //NON-NLS
|
private static final String VERSION_NUMBER = "1.0.0"; //NON-NLS
|
||||||
@ -86,7 +87,8 @@ final class ExtractJumpLists extends Extract {
|
|||||||
fileManager = currentCase.getServices().getFileManager();
|
fileManager = currentCase.getServices().getFileManager();
|
||||||
long ingestJobId = context.getJobId();
|
long ingestJobId = context.getJobId();
|
||||||
|
|
||||||
List<AbstractFile> jumpListFiles = extractJumplistFiles(dataSource, ingestJobId);
|
String baseRaTempPath = RAImageIngestModule.getRATempPath(Case.getCurrentCase(), JUMPLIST_DIR_NAME , ingestJobId);
|
||||||
|
List<AbstractFile> jumpListFiles = extractJumplistFiles(dataSource, ingestJobId, baseRaTempPath);
|
||||||
|
|
||||||
if (jumpListFiles.isEmpty()) {
|
if (jumpListFiles.isEmpty()) {
|
||||||
return;
|
return;
|
||||||
@ -98,13 +100,13 @@ final class ExtractJumpLists extends Extract {
|
|||||||
|
|
||||||
List<AbstractFile> derivedFiles = new ArrayList<>();
|
List<AbstractFile> derivedFiles = new ArrayList<>();
|
||||||
String derivedPath = null;
|
String derivedPath = null;
|
||||||
String baseRaTempPath = RAImageIngestModule.getRATempPath(Case.getCurrentCase(), JUMPLIST_DIR_NAME + "_" + dataSource.getId(), ingestJobId);
|
String baseRaModPath = RAImageIngestModule.getRAOutputPath(Case.getCurrentCase(), JUMPLIST_DIR_NAME, ingestJobId);
|
||||||
for (AbstractFile jumplistFile : jumpListFiles) {
|
for (AbstractFile jumplistFile : jumpListFiles) {
|
||||||
if (!jumplistFile.getName().toLowerCase().contains("-slack") && !jumplistFile.getName().equals("..") &&
|
if (!jumplistFile.getName().toLowerCase().contains("-slack") && !jumplistFile.getName().equals("..") &&
|
||||||
!jumplistFile.getName().equals(".") && jumplistFile.getSize() > 0) {
|
!jumplistFile.getName().equals(".") && jumplistFile.getSize() > 0) {
|
||||||
String jlFile = Paths.get(baseRaTempPath, jumplistFile.getName() + "_" + jumplistFile.getId()).toString();
|
String jlFile = Paths.get(baseRaTempPath, jumplistFile.getName() + "_" + jumplistFile.getId()).toString();
|
||||||
String moduleOutPath = Case.getCurrentCase().getModuleDirectory() + File.separator + RA_DIR_NAME + File.separator + JUMPLIST_DIR_NAME + "_" + dataSource.getId() + File.separator + jumplistFile.getName() + "_" + jumplistFile.getId();
|
String moduleOutPath = baseRaModPath + File.separator + jumplistFile.getName() + "_" + jumplistFile.getId();
|
||||||
derivedPath = RA_DIR_NAME + File.separator + JUMPLIST_DIR_NAME + "_" + dataSource.getId() + File.separator + jumplistFile.getName() + "_" + jumplistFile.getId();
|
derivedPath = RA_DIR_NAME + File.separator + JUMPLIST_DIR_NAME + "_" + ingestJobId + File.separator + jumplistFile.getName() + "_" + jumplistFile.getId();
|
||||||
File jlDir = new File(moduleOutPath);
|
File jlDir = new File(moduleOutPath);
|
||||||
if (jlDir.exists() == false) {
|
if (jlDir.exists() == false) {
|
||||||
boolean dirMade = jlDir.mkdirs();
|
boolean dirMade = jlDir.mkdirs();
|
||||||
@ -129,7 +131,7 @@ final class ExtractJumpLists extends Extract {
|
|||||||
*
|
*
|
||||||
* @return - list of jumplist abstractfiles or empty list
|
* @return - list of jumplist abstractfiles or empty list
|
||||||
*/
|
*/
|
||||||
private List<AbstractFile> extractJumplistFiles(Content dataSource, Long ingestJobId) {
|
private List<AbstractFile> extractJumplistFiles(Content dataSource, Long ingestJobId, String baseRaTempPath) {
|
||||||
List<AbstractFile> jumpListFiles = new ArrayList<>();;
|
List<AbstractFile> jumpListFiles = new ArrayList<>();;
|
||||||
List<AbstractFile> tempJumpListFiles = new ArrayList<>();;
|
List<AbstractFile> tempJumpListFiles = new ArrayList<>();;
|
||||||
|
|
||||||
@ -154,7 +156,6 @@ final class ExtractJumpLists extends Extract {
|
|||||||
if (!jumpListFile.getName().toLowerCase().contains("-slack") && !jumpListFile.getName().equals("..") &&
|
if (!jumpListFile.getName().toLowerCase().contains("-slack") && !jumpListFile.getName().equals("..") &&
|
||||||
!jumpListFile.getName().equals(".") && jumpListFile.getSize() > 0) {
|
!jumpListFile.getName().equals(".") && jumpListFile.getSize() > 0) {
|
||||||
String fileName = jumpListFile.getName() + "_" + jumpListFile.getId();
|
String fileName = jumpListFile.getName() + "_" + jumpListFile.getId();
|
||||||
String baseRaTempPath = RAImageIngestModule.getRATempPath(Case.getCurrentCase(), JUMPLIST_DIR_NAME+ "_" + dataSource.getId(), ingestJobId);
|
|
||||||
String jlFile = Paths.get(baseRaTempPath, fileName).toString();
|
String jlFile = Paths.get(baseRaTempPath, fileName).toString();
|
||||||
try {
|
try {
|
||||||
ContentUtils.writeToFile(jumpListFile, new File(jlFile));
|
ContentUtils.writeToFile(jumpListFile, new File(jlFile));
|
||||||
@ -196,7 +197,8 @@ final class ExtractJumpLists extends Extract {
|
|||||||
JLNK lnk = lnkParser.parse();
|
JLNK lnk = lnkParser.parse();
|
||||||
lnkFileName = lnk.getBestName() + ".lnk";
|
lnkFileName = lnk.getBestName() + ".lnk";
|
||||||
File targetFile = new File(moduleOutPath + File.separator + entry.getName() + "-" + lnkFileName);
|
File targetFile = new File(moduleOutPath + File.separator + entry.getName() + "-" + lnkFileName);
|
||||||
String derivedFileName = MODULE_OUTPUT_DIR + File.separator + derivedPath + File.separator + entry.getName() + "-" + lnkFileName;
|
String relativePath = Case.getCurrentCase().getModuleOutputDirectoryRelativePath();
|
||||||
|
String derivedFileName = Case.getCurrentCase().getModuleOutputDirectoryRelativePath() + File.separator + derivedPath + File.separator + entry.getName() + "-" + lnkFileName;
|
||||||
OutputStream outStream = new FileOutputStream(targetFile);
|
OutputStream outStream = new FileOutputStream(targetFile);
|
||||||
outStream.write(buffer);
|
outStream.write(buffer);
|
||||||
outStream.close();
|
outStream.close();
|
||||||
@ -226,6 +228,8 @@ final class ExtractJumpLists extends Extract {
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
} catch (NotOLE2FileException | EmptyFileException ex1) {
|
||||||
|
logger.log(Level.WARNING, String.format("Error file not a valid OLE2 Document $s", jumpListFile)); //NON-NLS
|
||||||
} catch (IOException | TskCoreException ex) {
|
} catch (IOException | TskCoreException ex) {
|
||||||
logger.log(Level.WARNING, String.format("Error lnk parsing the file to get recent files $s", jumpListFile), ex); //NON-NLS
|
logger.log(Level.WARNING, String.format("Error lnk parsing the file to get recent files $s", jumpListFile), ex); //NON-NLS
|
||||||
}
|
}
|
||||||
@ -235,3 +239,4 @@ final class ExtractJumpLists extends Extract {
|
|||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
@ -8,6 +8,9 @@ This is the User's Guide for the <a href="http://www.sleuthkit.org/autopsy/">ope
|
|||||||
|
|
||||||
Note: For those users running Autopsy on Mac devices, the functionality available through the "Tools" -> "Options" dialog as described in this documentation can be accessed through the system menu bar under "Preferences" or through the Cmd + , (command-comma) shortcut.
|
Note: For those users running Autopsy on Mac devices, the functionality available through the "Tools" -> "Options" dialog as described in this documentation can be accessed through the system menu bar under "Preferences" or through the Cmd + , (command-comma) shortcut.
|
||||||
|
|
||||||
|
Translated versions of this guide:
|
||||||
|
- <a href="https://sleuthkit.org/autopsy/docs/user-docs_fr/4.19.0/">Français (4.19.0)</a>
|
||||||
|
|
||||||
Help Topics
|
Help Topics
|
||||||
-------
|
-------
|
||||||
The following topics are available here:
|
The following topics are available here:
|
||||||
|
Loading…
x
Reference in New Issue
Block a user