mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-15 17:27:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

datasourcesummary

Browse Source
This commit is contained in:
Eugene Livis 2021-07-22 16:07:36 -04:00
parent d983aafac1
commit ad141b6426
2 changed files with 7 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Core/src/org/sleuthkit/autopsy/datasourcesummary/datamodel/AnalysisSummary.java
View File

@ -1,7 +1,7 @@
/* /*
* Autopsy Forensic Browser * Autopsy Forensic Browser
* *
* Copyright 2020 Basis Technology Corp. * Copyright 2020-2021 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org * Contact: carrier <at> sleuthkit <dot> org
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
@ -49,8 +49,7 @@ public class AnalysisSummary implements DefaultArtifactUpdateGovernor {
private static final Set<String> EXCLUDED_KEYWORD_SEARCH_ITEMS = new HashSet<>(); private static final Set<String> EXCLUDED_KEYWORD_SEARCH_ITEMS = new HashSet<>();
private static final Set<Integer> ARTIFACT_UPDATE_TYPE_IDS = new HashSet<>(Arrays.asList( private static final Set<Integer> ARTIFACT_UPDATE_TYPE_IDS = new HashSet<>(Arrays.asList(
ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID(), ARTIFACT_TYPE.TSK_PREVIOUSLY_SEEN.getTypeID(),
ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT.getTypeID(),
ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID(), ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID(),
ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID() ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()
)); ));
@ -122,7 +121,7 @@ public class AnalysisSummary implements DefaultArtifactUpdateGovernor {
* @throws TskCoreException * @throws TskCoreException
*/ */
public List<Pair<String, Long>> getInterestingItemCounts(DataSource dataSource) throws SleuthkitCaseProviderException, TskCoreException { public List<Pair<String, Long>> getInterestingItemCounts(DataSource dataSource) throws SleuthkitCaseProviderException, TskCoreException {
return getCountsData(dataSource, TYPE_SET_NAME, ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT, ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT); return getCountsData(dataSource, TYPE_SET_NAME, ARTIFACT_TYPE.TSK_PREVIOUSLY_SEEN);
} }
/** /**

7
Core/src/org/sleuthkit/autopsy/datasourcesummary/datamodel/PastCasesSummary.java
View File

@ -307,7 +307,7 @@ public class PastCasesSummary implements DefaultArtifactUpdateGovernor {
List<String> deviceArtifactCases = new ArrayList<>(); List<String> deviceArtifactCases = new ArrayList<>();
List<String> nonDeviceArtifactCases = new ArrayList<>(); List<String> nonDeviceArtifactCases = new ArrayList<>();
for (BlackboardArtifact artifact : skCase.getBlackboard().getArtifacts(ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT.getTypeID(), dataSource.getId())) { for (BlackboardArtifact artifact : skCase.getBlackboard().getArtifacts(ARTIFACT_TYPE.TSK_PREVIOUSLY_SEEN.getTypeID(), dataSource.getId())) {
List<String> cases = getCasesFromArtifact(artifact); List<String> cases = getCasesFromArtifact(artifact);
if (cases == null || cases.isEmpty()) { if (cases == null || cases.isEmpty()) {
continue; continue;
@ -320,12 +320,9 @@ public class PastCasesSummary implements DefaultArtifactUpdateGovernor {
} }
} }
Stream<String> filesCases = skCase.getBlackboard().getArtifacts(ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID(), dataSource.getId()).stream()
.flatMap((art) -> getCasesFromArtifact(art).stream());
return new PastCasesResult( return new PastCasesResult(
getCaseCounts(deviceArtifactCases.stream()), getCaseCounts(deviceArtifactCases.stream()),
getCaseCounts(Stream.concat(filesCases, nonDeviceArtifactCases.stream())) getCaseCounts(nonDeviceArtifactCases.stream())
); );
} }
} }