mirror of
https://github.com/overcuriousity/autopsy-flatpak.git
synced 2025-07-19 19:14:55 +00:00
Hold off on writing md5, known status, and MIME type until the end of ingest
This commit is contained in:
Ann Priestman
parent
48123343cc
commit
c4339f6e2a
@ -21,10 +21,14 @@ package org.sleuthkit.autopsy.ingest;
|
|||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Date;
|
import java.util.Date;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
import java.util.logging.Level;
|
||||||
|
|
||||||
import org.openide.util.NbBundle;
|
import org.openide.util.NbBundle;
|
||||||
|
import org.sleuthkit.autopsy.casemodule.Case;
|
||||||
|
import org.sleuthkit.autopsy.coreutils.Logger;
|
||||||
import org.sleuthkit.autopsy.coreutils.MessageNotifyUtil;
|
import org.sleuthkit.autopsy.coreutils.MessageNotifyUtil;
|
||||||
import org.sleuthkit.datamodel.AbstractFile;
|
import org.sleuthkit.datamodel.AbstractFile;
|
||||||
|
import org.sleuthkit.datamodel.TskCoreException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This class manages a sequence of file level ingest modules for a data source
|
* This class manages a sequence of file level ingest modules for a data source
|
||||||
@ -136,6 +140,13 @@ final class FileIngestPipeline {
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
try{
|
||||||
|
Case.getCurrentCase().getSleuthkitCase().setKnownAndFileTypeAndMD5(file);
|
||||||
|
} catch (TskCoreException ex){
|
||||||
|
Logger.getLogger(FileIngestPipeline.class.getName()).log(Level.SEVERE, "Failed to save data", ex); //NON-NLS
|
||||||
|
}
|
||||||
|
|
||||||
file.close();
|
file.close();
|
||||||
if (!this.job.isCancelled()) {
|
if (!this.job.isCancelled()) {
|
||||||
IngestManager.getInstance().fireFileIngestDone(file);
|
IngestManager.getInstance().fireFileIngestDone(file);
|
||||||
|
|||||||
@ -187,7 +187,8 @@ public class FileTypeDetector {
|
|||||||
* writing the result to the case database.
|
* writing the result to the case database.
|
||||||
*/
|
*/
|
||||||
public String getFileType(AbstractFile file) throws TskCoreException {
|
public String getFileType(AbstractFile file) throws TskCoreException {
|
||||||
return detect(file, true);
|
return file.getMIMEType();
|
||||||
|
//return detect(file, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -222,7 +223,7 @@ public class FileTypeDetector {
|
|||||||
* @throws TskCoreException If there is a problem writing the result to the
|
* @throws TskCoreException If there is a problem writing the result to the
|
||||||
* case database.
|
* case database.
|
||||||
*/
|
*/
|
||||||
private String detect(AbstractFile file, boolean addToCaseDb) throws TskCoreException {
|
public String detect(AbstractFile file, boolean addToCaseDb) throws TskCoreException {
|
||||||
/*
|
/*
|
||||||
* Check to see if the file has already been typed. This is the "check"
|
* Check to see if the file has already been typed. This is the "check"
|
||||||
* part of a check-then-act race condition (see note below).
|
* part of a check-then-act race condition (see note below).
|
||||||
@ -322,7 +323,7 @@ public class FileTypeDetector {
|
|||||||
/*
|
/*
|
||||||
* Add the MIME type to the files table in the case database.
|
* Add the MIME type to the files table in the case database.
|
||||||
*/
|
*/
|
||||||
Case.getCurrentCase().getSleuthkitCase().setFileMIMEType(file, mimeType);
|
//Case.getCurrentCase().getSleuthkitCase().setFileMIMEType(file, mimeType);
|
||||||
}
|
}
|
||||||
|
|
||||||
return mimeType;
|
return mimeType;
|
||||||
|
|||||||
@ -91,7 +91,8 @@ public class FileTypeIdIngestModule implements FileIngestModule {
|
|||||||
*/
|
*/
|
||||||
try {
|
try {
|
||||||
long startTime = System.currentTimeMillis();
|
long startTime = System.currentTimeMillis();
|
||||||
fileTypeDetector.getFileType(file);
|
String type = fileTypeDetector.detect(file, false);
|
||||||
|
file.setMIMEType(type);
|
||||||
addToTotals(jobId, (System.currentTimeMillis() - startTime));
|
addToTotals(jobId, (System.currentTimeMillis() - startTime));
|
||||||
return ProcessResult.OK;
|
return ProcessResult.OK;
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
|
|||||||
@ -204,20 +204,21 @@ public class HashDbIngestModule implements FileIngestModule {
|
|||||||
foundBad = true;
|
foundBad = true;
|
||||||
totals.totalKnownBadCount.incrementAndGet();
|
totals.totalKnownBadCount.incrementAndGet();
|
||||||
|
|
||||||
try {
|
//try {
|
||||||
skCase.setKnown(file, TskData.FileKnown.BAD);
|
file.setKnown(TskData.FileKnown.BAD);
|
||||||
} catch (TskException ex) {
|
// skCase.setKnown(file, TskData.FileKnown.BAD);
|
||||||
logger.log(Level.WARNING, "Couldn't set notable state for file " + name + " - see sleuthkit log for details", ex); //NON-NLS
|
//} catch (TskException ex) {
|
||||||
services.postMessage(IngestMessage.createErrorMessage(
|
// logger.log(Level.WARNING, "Couldn't set notable state for file " + name + " - see sleuthkit log for details", ex); //NON-NLS
|
||||||
HashLookupModuleFactory.getModuleName(),
|
// services.postMessage(IngestMessage.createErrorMessage(
|
||||||
NbBundle.getMessage(this.getClass(),
|
// HashLookupModuleFactory.getModuleName(),
|
||||||
"HashDbIngestModule.hashLookupErrorMsg",
|
// NbBundle.getMessage(this.getClass(),
|
||||||
name),
|
// "HashDbIngestModule.hashLookupErrorMsg",
|
||||||
NbBundle.getMessage(this.getClass(),
|
// name),
|
||||||
"HashDbIngestModule.settingKnownBadStateErr",
|
// NbBundle.getMessage(this.getClass(),
|
||||||
name)));
|
// "HashDbIngestModule.settingKnownBadStateErr",
|
||||||
ret = ProcessResult.ERROR;
|
// name)));
|
||||||
}
|
// ret = ProcessResult.ERROR;
|
||||||
|
//}
|
||||||
String hashSetName = db.getHashSetName();
|
String hashSetName = db.getHashSetName();
|
||||||
|
|
||||||
String comment = "";
|
String comment = "";
|
||||||
@ -261,13 +262,14 @@ public class HashDbIngestModule implements FileIngestModule {
|
|||||||
try {
|
try {
|
||||||
long lookupstart = System.currentTimeMillis();
|
long lookupstart = System.currentTimeMillis();
|
||||||
if (db.lookupMD5Quick(file)) {
|
if (db.lookupMD5Quick(file)) {
|
||||||
try {
|
//try {
|
||||||
skCase.setKnown(file, TskData.FileKnown.KNOWN);
|
file.setKnown(TskData.FileKnown.KNOWN);
|
||||||
|
//skCase.setKnown(file, TskData.FileKnown.KNOWN);
|
||||||
break;
|
break;
|
||||||
} catch (TskException ex) {
|
//} catch (TskException ex) {
|
||||||
logger.log(Level.WARNING, "Couldn't set known state for file " + name + " - see sleuthkit log for details", ex); //NON-NLS
|
// logger.log(Level.WARNING, "Couldn't set known state for file " + name + " - see sleuthkit log for details", ex); //NON-NLS
|
||||||
ret = ProcessResult.ERROR;
|
// ret = ProcessResult.ERROR;
|
||||||
}
|
//}
|
||||||
}
|
}
|
||||||
long delta = (System.currentTimeMillis() - lookupstart);
|
long delta = (System.currentTimeMillis() - lookupstart);
|
||||||
totals.totalLookuptime.addAndGet(delta);
|
totals.totalLookuptime.addAndGet(delta);
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user