7673 Add ingest job IDs to artifact posts

RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Bundle.properties-MERGED

@@ -11,6 +11,7 @@ DataSourceUsage_FlashDrive=Flash Drive
 # {0} - OS name
 DataSourceUsageAnalyzer.customVolume.label=OS Drive ({0})
 DataSourceUsageAnalyzer.displayName=Data Source Usage Analyzer
+DefaultPriorityDomainCategorizer_searchEngineCategory=Search Engine
 DomainCategoryRunner_moduleName_text=Domain Category Analyzer
 DomainCategoryRunner_parentModuleName=Recent Activity
 DomainCategoryRunner_Progress_Message_Domain_Types=Finding Domain Types

RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chromium.java

@@ -252,7 +252,7 @@ class Chromium extends Extract {
                 break;
             }
             List<HashMap<String, Object>> tempList;
-            tempList = this.dbConnect(temps, HISTORY_QUERY);
+            tempList = this.querySQLiteDb(temps, HISTORY_QUERY);
             logger.log(Level.INFO, "{0}- Now getting history from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS
             for (HashMap<String, Object> result : tempList) {
                 Collection<BlackboardAttribute> bbattributes = new ArrayList<>();
@@ -494,7 +494,7 @@ class Chromium extends Extract {
                 break;
             }
 
-            List<HashMap<String, Object>> tempList = this.dbConnect(temps, COOKIE_QUERY);
+            List<HashMap<String, Object>> tempList = this.querySQLiteDb(temps, COOKIE_QUERY);
             logger.log(Level.INFO, "{0}- Now getting cookies from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS
             for (HashMap<String, Object> result : tempList) {
                 Collection<BlackboardAttribute> bbattributes = new ArrayList<>();
@@ -596,9 +596,9 @@ class Chromium extends Extract {
             List<HashMap<String, Object>> tempList;
 
             if (isChromePreVersion30(temps)) {
-                tempList = this.dbConnect(temps, DOWNLOAD_QUERY);
+                tempList = this.querySQLiteDb(temps, DOWNLOAD_QUERY);
             } else {
-                tempList = this.dbConnect(temps, DOWNLOAD_QUERY_V30);
+                tempList = this.querySQLiteDb(temps, DOWNLOAD_QUERY_V30);
             }
 
             logger.log(Level.INFO, "{0}- Now getting downloads from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS
@@ -710,7 +710,7 @@ class Chromium extends Extract {
                 dbFile.delete();
                 break;
             }
-            List<HashMap<String, Object>> tempList = this.dbConnect(temps, LOGIN_QUERY);
+            List<HashMap<String, Object>> tempList = this.querySQLiteDb(temps, LOGIN_QUERY);
             logger.log(Level.INFO, "{0}- Now getting login information from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS
             for (HashMap<String, Object> result : tempList) {
                 Collection<BlackboardAttribute> bbattributes = new ArrayList<>();
@@ -869,7 +869,7 @@ class Chromium extends Extract {
         String autoFillquery = (isSchemaV8X) ? AUTOFILL_QUERY_V8X
                 : AUTOFILL_QUERY;
 
-        List<HashMap<String, Object>> autofills = this.dbConnect(dbFilePath, autoFillquery);
+        List<HashMap<String, Object>> autofills = this.querySQLiteDb(dbFilePath, autoFillquery);
         logger.log(Level.INFO, "{0}- Now getting Autofill information from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), dbFilePath, autofills.size()}); //NON-NLS
         for (HashMap<String, Object> result : autofills) {
             Collection<BlackboardAttribute> bbattributes = new ArrayList<>();
@@ -943,7 +943,7 @@ class Chromium extends Extract {
         );
 
         // Get Web form addresses
-        List<HashMap<String, Object>> addresses = this.dbConnect(dbFilePath, webformAddressQuery);
+        List<HashMap<String, Object>> addresses = this.querySQLiteDb(dbFilePath, webformAddressQuery);
         logger.log(Level.INFO, "{0}- Now getting Web form addresses from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), dbFilePath, addresses.size()}); //NON-NLS
         for (HashMap<String, Object> result : addresses) {
 
@@ -1031,7 +1031,7 @@ class Chromium extends Extract {
 
     private boolean isChromePreVersion30(String temps) {
         String query = "PRAGMA table_info(downloads)"; //NON-NLS
-        List<HashMap<String, Object>> columns = this.dbConnect(temps, query);
+        List<HashMap<String, Object>> columns = this.querySQLiteDb(temps, query);
         for (HashMap<String, Object> col : columns) {
             if (col.get("name").equals("url")) { //NON-NLS
                 return true;

RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Extract.java

@@ -201,7 +201,7 @@ abstract class Extract {
      *         consists of a column name as a key and an Object as a column
      *         value, with empty strings substituted for nulls.
      */
-    protected List<HashMap<String, Object>> dbConnect(String path, String query) {
+    protected List<HashMap<String, Object>> querySQLiteDb(String path, String query) {
         ResultSet resultSet;
         List<HashMap<String, Object>> list;
         String connectionString = "jdbc:sqlite:" + path; //NON-NLS
@@ -233,7 +233,7 @@ abstract class Extract {
     private List<HashMap<String, Object>> resultSetToArrayList(ResultSet rs) throws SQLException {
         ResultSetMetaData md = rs.getMetaData();
         int columns = md.getColumnCount();
-        List<HashMap<String, Object>> list = new ArrayList<>(50);
+        List<HashMap<String, Object>> results = new ArrayList<>(50);
         while (rs.next()) {
             HashMap<String, Object> row = new HashMap<>(columns);
             for (int i = 1; i <= columns; ++i) {
@@ -243,10 +243,9 @@ abstract class Extract {
                     row.put(md.getColumnName(i), rs.getObject(i));
                 }
             }
-            list.add(row);
+            results.add(row);
         }
-
+        return results;
-        return list;
     }
 
     /**
@@ -297,19 +296,21 @@ abstract class Extract {
     }
 
     /**
-     * Creates a list of attributes for a history artifact.
+     * Creates a list of attributes for a web history artifact.
      *
-     * @param url
+     * @param url         The URL, may be null.
-     * @param accessTime  Time url was accessed
+     * @param accessTime  The time the URL was accessed, may be null.
-     * @param referrer    referred url
+     * @param referrer    The referring URL, may be null.
-     * @param title       title of the page
+     * @param title       Title of the returned resource, may be null.
-     * @param programName module name
+     * @param programName The program that executed the request, may be the
-     * @param domain      domain of the url
+     *                    empty string, may be null.
-     * @param user        user that accessed url
+     * @param domain      The domain of the URL, may be null.
+     * @param user        The user that accessed URL, may be null.
      *
-     * @return List of BlackboardAttributes for giving attributes
+     * @return The list of attributes.
      *
-     * @throws TskCoreException
+     * @throws TskCoreException The exception is thrown if there is an issue
+     *                          creating the attributes.
      */
     protected Collection<BlackboardAttribute> createHistoryAttributes(String url, Long accessTime,
             String referrer, String title, String programName, String domain, String user) throws TskCoreException {
@@ -348,16 +349,16 @@ abstract class Extract {
     }
 
     /**
-     * Creates a list of attributes for a cookie.
+     * Creates a list of attributes for a web cookie artifact.
      *
-     * @param url          cookie url
+     * @param url          The cookie url, may be null.
-     * @param creationTime cookie creation time
+     * @param creationTime The cookie creation time, may be null.
-     * @param name         cookie name
+     * @param name         The cookie name, may be null.
-     * @param value        cookie value
+     * @param value        The cookie value, may be null.
-     * @param programName  Name of the module creating the attribute
+     * @param programName  The program that created the cookie, may be null.
-     * @param domain       Domain of the URL
+     * @param domain       The domain of the cookie URL, may be null.
      *
-     * @return List of BlackboarAttributes for the passed in attributes
+     * @return The list of attributes.
      */
     protected Collection<BlackboardAttribute> createCookieAttributes(String url,
             Long creationTime, Long accessTime, Long endTime, String name, String value, String programName, String domain) {
@@ -402,15 +403,16 @@ abstract class Extract {
     }
 
     /**
-     * Creates a list of bookmark attributes from the passed in parameters.
+     * Creates a list of attributes for a web bookmark artifact.
      *
-     * @param url          Bookmark url.
+     * @param url          The bookmark URL, may be null.
-     * @param title        Title of the bookmarked page.
+     * @param title        The title of the bookmarked page, may be null.
-     * @param creationTime Date and time at which the bookmark was created
+     * @param creationTime The date and time at which the bookmark was created,
-     * @param programName  Name of the program creating the attribute RJCTODO
+     *                     may be null.
-     * @param domain       The domain of the bookmark's url
+     * @param programName  The program that created the bookmark, may be null.
+     * @param domain       The domain of the bookmark's URL, may be null.
      *
-     * @return A collection of bookmark attributes
+     * @return The list of attributes.
      */
     protected Collection<BlackboardAttribute> createBookmarkAttributes(String url, String title, Long creationTime, String programName, String domain) {
         Collection<BlackboardAttribute> bbattributes = new ArrayList<>();
@@ -440,15 +442,15 @@ abstract class Extract {
     }
 
     /**
-     * Creates a list of the attributes of a downloaded file
+     * Creates a list of attributes for a web download artifact.
      *
-     * @param path
+     * @param path        The path of the downloaded file, may be null.
-     * @param url         URL of the downloaded file
+     * @param url         The URL of the downloaded file, may be null.
-     * @param accessTime  Time the download occurred
+     * @param accessTime  The time the download occurred, may be null.
-     * @param domain      Domain of the URL
+     * @param domain      The domain of the URL, may be null.
-     * @param programName Name of the module creating the attribute
+     * @param programName The program that downloaded the file, may be null.
      *
-     * @return A collection of attributes of a downloaded file
+     * @return The list of attributes.
      */
     protected Collection<BlackboardAttribute> createDownloadAttributes(String path, Long pathID, String url, Long accessTime, String domain, String programName) {
         Collection<BlackboardAttribute> bbattributes = new ArrayList<>();
@@ -483,21 +485,6 @@ abstract class Extract {
         return bbattributes;
     }
 
-    /**
-     * Creates a list of the attributes for source of a downloaded file
-     *
-     * @param url source URL of the downloaded file
-     *
-     * @return A collection of attributes for source of a downloaded file
-     */
-    protected Collection<BlackboardAttribute> createDownloadSourceAttributes(String url) {
-        Collection<BlackboardAttribute> bbattributes = new ArrayList<>();
-        bbattributes.add(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL,
-                RecentActivityExtracterModuleFactory.getModuleName(),
-                (url != null) ? url : "")); //NON-NLS
-        return bbattributes;
-    }
-
     /**
      * Writes a file to disk in this extractor's dedicated temp directory within
      * the Recent Activity ingest modules temp directory. The object ID of the

RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractSafari.java

@@ -395,7 +395,7 @@ final class ExtractSafari extends Extract {
      * @throws TskCoreException
      */
     private Collection<BlackboardArtifact> getHistoryArtifacts(AbstractFile origFile, Path tempFilePath) throws TskCoreException {
-        List<HashMap<String, Object>> historyList = this.dbConnect(tempFilePath.toString(), HISTORY_QUERY);
+        List<HashMap<String, Object>> historyList = this.querySQLiteDb(tempFilePath.toString(), HISTORY_QUERY);
 
         if (historyList == null || historyList.isEmpty()) {
             return null;

RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java

@@ -208,7 +208,7 @@ class Firefox extends Extract {
                 dbFile.delete();
                 break;
             }
-            List<HashMap<String, Object>> tempList = this.dbConnect(temps, HISTORY_QUERY);
+            List<HashMap<String, Object>> tempList = this.querySQLiteDb(temps, HISTORY_QUERY);
             logger.log(Level.INFO, "{0} - Now getting history from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS
             for (HashMap<String, Object> result : tempList) {
 
@@ -310,7 +310,7 @@ class Firefox extends Extract {
                 dbFile.delete();
                 break;
             }
-            List<HashMap<String, Object>> tempList = this.dbConnect(temps, BOOKMARK_QUERY);
+            List<HashMap<String, Object>> tempList = this.querySQLiteDb(temps, BOOKMARK_QUERY);
             logger.log(Level.INFO, "{0} - Now getting bookmarks from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS
             for (HashMap<String, Object> result : tempList) {
 
@@ -421,7 +421,7 @@ class Firefox extends Extract {
                 query = COOKIE_QUERY_V3;
             }
 
-            List<HashMap<String, Object>> tempList = this.dbConnect(temps, query);
+            List<HashMap<String, Object>> tempList = this.querySQLiteDb(temps, query);
             logger.log(Level.INFO, "{0} - Now getting cookies from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS
             for (HashMap<String, Object> result : tempList) {
 
@@ -542,7 +542,7 @@ class Firefox extends Extract {
                 break;
             }
 
-            List<HashMap<String, Object>> tempList = this.dbConnect(temps, DOWNLOAD_QUERY);
+            List<HashMap<String, Object>> tempList = this.querySQLiteDb(temps, DOWNLOAD_QUERY);
             logger.log(Level.INFO, "{0}- Now getting downloads from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS
             for (HashMap<String, Object> result : tempList) {
 
@@ -678,7 +678,7 @@ class Firefox extends Extract {
                 break;
             }
 
-            List<HashMap<String, Object>> tempList = this.dbConnect(temps, DOWNLOAD_QUERY_V24);
+            List<HashMap<String, Object>> tempList = this.querySQLiteDb(temps, DOWNLOAD_QUERY_V24);
 
             logger.log(Level.INFO, "{0} - Now getting downloads from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS
             for (HashMap<String, Object> result : tempList) {
@@ -824,7 +824,7 @@ class Firefox extends Extract {
             boolean isFirefoxV64 = Util.checkColumn("timesUsed", "moz_formhistory", tempFilePath);
             String formHistoryQuery = (isFirefoxV64) ? FORMHISTORY_QUERY_V64 : FORMHISTORY_QUERY;
 
-            List<HashMap<String, Object>> tempList = this.dbConnect(tempFilePath, formHistoryQuery);
+            List<HashMap<String, Object>> tempList = this.querySQLiteDb(tempFilePath, formHistoryQuery);
             logger.log(Level.INFO, "{0} - Now getting history from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), tempFilePath, tempList.size()}); //NON-NLS
             for (HashMap<String, Object> result : tempList) {