mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-06 21:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

updates for analysis results in sample code

Browse Source
This commit is contained in:
Greg DiCristofaro 2021-07-20 08:01:20 -04:00
parent b1b3c9058b
commit 48ec3d7aa7
2 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pythonExamples/dataSourceIngestModule.py
View File

@ -86,8 +86,6 @@ class SampleJythonDataSourceIngestModuleFactory(IngestModuleFactoryAdapter):
# Data Source-level ingest module. One gets created per data source. # Data Source-level ingest module. One gets created per data source.
# TODO: Rename this to something more specific. Could just remove "Factory" from above name. # TODO: Rename this to something more specific. Could just remove "Factory" from above name.
class SampleJythonDataSourceIngestModule(DataSourceIngestModule): class SampleJythonDataSourceIngestModule(DataSourceIngestModule):
LIKELY_NOTABLE_SCORE = Score(Score.Significance.LIKELY_NOTABLE, Score.MethodCategory.AUTO)
_logger = Logger.getLogger(SampleJythonDataSourceIngestModuleFactory.moduleName) _logger = Logger.getLogger(SampleJythonDataSourceIngestModuleFactory.moduleName)
def log(self, level, msg): def log(self, level, msg):
@ -143,8 +141,8 @@ class SampleJythonDataSourceIngestModule(DataSourceIngestModule):
# Make an artifact on the blackboard. TSK_INTERESTING_FILE_HIT is a generic type of # Make an artifact on the blackboard. TSK_INTERESTING_FILE_HIT is a generic type of
# artfiact. Refer to the developer docs for other examples. # artfiact. Refer to the developer docs for other examples.
attrs = ArrayList() attrs = ArrayList()
attrs.add(BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME, SampleJythonDataSourceIngestModuleFactory.moduleName, "Test file")) attrs.add(BlackboardAttribute(BlackboardAttribute.Type.TSK_SET_NAME, SampleJythonDataSourceIngestModuleFactory.moduleName, "Test file"))
art = file.newAnalysisResult(BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT, self.LIKELY_NOTABLE_SCORE, None, "Test file", None, attrs) art = file.newAnalysisResult(BlackboardArtifact.Type.TSK_INTERESTING_FILE_HIT, Score.SCORE_LIKELY_NOTABLE, None, "Test file", None, attrs).getAnalysisResult()
try: try:
# index the artifact for keyword search # index the artifact for keyword search

5
pythonExamples/fileIngestModule.py
View File

@ -89,7 +89,6 @@ class SampleJythonFileIngestModuleFactory(IngestModuleFactoryAdapter):
# TODO: Rename this to something more specific. Could just remove "Factory" from above name. # TODO: Rename this to something more specific. Could just remove "Factory" from above name.
# Looks at the attributes of the passed in file. # Looks at the attributes of the passed in file.
class SampleJythonFileIngestModule(FileIngestModule): class SampleJythonFileIngestModule(FileIngestModule):
LIKELY_NOTABLE_SCORE = Score(Score.Significance.LIKELY_NOTABLE, Score.MethodCategory.AUTO)
_logger = Logger.getLogger(SampleJythonFileIngestModuleFactory.moduleName) _logger = Logger.getLogger(SampleJythonFileIngestModuleFactory.moduleName)
@ -130,9 +129,9 @@ class SampleJythonFileIngestModule(FileIngestModule):
# Make an artifact on the blackboard. TSK_INTERESTING_FILE_HIT is a generic type of # Make an artifact on the blackboard. TSK_INTERESTING_FILE_HIT is a generic type of
# artifact. Refer to the developer docs for other examples. # artifact. Refer to the developer docs for other examples.
attrs = ArrayList() attrs = ArrayList()
attrs.add(BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME, attrs.add(BlackboardAttribute(BlackboardAttribute.Type.TSK_SET_NAME,
SampleJythonFileIngestModuleFactory.moduleName, "Text Files")) SampleJythonFileIngestModuleFactory.moduleName, "Text Files"))
art = file.newAnalysisResult(BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT, self.LIKELY_NOTABLE_SCORE, None, "Text Files", None, attrs) art = file.newAnalysisResult(BlackboardArtifact.Type.TSK_INTERESTING_FILE_HIT, Score.SCORE_LIKELY_NOTABLE, None, "Text Files", None, attrs).getAnalysisResult()
try: try: