mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-14 17:06:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

initial commit, export skeleton

Browse Source
This commit is contained in:
U-BASIS\dsmyda 2019-08-14 16:22:03 -04:00
parent 023fadcc2b
commit c34aba3fd4
1 changed files with 65 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
Core/src/org/sleuthkit/autopsy/report/caseuco/CaseUcoFormatExporter.java
View File

@ -23,24 +23,32 @@ import com.fasterxml.jackson.core.JsonFactory;
import com.fasterxml.jackson.core.JsonGenerator;
import com.fasterxml.jackson.core.util.DefaultIndenter;
import com.fasterxml.jackson.core.util.DefaultPrettyPrinter;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.List;
import java.util.SimpleTimeZone;
import java.util.logging.Level;
import org.openide.util.NbBundle;
import org.sleuthkit.autopsy.casemodule.Case;
import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;
import org.sleuthkit.autopsy.casemodule.services.TagsManager;
import org.sleuthkit.autopsy.coreutils.Logger;
import org.sleuthkit.autopsy.coreutils.MessageNotifyUtil;
import org.sleuthkit.autopsy.datamodel.ContentUtils;
import org.sleuthkit.autopsy.ingest.IngestManager;
import org.sleuthkit.autopsy.report.ReportProgressPanel;
import org.sleuthkit.datamodel.BlackboardArtifact;
import org.sleuthkit.datamodel.BlackboardArtifactTag;
import org.sleuthkit.datamodel.BlackboardAttribute;
import org.sleuthkit.datamodel.ContentTag;
import org.sleuthkit.datamodel.SleuthkitCase;
import org.sleuthkit.datamodel.TskCoreException;
import org.sleuthkit.datamodel.TskData;
import org.sleuthkit.datamodel.TagName;
/**
* Generates CASE-UCO report file for a data source
@ -48,6 +56,9 @@ import org.sleuthkit.datamodel.TskData;
public final class CaseUcoFormatExporter {
private static final Logger logger = Logger.getLogger(CaseUcoFormatExporter.class.getName());
private static final BlackboardAttribute.Type SET_NAME = new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME);
private static final BlackboardArtifact.ARTIFACT_TYPE INTERESTING_FILE_HIT = BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT;
private static final BlackboardArtifact.ARTIFACT_TYPE INTERESTING_ARTIFACT_HIT = BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT;
private CaseUcoFormatExporter() {
}
@ -177,6 +188,59 @@ public final class CaseUcoFormatExporter {
}
}
/**
*
*
*
* @param tagTypes
* @param interestingItemSets
* @param outputFilePath
* @param progressPanel
*/
public static void export(List<TagName> tagTypes, List<String> interestingItemSets,
File caseReportFolder, ReportProgressPanel progressPanel) {
try {
File outputFolder = Paths.get(caseReportFolder.toString(), ReportCaseUco.getReportFileName()).toFile();
if(!outputFolder.mkdir()) {
//log
return;
}
SleuthkitCase currentCase = Case.getCurrentCaseThrows().getSleuthkitCase();
TagsManager tagsManager = Case.getCurrentCaseThrows().getServices().getTagsManager();
for(TagName tn : tagTypes) {
for(ContentTag ct : tagsManager.getContentTagsByTagName(tn)) {
//copy content tag
}
for(BlackboardArtifactTag bat : tagsManager.getBlackboardArtifactTagsByTagName(tn)) {
//copy content
//copy associated content
}
}
if(!interestingItemSets.isEmpty()) {
for(BlackboardArtifact bArt : currentCase.getBlackboardArtifacts(INTERESTING_FILE_HIT)) {
BlackboardAttribute setAttr = bArt.getAttribute(SET_NAME);
if (interestingItemSets.contains(setAttr.getValueString())) {
}
}
for(BlackboardArtifact bArt : currentCase.getBlackboardArtifacts(INTERESTING_ARTIFACT_HIT)) {
BlackboardAttribute setAttr = bArt.getAttribute(SET_NAME);
if (interestingItemSets.contains(setAttr.getValueString())) {
}
}
}
} catch (NoCurrentCaseException | TskCoreException ex) {
//log oh no
}
}
private static void initializeJsonOutputFile(JsonGenerator catalog) throws IOException {
catalog.writeStartObject();
catalog.writeFieldName("@graph");