From cb01eb40cdcd931fac02afdcfd520941dd927c64 Mon Sep 17 00:00:00 2001 From: Richard Cordovano Date: Thu, 6 Nov 2014 21:14:26 -0500 Subject: [PATCH 1/2] Make recent activity module cancellable --- .../sleuthkit/autopsy/coreutils/ExecUtil.java | 5 +- ...ampleExecutableDataSourceIngestModule.java | 27 ++-- .../PhotoRecCarverFileIngestModule.java | 2 +- .../sevenzip/SevenZipIngestModule.java | 2 +- .../KeywordSearchIngestModule.java | 3 +- .../autopsy/recentactivity/Chrome.java | 10 +- .../autopsy/recentactivity/ExtractIE.java | 46 +++---- .../recentactivity/ExtractRegistry.java | 120 ++++++------------ .../autopsy/recentactivity/Firefox.java | 14 +- .../recentactivity/RAImageIngestModule.java | 4 +- .../recentactivity/RecentDocumentsByLnk.java | 2 +- .../SearchEngineURLQueryAnalyzer.java | 4 +- 12 files changed, 102 insertions(+), 137 deletions(-) diff --git a/Core/src/org/sleuthkit/autopsy/coreutils/ExecUtil.java b/Core/src/org/sleuthkit/autopsy/coreutils/ExecUtil.java index 8005609470..22e44f5f80 100644 --- a/Core/src/org/sleuthkit/autopsy/coreutils/ExecUtil.java +++ b/Core/src/org/sleuthkit/autopsy/coreutils/ExecUtil.java @@ -149,7 +149,10 @@ public final class ExecUtil { logger.log(Level.WARNING, "Error occurred when attempting to kill process: {0}", ex.getMessage()); // NON-NLS } } - + + /** + * EVERYTHING FOLLOWING THIS LINE IS DEPRECATED AND SLATED FOR REMOVAL + */ private static final Logger logger = Logger.getLogger(ExecUtil.class.getName()); private Process proc = null; private ExecUtil.StreamToStringRedirect errorStringRedirect = null; diff --git a/Core/src/org/sleuthkit/autopsy/examples/SampleExecutableDataSourceIngestModule.java b/Core/src/org/sleuthkit/autopsy/examples/SampleExecutableDataSourceIngestModule.java index 98e8029932..ebc3c48eca 100755 --- a/Core/src/org/sleuthkit/autopsy/examples/SampleExecutableDataSourceIngestModule.java +++ b/Core/src/org/sleuthkit/autopsy/examples/SampleExecutableDataSourceIngestModule.java @@ -52,6 +52,7 @@ import org.sleuthkit.autopsy.externalresults.ExternalResults; import org.sleuthkit.autopsy.externalresults.ExternalResultsImporter; import org.sleuthkit.autopsy.externalresults.ExternalResultsXMLParser; import org.sleuthkit.autopsy.ingest.DataSourceIngestModule; +import org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProcessTerminator; import org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProgress; import org.sleuthkit.autopsy.ingest.IngestJobContext; import org.sleuthkit.autopsy.ingest.IngestMessage; @@ -73,15 +74,15 @@ public class SampleExecutableDataSourceIngestModule implements DataSourceIngestM private static final IngestModuleReferenceCounter refCounter = new IngestModuleReferenceCounter(); private static final String moduleName = SampleExecutableIngestModuleFactory.getModuleName(); - private final String fileInCaseDatabase = "/WINDOWS/system32/ntmsapi.dll"; // Probably - private long jobId; + private final String fileInCaseDatabase = "/WINDOWS/system32/ntmsapi.dll"; // Probably + private IngestJobContext context; private String outputDirPath; private String derivedFileInCaseDatabase; @Override public void startUp(IngestJobContext context) throws IngestModuleException { - jobId = context.getJobId(); - if (refCounter.incrementAndGet(jobId) == 1) { + this.context = context; + if (refCounter.incrementAndGet(context.getJobId()) == 1) { // Create an output directory for this job. outputDirPath = Case.getCurrentCase().getModulesOutputDirAbsPath() + File.separator + moduleName; //NON-NLS File outputDir = new File(outputDirPath); @@ -93,7 +94,7 @@ public class SampleExecutableDataSourceIngestModule implements DataSourceIngestM @Override public ProcessResult process(Content dataSource, DataSourceIngestModuleProgress progressBar) { - if (refCounter.get(jobId) == 1) { + if (refCounter.get(context.getJobId()) == 1) { try { // There will be two tasks: data source analysis and import of // the results of the analysis. @@ -108,14 +109,18 @@ public class SampleExecutableDataSourceIngestModule implements DataSourceIngestM // derived files, and reports generated by the analysis. In this // sample ingest module, the generation of the analysis results is // simulated. - String resultsFilePath = outputDirPath + File.separator + String.format("job_%d_results.xml", jobId); + String resultsFilePath = outputDirPath + File.separator + String.format("job_%d_results.xml", context); boolean haveRealExecutable = false; if (haveRealExecutable) { if (dataSource instanceof Image) { Image image = (Image)dataSource; String dataSourcePath = image.getPaths()[0]; - ExecUtil executor = new ExecUtil(); - executor.execute("some.exe", dataSourcePath, resultsFilePath); + List commandLine = new ArrayList<>(); + commandLine.add("some.exe"); + commandLine.add(dataSourcePath); + commandLine.add(resultsFilePath); + ProcessBuilder processBuilder = new ProcessBuilder(commandLine); + ExecUtil.execute(processBuilder, new DataSourceIngestModuleProcessTerminator(context)); } // not a disk image else { @@ -136,7 +141,7 @@ public class SampleExecutableDataSourceIngestModule implements DataSourceIngestM IngestServices.getInstance().postMessage(IngestMessage.createErrorMessage(moduleName, "External Results Import Error", errorInfo.getMessage())); } progressBar.progress(2); - } catch (InterruptedException | ParserConfigurationException | TransformerException | IOException ex) { + } catch (ParserConfigurationException | TransformerException | IOException ex) { Logger logger = IngestServices.getInstance().getLogger(moduleName); logger.log(Level.SEVERE, "Failed to simulate analysis and results import", ex); //NON-NLS return ProcessResult.ERROR; @@ -155,7 +160,7 @@ public class SampleExecutableDataSourceIngestModule implements DataSourceIngestM List filePaths = new ArrayList<>(); String fileContents = "This is a simulated derived file."; for (int i = 0; i < 2; ++i) { - String fileName = String.format("job_%d_derived_file_%d.txt", jobId, i); + String fileName = String.format("job_%d_derived_file_%d.txt", context.getJobId(), i); filePaths.add(generateFile(fileName, fileContents.getBytes())); if (i == 0) { this.derivedFileInCaseDatabase = this.fileInCaseDatabase + "/" + fileName; @@ -168,7 +173,7 @@ public class SampleExecutableDataSourceIngestModule implements DataSourceIngestM List filePaths = new ArrayList<>(); String fileContents = "This is a simulated report."; for (int i = 0; i < 2; ++i) { - String fileName = String.format("job_%d_report_%d.txt", jobId, i); + String fileName = String.format("job_%d_report_%d.txt", context.getJobId(), i); filePaths.add(generateFile(fileName, fileContents.getBytes())); } return filePaths; diff --git a/Core/src/org/sleuthkit/autopsy/modules/photoreccarver/PhotoRecCarverFileIngestModule.java b/Core/src/org/sleuthkit/autopsy/modules/photoreccarver/PhotoRecCarverFileIngestModule.java index aede55d33c..ffb5447804 100755 --- a/Core/src/org/sleuthkit/autopsy/modules/photoreccarver/PhotoRecCarverFileIngestModule.java +++ b/Core/src/org/sleuthkit/autopsy/modules/photoreccarver/PhotoRecCarverFileIngestModule.java @@ -216,7 +216,7 @@ final class PhotoRecCarverFileIngestModule implements FileIngestModule { PhotoRecCarverOutputParser parser = new PhotoRecCarverOutputParser(outputDirPath); List theList = parser.parse(newAuditFile, id, file); if (theList != null) { // if there were any results from carving, add the unallocated carving event to the reports list. - context.scheduleFiles(new ArrayList<>(theList)); + context.addFilesToJob(new ArrayList<>(theList)); } } catch (IOException ex) { diff --git a/Core/src/org/sleuthkit/autopsy/modules/sevenzip/SevenZipIngestModule.java b/Core/src/org/sleuthkit/autopsy/modules/sevenzip/SevenZipIngestModule.java index 1d02f1c5d8..e4efa94892 100644 --- a/Core/src/org/sleuthkit/autopsy/modules/sevenzip/SevenZipIngestModule.java +++ b/Core/src/org/sleuthkit/autopsy/modules/sevenzip/SevenZipIngestModule.java @@ -181,7 +181,7 @@ public final class SevenZipIngestModule implements FileIngestModule { //currently sending a single event for all new files services.fireModuleContentEvent(new ModuleContentEvent(abstractFile)); - context.scheduleFiles(unpackedFiles); + context.addFilesToJob(unpackedFiles); } return ProcessResult.OK; diff --git a/KeywordSearch/src/org/sleuthkit/autopsy/keywordsearch/KeywordSearchIngestModule.java b/KeywordSearch/src/org/sleuthkit/autopsy/keywordsearch/KeywordSearchIngestModule.java index a2b74a2946..7fafe1abb5 100644 --- a/KeywordSearch/src/org/sleuthkit/autopsy/keywordsearch/KeywordSearchIngestModule.java +++ b/KeywordSearch/src/org/sleuthkit/autopsy/keywordsearch/KeywordSearchIngestModule.java @@ -247,8 +247,7 @@ public final class KeywordSearchIngestModule implements FileIngestModule { return; } - if (context.isJobCancelled()) { - logger.log(Level.INFO, "Ingest job cancelled"); //NON-NLS + if (context.fileIngestIsCancelled()) { stop(); return; } diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chrome.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chrome.java index e1b7f32f9f..abaaf2a84d 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chrome.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chrome.java @@ -128,7 +128,7 @@ class Chrome extends Extract { continue; } File dbFile = new File(temps); - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { dbFile.delete(); break; } @@ -204,7 +204,7 @@ class Chrome extends Extract { logger.log(Level.INFO, "{0}- Now getting Bookmarks from {1}", new Object[]{moduleName, temps}); //NON-NLS File dbFile = new File(temps); - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { dbFile.delete(); break; } @@ -341,7 +341,7 @@ class Chrome extends Extract { continue; } File dbFile = new File(temps); - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { dbFile.delete(); break; } @@ -416,7 +416,7 @@ class Chrome extends Extract { continue; } File dbFile = new File(temps); - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { dbFile.delete(); break; } @@ -504,7 +504,7 @@ class Chrome extends Extract { continue; } File dbFile = new File(temps); - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { dbFile.delete(); break; } diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java index 735ad9d92a..451164e0b0 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java @@ -52,6 +52,7 @@ import org.sleuthkit.datamodel.BlackboardAttribute; import org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE; import org.sleuthkit.datamodel.Content; import org.sleuthkit.autopsy.coreutils.PlatformUtil; +import org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProcessTerminator; import org.sleuthkit.autopsy.ingest.IngestJobContext; import org.sleuthkit.datamodel.*; @@ -111,7 +112,7 @@ class ExtractIE extends Extract { continue; } - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { break; } @@ -201,7 +202,7 @@ class ExtractIE extends Extract { dataFound = true; for (AbstractFile cookiesFile : cookiesFiles) { - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { break; } if (cookiesFile.getSize() == 0) { @@ -309,7 +310,7 @@ class ExtractIE extends Extract { //indexFileName = "index" + Long.toString(bbart.getArtifactID()) + ".dat"; temps = RAImageIngestModule.getRATempPath(currentCase, "IE") + File.separator + indexFileName; //NON-NLS File datFile = new File(temps); - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { break; } try { @@ -324,6 +325,9 @@ class ExtractIE extends Extract { String filename = "pasco2Result." + indexFile.getId() + ".txt"; //NON-NLS boolean bPascProcSuccess = executePasco(temps, filename); + if (context.dataSourceIngestIsCancelled()) { + return; + } //At this point pasco2 proccessed the index files. //Now fetch the results, parse them and the delete the files. @@ -354,34 +358,26 @@ class ExtractIE extends Extract { */ private boolean executePasco(String indexFilePath, String outputFileName) { boolean success = true; - - Writer writer = null; - ExecUtil execPasco = new ExecUtil(); try { final String outputFileFullPath = moduleTempResultsDir + File.separator + outputFileName; - logger.log(Level.INFO, "Writing pasco results to: {0}", outputFileFullPath); //NON-NLS - writer = new FileWriter(outputFileFullPath); - execPasco.execute(writer, JAVA_PATH, - "-cp", PASCO_LIB_PATH, //NON-NLS - "isi.pasco2.Main", "-T", "history", indexFilePath ); //NON-NLS + final String errFileFullPath = moduleTempResultsDir + File.separator + outputFileName + ".err"; + logger.log(Level.INFO, "Writing pasco results to: {0}", outputFileFullPath); //NON-NLS + List commandLine = new ArrayList<>(); + commandLine.add(JAVA_PATH); + commandLine.add("-cp"); //NON-NLS + commandLine.add(PASCO_LIB_PATH); + commandLine.add("isi.pasco2.Main"); //NON-NLS + commandLine.add("-T"); + commandLine.add("history"); + commandLine.add(indexFilePath); + ProcessBuilder processBuilder = new ProcessBuilder(commandLine); + processBuilder.redirectOutput(new File(outputFileFullPath)); + processBuilder.redirectError(new File(errFileFullPath)); + ExecUtil.execute(processBuilder, new DataSourceIngestModuleProcessTerminator(context)); // @@@ Investigate use of history versus cache as type. } catch (IOException ex) { success = false; logger.log(Level.SEVERE, "Unable to execute Pasco to process Internet Explorer web history.", ex); //NON-NLS - } catch (InterruptedException ex) { - success = false; - logger.log(Level.SEVERE, "Pasco has been interrupted, failed to extract some web history from Internet Explorer.", ex); //NON-NLS - } - finally { - if (writer != null) { - try { - writer.flush(); - writer.close(); - } catch (IOException ex) { - logger.log(Level.WARNING, "Error closing writer stream after for Pasco result", ex); //NON-NLS - } - } - execPasco.stop(); } return success; } diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java index 1448740ff8..fc62e403eb 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java @@ -37,6 +37,7 @@ import org.sleuthkit.autopsy.coreutils.ExecUtil; import org.sleuthkit.autopsy.coreutils.Logger; import org.sleuthkit.autopsy.coreutils.PlatformUtil; import org.sleuthkit.autopsy.datamodel.ContentUtils; +import org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProcessTerminator; import org.sleuthkit.autopsy.ingest.IngestJobContext; import org.sleuthkit.autopsy.recentactivity.UsbDeviceIdMapper.USBInfo; import org.sleuthkit.datamodel.*; @@ -57,19 +58,15 @@ import org.xml.sax.SAXException; */ class ExtractRegistry extends Extract { - private Logger logger = Logger.getLogger(this.getClass().getName()); + private static final Logger logger = Logger.getLogger(ExtractRegistry.class.getName()); private String RR_PATH; private String RR_FULL_PATH; private boolean rrFound = false; // true if we found the Autopsy-specific version of regripper - private boolean rrFullFound = false; // true if we found the full version of regripper - final private static String MODULE_VERSION = "1.0"; - + private boolean rrFullFound = false; // true if we found the full version of regripper private Content dataSource; private IngestJobContext context; - final private static UsbDeviceIdMapper usbMapper = new UsbDeviceIdMapper(); - //hide public constructor to prevent from instantiation by ingest module loader ExtractRegistry() { moduleName = NbBundle.getMessage(ExtractIE.class, "ExtractRegistry.moduleName.text"); final File rrRoot = InstalledFileLocator.getDefault().locate("rr", ExtractRegistry.class.getPackage().getName(), false); //NON-NLS @@ -169,7 +166,7 @@ class ExtractRegistry extends Extract { continue; } - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { break; } @@ -182,10 +179,9 @@ class ExtractRegistry extends Extract { logger.log(Level.SEVERE, null, ex); } - logger.log(Level.INFO, moduleName + "- Now getting registry information from " + regFileNameLocal); //NON-NLS - RegOutputFiles regOutputFiles = executeRegRip(regFileNameLocal, outputPathBase); - - if (context.isJobCancelled()) { + logger.log(Level.INFO, "{0}- Now getting registry information from {1}", new Object[]{moduleName, regFileNameLocal}); //NON-NLS + RegOutputFiles regOutputFiles = ripRegistryFile(regFileNameLocal, outputPathBase); + if (context.dataSourceIngestIsCancelled()) { break; } @@ -268,9 +264,9 @@ class ExtractRegistry extends Extract { * @param regFilePath Path to local copy of registry * @param outFilePathBase Path to location to save output file to. Base mtimeItem that will be extended on */ - private RegOutputFiles executeRegRip(String regFilePath, String outFilePathBase) { + private RegOutputFiles ripRegistryFile(String regFilePath, String outFilePathBase) { String autopsyType = ""; // Type argument for rr for autopsy-specific modules - String fullType = ""; // Type argument for rr for full set of modules + String fullType; // Type argument for rr for full set of modules RegOutputFiles regOutputFiles = new RegOutputFiles(); @@ -298,78 +294,44 @@ class ExtractRegistry extends Extract { // run the autopsy-specific set of modules if (!autopsyType.isEmpty() && rrFound) { - // TODO - add error messages - Writer writer = null; - ExecUtil execRR = null; - try { - regOutputFiles.autopsyPlugins = outFilePathBase + "-autopsy.txt"; //NON-NLS - logger.log(Level.INFO, "Writing RegRipper results to: " + regOutputFiles.autopsyPlugins); //NON-NLS - writer = new FileWriter(regOutputFiles.autopsyPlugins); - execRR = new ExecUtil(); - execRR.execute(writer, RR_PATH, - "-r", regFilePath, "-f", autopsyType); //NON-NLS - } catch (IOException ex) { - logger.log(Level.SEVERE, "Unable to RegRipper and process parse some registry files.", ex); //NON-NLS - this.addErrorMessage( - NbBundle.getMessage(this.getClass(), "ExtractRegistry.execRegRip.errMsg.failedAnalyzeRegFile", - this.getName())); - } catch (InterruptedException ex) { - logger.log(Level.SEVERE, "RegRipper has been interrupted, failed to parse registry.", ex); //NON-NLS - this.addErrorMessage( - NbBundle.getMessage(this.getClass(), "ExtractRegistry.execRegRip.errMsg.failedAnalyzeRegFile2", - this.getName())); - } finally { - if (writer != null) { - try { - writer.close(); - } catch (IOException ex) { - logger.log(Level.SEVERE, "Error closing output writer after running RegRipper", ex); //NON-NLS - } - } - if (execRR != null) { - execRR.stop(); - } - } + regOutputFiles.autopsyPlugins = outFilePathBase + "-autopsy.txt"; //NON-NLS + String errFilePath = outFilePathBase + "-autopsy.err.txt"; //NON-NLS + logger.log(Level.INFO, "Writing RegRipper results to: {0}", regOutputFiles.autopsyPlugins); //NON-NLS + executeRegRipper(regFilePath, autopsyType, regOutputFiles.autopsyPlugins, errFilePath); + } + if (context.dataSourceIngestIsCancelled()) { + return regOutputFiles; } // run the full set of rr modules if (!fullType.isEmpty() && rrFullFound) { - Writer writer = null; - ExecUtil execRR = null; - try { - regOutputFiles.fullPlugins = outFilePathBase + "-full.txt"; //NON-NLS - logger.log(Level.INFO, "Writing Full RegRipper results to: " + regOutputFiles.fullPlugins); //NON-NLS - writer = new FileWriter(regOutputFiles.fullPlugins); - execRR = new ExecUtil(); - execRR.execute(writer, RR_FULL_PATH, - "-r", regFilePath, "-f", fullType); //NON-NLS - } catch (IOException ex) { - logger.log(Level.SEVERE, "Unable to run full RegRipper and process parse some registry files.", ex); //NON-NLS - this.addErrorMessage( - NbBundle.getMessage(this.getClass(), "ExtractRegistry.execRegRip.errMsg.failedAnalyzeRegFile3", - this.getName())); - } catch (InterruptedException ex) { - logger.log(Level.SEVERE, "RegRipper full has been interrupted, failed to parse registry.", ex); //NON-NLS - this.addErrorMessage( - NbBundle.getMessage(this.getClass(), "ExtractRegistry.execRegRip.errMsg.failedAnalyzeRegFile4", - this.getName())); - } finally { - if (writer != null) { - try { - writer.close(); - } catch (IOException ex) { - logger.log(Level.SEVERE, "Error closing output writer after running RegRipper full", ex); //NON-NLS - } - } - if (execRR != null) { - execRR.stop(); - } - } - } - + regOutputFiles.fullPlugins = outFilePathBase + "-full.txt"; //NON-NLS + String errFilePath = outFilePathBase + "-full.err.txt"; //NON-NLS + logger.log(Level.INFO, "Writing Full RegRipper results to: {0}", regOutputFiles.fullPlugins); //NON-NLS + executeRegRipper(regFilePath, fullType, regOutputFiles.fullPlugins, errFilePath); + } return regOutputFiles; } + private void executeRegRipper(String hiveFilePath, String hiveFileType, String outputFile, String errFile) { + try { + logger.log(Level.INFO, "Writing RegRipper results to: {0}", outputFile); //NON-NLS + List commandLine = new ArrayList<>(); + commandLine.add(RR_PATH); + commandLine.add("-r"); //NON-NLS + commandLine.add(hiveFilePath); + commandLine.add("-f"); //NON-NLS + commandLine.add(hiveFileType); + ProcessBuilder processBuilder = new ProcessBuilder(commandLine); + processBuilder.redirectOutput(new File(outputFile)); + processBuilder.redirectError(new File(errFile)); + ExecUtil.execute(processBuilder, new DataSourceIngestModuleProcessTerminator(context)); + } catch (IOException ex) { + logger.log(Level.SEVERE, "Unable to run RegRipper", ex); //NON-NLS + this.addErrorMessage(NbBundle.getMessage(this.getClass(), "ExtractRegistry.execRegRip.errMsg.failedAnalyzeRegFile", this.getName())); + } + } + // @@@ VERIFY that we are doing the right thing when we parse multiple NTUSER.DAT /** * @@ -558,7 +520,7 @@ class ExtractRegistry extends Extract { } break; default: - logger.log(Level.WARNING, "Unercognized node name: " + dataType); + logger.log(Level.WARNING, "Unrecognized node name: {0}", dataType); break; } } diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java index 61497afbb1..1d5b4d679a 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java @@ -116,7 +116,7 @@ class Firefox extends Extract { continue; } File dbFile = new File(temps); - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { dbFile.delete(); break; } @@ -197,7 +197,7 @@ class Firefox extends Extract { continue; } File dbFile = new File(temps); - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { dbFile.delete(); break; } @@ -277,7 +277,7 @@ class Firefox extends Extract { continue; } File dbFile = new File(temps); - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { dbFile.delete(); break; } @@ -385,16 +385,16 @@ class Firefox extends Extract { continue; } File dbFile = new File(temps); - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { dbFile.delete(); break; } List> tempList = this.dbConnect(temps, downloadQuery); - logger.log(Level.INFO, moduleName + "- Now getting downloads from " + temps + " with " + tempList.size() + "artifacts identified."); //NON-NLS + logger.log(Level.INFO, "{0}- Now getting downloads from {1} with {2}artifacts identified.", new Object[]{moduleName, temps, tempList.size()}); //NON-NLS for (HashMap result : tempList) { - Collection bbattributes = new ArrayList(); + Collection bbattributes = new ArrayList<>(); bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_URL.getTypeID(), NbBundle.getMessage(this.getClass(), @@ -494,7 +494,7 @@ class Firefox extends Extract { continue; } File dbFile = new File(temps); - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { dbFile.delete(); break; } diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/RAImageIngestModule.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/RAImageIngestModule.java index 7cbcbf4e23..1600472f43 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/RAImageIngestModule.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/RAImageIngestModule.java @@ -93,7 +93,7 @@ public final class RAImageIngestModule implements DataSourceIngestModule { for (int i = 0; i < extracters.size(); i++) { Extract extracter = extracters.get(i); - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { logger.log(Level.INFO, "Recent Activity has been canceled, quitting before {0}", extracter.getName()); //NON-NLS break; } @@ -161,7 +161,7 @@ public final class RAImageIngestModule implements DataSourceIngestModule { historyMsg.toString()); services.postMessage(inboxMsg); - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { return ProcessResult.OK; } diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/RecentDocumentsByLnk.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/RecentDocumentsByLnk.java index 7496e8a888..cac4c1f9d9 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/RecentDocumentsByLnk.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/RecentDocumentsByLnk.java @@ -79,7 +79,7 @@ class RecentDocumentsByLnk extends Extract { dataFound = true; for (AbstractFile recentFile : recentFiles) { - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { break; } diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/SearchEngineURLQueryAnalyzer.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/SearchEngineURLQueryAnalyzer.java index f322e828c9..5e5e3ab5f7 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/SearchEngineURLQueryAnalyzer.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/SearchEngineURLQueryAnalyzer.java @@ -278,7 +278,7 @@ class SearchEngineURLQueryAnalyzer extends Extract { logger.log(Level.INFO, "Processing {0} blackboard artifacts.", listArtifacts.size()); //NON-NLS for (BlackboardArtifact artifact : listArtifacts) { - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { break; //User cancled the process. } @@ -346,7 +346,7 @@ class SearchEngineURLQueryAnalyzer extends Extract { } catch (TskCoreException e) { logger.log(Level.SEVERE, "Encountered error retrieving artifacts for search engine queries", e); //NON-NLS } finally { - if (context.isJobCancelled()) { + if (context.dataSourceIngestIsCancelled()) { logger.info("Operation terminated by user."); //NON-NLS } IngestServices.getInstance().fireModuleDataEvent(new ModuleDataEvent( From 2562cd684ec4850217de0b79bc1ec936e2d75db1 Mon Sep 17 00:00:00 2001 From: Richard Cordovano Date: Thu, 6 Nov 2014 22:04:23 -0500 Subject: [PATCH 2/2] Fix typos in recent activity module --- .../examples/SampleExecutableDataSourceIngestModule.java | 2 +- .../src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java | 4 ++-- .../org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java | 2 +- .../src/org/sleuthkit/autopsy/recentactivity/Firefox.java | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Core/src/org/sleuthkit/autopsy/examples/SampleExecutableDataSourceIngestModule.java b/Core/src/org/sleuthkit/autopsy/examples/SampleExecutableDataSourceIngestModule.java index ebc3c48eca..338e881398 100755 --- a/Core/src/org/sleuthkit/autopsy/examples/SampleExecutableDataSourceIngestModule.java +++ b/Core/src/org/sleuthkit/autopsy/examples/SampleExecutableDataSourceIngestModule.java @@ -109,7 +109,7 @@ public class SampleExecutableDataSourceIngestModule implements DataSourceIngestM // derived files, and reports generated by the analysis. In this // sample ingest module, the generation of the analysis results is // simulated. - String resultsFilePath = outputDirPath + File.separator + String.format("job_%d_results.xml", context); + String resultsFilePath = outputDirPath + File.separator + String.format("job_%d_results.xml", context.getJobId()); boolean haveRealExecutable = false; if (haveRealExecutable) { if (dataSource instanceof Image) { diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java index 451164e0b0..0af6e1786a 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java @@ -367,8 +367,8 @@ class ExtractIE extends Extract { commandLine.add("-cp"); //NON-NLS commandLine.add(PASCO_LIB_PATH); commandLine.add("isi.pasco2.Main"); //NON-NLS - commandLine.add("-T"); - commandLine.add("history"); + commandLine.add("-T"); //NON-NLS + commandLine.add("history"); //NON-NLS commandLine.add(indexFilePath); ProcessBuilder processBuilder = new ProcessBuilder(commandLine); processBuilder.redirectOutput(new File(outputFileFullPath)); diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java index fc62e403eb..1ad3844348 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java @@ -58,7 +58,7 @@ import org.xml.sax.SAXException; */ class ExtractRegistry extends Extract { - private static final Logger logger = Logger.getLogger(ExtractRegistry.class.getName()); + private Logger logger = Logger.getLogger(this.getClass().getName()); private String RR_PATH; private String RR_FULL_PATH; private boolean rrFound = false; // true if we found the Autopsy-specific version of regripper diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java index 1d5b4d679a..710ba65d90 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java @@ -391,7 +391,7 @@ class Firefox extends Extract { } List> tempList = this.dbConnect(temps, downloadQuery); - logger.log(Level.INFO, "{0}- Now getting downloads from {1} with {2}artifacts identified.", new Object[]{moduleName, temps, tempList.size()}); //NON-NLS + logger.log(Level.INFO, "{0}- Now getting downloads from {1} with {2} artifacts identified.", new Object[]{moduleName, temps, tempList.size()}); //NON-NLS for (HashMap result : tempList) { Collection bbattributes = new ArrayList<>();