mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-12 16:06:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Initial commit of changes

Browse Source
This commit is contained in:
Kelly Kelly 2019-12-06 11:18:15 -05:00
parent 010e5c5d19
commit a135973c99
2 changed files with 61 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Core/src/org/sleuthkit/autopsy/centralrepository/Bundle.properties-MERGED
View File

@ -5,7 +5,10 @@ CentralRepoCommentDialog.title.addEditCentralRepoComment=Add/Edit Central Reposi
OpenIDE-Module-Name=Central Repository OpenIDE-Module-Name=Central Repository
OpenIDE-Module-Display-Category=Ingest Module OpenIDE-Module-Display-Category=Ingest Module
OpenIDE-Module-Short-Description=Correlation Engine Ingest Module OpenIDE-Module-Short-Description=Correlation Engine Ingest Module
OpenIDE-Module-Long-Description=Correlation Engine ingest module and central database. \n\nThe Correlation Engine ingest module stores attributes of artifacts matching selected correlation types into a central database.\nStored attributes are used in future cases to correlate and analyzes files and artifacts during ingest. OpenIDE-Module-Long-Description=\
Correlation Engine ingest module and central database. \n\n\
The Correlation Engine ingest module stores attributes of artifacts matching selected correlation types into a central database.\n\
Stored attributes are used in future cases to correlate and analyzes files and artifacts during ingest.
CentralRepoCommentDialog.commentLabel.text=Comment: CentralRepoCommentDialog.commentLabel.text=Comment:
CentralRepoCommentDialog.okButton.text=&OK CentralRepoCommentDialog.okButton.text=&OK
CentralRepoCommentDialog.cancelButton.text=C&ancel CentralRepoCommentDialog.cancelButton.text=C&ancel

92
Core/src/org/sleuthkit/autopsy/centralrepository/ingestmodule/CentralRepoIngestModule.java
View File

@ -355,7 +355,7 @@ final class CentralRepoIngestModule implements FileIngestModule {
logger.log(Level.SEVERE, "Unable to index blackboard artifact " + tifArtifact.getArtifactID(), ex); //NON-NLS logger.log(Level.SEVERE, "Unable to index blackboard artifact " + tifArtifact.getArtifactID(), ex); //NON-NLS
} }
// send inbox message // send inbox message
sendBadFileInboxMessage(tifArtifact, abstractFile.getName(), abstractFile.getMd5Hash()); sendBadFileInboxMessage(tifArtifact, abstractFile.getName(), abstractFile.getMd5Hash(), caseDisplayNames);
} }
} catch (TskCoreException ex) { } catch (TskCoreException ex) {
logger.log(Level.SEVERE, "Failed to create BlackboardArtifact.", ex); // NON-NLS logger.log(Level.SEVERE, "Failed to create BlackboardArtifact.", ex); // NON-NLS
@ -364,6 +364,28 @@ final class CentralRepoIngestModule implements FileIngestModule {
} }
} }
@Messages({
"CentralRepoIngestModule_notable_message_header=<html>A file in this data source was previously seen and tagged as Notable.<br>",
"CentralRepoIngestModel_name_header=Name:<br>",
"CentralRepoIngestModel_previous_case_header=<br>Previous Cases:<br>"
})
private void sendBadFileInboxMessage(BlackboardArtifact artifact, String name, String md5Hash, List<String> caseDisplayNames) {
StringBuilder detailsSb = new StringBuilder();
detailsSb.append(Bundle.CentralRepoIngestModule_notable_message_header()).append(Bundle.CentralRepoIngestModel_name_header());
detailsSb.append(name).append(Bundle.CentralRepoIngestModel_previous_case_header());
for(String str: caseDisplayNames) {
detailsSb.append(str).append("<br>");
}
detailsSb.append("</html>");
services.postMessage(IngestMessage.createDataMessage(CentralRepoIngestModuleFactory.getModuleName(),
Bundle.CentralRepoIngestModule_postToBB_knownBadMsg(name),
detailsSb.toString(),
name + md5Hash,
artifact));
}
/** /**
* Post a message to the ingest inbox alerting the user that a bad file was * Post a message to the ingest inbox alerting the user that a bad file was
* found. * found.
@ -379,39 +401,39 @@ final class CentralRepoIngestModule implements FileIngestModule {
"# {0} - Name of file that is Notable", "# {0} - Name of file that is Notable",
"CentralRepoIngestModule.postToBB.knownBadMsg=Notable: {0}"}) "CentralRepoIngestModule.postToBB.knownBadMsg=Notable: {0}"})
public void sendBadFileInboxMessage(BlackboardArtifact artifact, String name, String md5Hash) { public void sendBadFileInboxMessage(BlackboardArtifact artifact, String name, String md5Hash) {
StringBuilder detailsSb = new StringBuilder(); // StringBuilder detailsSb = new StringBuilder();
//details // //details
detailsSb.append("<table border='0' cellpadding='4' width='280'>"); //NON-NLS // detailsSb.append("<table border='0' cellpadding='4' width='280'>"); //NON-NLS
//hit // //hit
detailsSb.append("<tr>"); //NON-NLS // detailsSb.append("<tr>"); //NON-NLS
detailsSb.append("<th>") //NON-NLS // detailsSb.append("<th>") //NON-NLS
.append(Bundle.CentralRepoIngestModule_postToBB_fileName()) // .append(Bundle.CentralRepoIngestModule_postToBB_fileName())
.append("</th>"); //NON-NLS // .append("</th>"); //NON-NLS
detailsSb.append("<td>") //NON-NLS // detailsSb.append("<td>") //NON-NLS
.append(name) // .append(name)
.append("</td>"); //NON-NLS // .append("</td>"); //NON-NLS
detailsSb.append("</tr>"); //NON-NLS // detailsSb.append("</tr>"); //NON-NLS
//
detailsSb.append("<tr>"); //NON-NLS // detailsSb.append("<tr>"); //NON-NLS
detailsSb.append("<th>") //NON-NLS // detailsSb.append("<th>") //NON-NLS
.append(Bundle.CentralRepoIngestModule_postToBB_md5Hash()) // .append(Bundle.CentralRepoIngestModule_postToBB_md5Hash())
.append("</th>"); //NON-NLS // .append("</th>"); //NON-NLS
detailsSb.append("<td>").append(md5Hash).append("</td>"); //NON-NLS // detailsSb.append("<td>").append(md5Hash).append("</td>"); //NON-NLS
detailsSb.append("</tr>"); //NON-NLS // detailsSb.append("</tr>"); //NON-NLS
//
detailsSb.append("<tr>"); //NON-NLS // detailsSb.append("<tr>"); //NON-NLS
detailsSb.append("<th>") //NON-NLS // detailsSb.append("<th>") //NON-NLS
.append(Bundle.CentralRepoIngestModule_postToBB_hashSetSource()) // .append(Bundle.CentralRepoIngestModule_postToBB_hashSetSource())
.append("</th>"); //NON-NLS // .append("</th>"); //NON-NLS
detailsSb.append("<td>").append(Bundle.CentralRepoIngestModule_postToBB_eamHit()).append("</td>"); //NON-NLS // detailsSb.append("<td>").append(Bundle.CentralRepoIngestModule_postToBB_eamHit()).append("</td>"); //NON-NLS
detailsSb.append("</tr>"); //NON-NLS // detailsSb.append("</tr>"); //NON-NLS
//
detailsSb.append("</table>"); //NON-NLS // detailsSb.append("</table>"); //NON-NLS
//
services.postMessage(IngestMessage.createDataMessage(CentralRepoIngestModuleFactory.getModuleName(), // services.postMessage(IngestMessage.createDataMessage(CentralRepoIngestModuleFactory.getModuleName(),
Bundle.CentralRepoIngestModule_postToBB_knownBadMsg(name), // Bundle.CentralRepoIngestModule_postToBB_knownBadMsg(name),
detailsSb.toString(), // detailsSb.toString(),
name + md5Hash, // name + md5Hash,
artifact)); // artifact));
} }
} }