mirror of
https://github.com/overcuriousity/autopsy-flatpak.git
synced 2025-07-17 10:17:41 +00:00
Merge branch 'develop' into 6184-InconsistentCR
This commit is contained in:
Greg DiCristofaro
commit
cace957153
@ -59,6 +59,22 @@ public class CorrelationAttributeUtil {
|
||||
return Bundle.CorrelationAttributeUtil_emailaddresses_text();
|
||||
}
|
||||
|
||||
/**
|
||||
* Makes zero to many correlation attribute instances from the attributes of
|
||||
* an artifact.
|
||||
*
|
||||
* IMPORTANT: The correlation attribute instances are NOT added to the
|
||||
* central repository by this method.
|
||||
*
|
||||
* @param artifact An artifact.
|
||||
*
|
||||
* @return A list, possibly empty, of correlation attribute instances for
|
||||
* the artifact.
|
||||
*/
|
||||
public static List<CorrelationAttributeInstance> makeCorrAttrsFromArtifact(BlackboardArtifact artifact) {
|
||||
return makeCorrAttrsFromArtifact(artifact, true );
|
||||
}
|
||||
|
||||
/**
|
||||
* Makes zero to many correlation attribute instances from the attributes of
|
||||
* an artifact.
|
||||
@ -74,13 +90,22 @@ public class CorrelationAttributeUtil {
|
||||
* whether receiving a null return value is an error or not, plus null
|
||||
* checking is easy to forget, while catching exceptions is enforced.
|
||||
*
|
||||
* @param artifact An artifact.
|
||||
* @param artifact An artifact.
|
||||
* @param resolveSourceArtifact A flag to indicate whether to resolve the
|
||||
* source artifact, if the given artifact is
|
||||
* of type TSK_INTERESTING_ARTIFACT_HIT.
|
||||
*
|
||||
* @return A list, possibly empty, of correlation attribute instances for
|
||||
* the artifact.
|
||||
* the artifact.
|
||||
*/
|
||||
public static List<CorrelationAttributeInstance> makeCorrAttrsFromArtifact(BlackboardArtifact artifact) {
|
||||
public static List<CorrelationAttributeInstance> makeCorrAttrsFromArtifact(BlackboardArtifact artifact, boolean resolveSourceArtifact) {
|
||||
List<CorrelationAttributeInstance> correlationAttrs = new ArrayList<>();
|
||||
|
||||
// If the artifact is of type TSK_INTERESTING_ARTIFACT_HIT, and the caller
|
||||
// has not indicated to resolve the source artifact, then return an empty list.
|
||||
if ((artifact.getArtifactTypeID() == ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT.getTypeID()) && (resolveSourceArtifact == false) ) {
|
||||
return correlationAttrs;
|
||||
}
|
||||
try {
|
||||
BlackboardArtifact sourceArtifact = getCorrAttrSourceArtifact(artifact);
|
||||
if (sourceArtifact != null) {
|
||||
|
||||
@ -455,8 +455,11 @@ public class IngestEventsListener {
|
||||
List<CorrelationAttributeInstance> eamArtifacts = new ArrayList<>();
|
||||
|
||||
for (BlackboardArtifact bbArtifact : bbArtifacts) {
|
||||
// eamArtifact will be null OR a EamArtifact containing one EamArtifactInstance.
|
||||
List<CorrelationAttributeInstance> convertedArtifacts = CorrelationAttributeUtil.makeCorrAttrsFromArtifact(bbArtifact);
|
||||
// If the incoming artifact is of type TSK_INTERESTING_ARTIFACT_HIT,
|
||||
// do not resolve to the source artifact, as correlation attributes
|
||||
// for the source artifact would have already been created,
|
||||
// when the event for that source artifact was received.
|
||||
List<CorrelationAttributeInstance> convertedArtifacts = CorrelationAttributeUtil.makeCorrAttrsFromArtifact(bbArtifact, false);
|
||||
for (CorrelationAttributeInstance eamArtifact : convertedArtifacts) {
|
||||
try {
|
||||
// Only do something with this artifact if it's unique within the job
|
||||
|
||||
@ -18,10 +18,11 @@
|
||||
<SubComponents>
|
||||
<Container class="javax.swing.JScrollPane" name="scrollPane">
|
||||
<Properties>
|
||||
<Property name="autoscrolls" type="boolean" value="true"/>
|
||||
<Property name="border" type="javax.swing.border.Border" editor="org.netbeans.modules.form.editors2.BorderEditor">
|
||||
<Border info="null"/>
|
||||
</Property>
|
||||
<Property name="horizontalScrollBarPolicy" type="int" value="31"/>
|
||||
<Property name="autoscrolls" type="boolean" value="true"/>
|
||||
</Properties>
|
||||
<Constraints>
|
||||
<Constraint layoutClass="org.netbeans.modules.form.compat2.layouts.DesignGridBagLayout" value="org.netbeans.modules.form.compat2.layouts.DesignGridBagLayout$GridBagConstraintsDescription">
|
||||
@ -277,8 +278,14 @@
|
||||
<Container class="javax.swing.JScrollPane" name="devicesScrollPane">
|
||||
<Properties>
|
||||
<Property name="horizontalScrollBarPolicy" type="int" value="31"/>
|
||||
<Property name="maximumSize" type="java.awt.Dimension" editor="org.netbeans.beaninfo.editors.DimensionEditor">
|
||||
<Dimension value="[32767, 30]"/>
|
||||
</Property>
|
||||
<Property name="minimumSize" type="java.awt.Dimension" editor="org.netbeans.beaninfo.editors.DimensionEditor">
|
||||
<Dimension value="[27, 75]"/>
|
||||
<Dimension value="[27, 30]"/>
|
||||
</Property>
|
||||
<Property name="preferredSize" type="java.awt.Dimension" editor="org.netbeans.beaninfo.editors.DimensionEditor">
|
||||
<Dimension value="[3, 30]"/>
|
||||
</Property>
|
||||
</Properties>
|
||||
<Constraints>
|
||||
@ -379,8 +386,15 @@
|
||||
</Component>
|
||||
<Container class="javax.swing.JScrollPane" name="accountTypesScrollPane">
|
||||
<Properties>
|
||||
<Property name="maximumSize" type="java.awt.Dimension" editor="org.netbeans.beaninfo.editors.DimensionEditor">
|
||||
<Dimension value="[32767, 210]"/>
|
||||
</Property>
|
||||
<Property name="minimumSize" type="java.awt.Dimension" editor="org.netbeans.beaninfo.editors.DimensionEditor">
|
||||
<Dimension value="[20, 210]"/>
|
||||
</Property>
|
||||
<Property name="name" type="java.lang.String" value="" noResource="true"/>
|
||||
<Property name="preferredSize" type="java.awt.Dimension" editor="org.netbeans.beaninfo.editors.DimensionEditor">
|
||||
<Dimension value="[2, 200]"/>
|
||||
<Dimension value="[2, 210]"/>
|
||||
</Property>
|
||||
</Properties>
|
||||
<Constraints>
|
||||
|
||||
@ -477,8 +477,9 @@ final public class FiltersPanel extends JPanel {
|
||||
|
||||
setLayout(new java.awt.GridBagLayout());
|
||||
|
||||
scrollPane.setAutoscrolls(true);
|
||||
scrollPane.setBorder(null);
|
||||
scrollPane.setHorizontalScrollBarPolicy(javax.swing.ScrollPaneConstants.HORIZONTAL_SCROLLBAR_NEVER);
|
||||
scrollPane.setAutoscrolls(true);
|
||||
|
||||
mainPanel.setLayout(new java.awt.GridBagLayout());
|
||||
|
||||
@ -652,7 +653,9 @@ final public class FiltersPanel extends JPanel {
|
||||
devicesPane.add(checkAllDevicesButton, gridBagConstraints);
|
||||
|
||||
devicesScrollPane.setHorizontalScrollBarPolicy(javax.swing.ScrollPaneConstants.HORIZONTAL_SCROLLBAR_NEVER);
|
||||
devicesScrollPane.setMinimumSize(new java.awt.Dimension(27, 75));
|
||||
devicesScrollPane.setMaximumSize(new java.awt.Dimension(32767, 30));
|
||||
devicesScrollPane.setMinimumSize(new java.awt.Dimension(27, 30));
|
||||
devicesScrollPane.setPreferredSize(new java.awt.Dimension(3, 30));
|
||||
|
||||
devicesListPane.setMinimumSize(new java.awt.Dimension(4, 100));
|
||||
devicesListPane.setLayout(new javax.swing.BoxLayout(devicesListPane, javax.swing.BoxLayout.Y_AXIS));
|
||||
@ -728,7 +731,10 @@ final public class FiltersPanel extends JPanel {
|
||||
gridBagConstraints.insets = new java.awt.Insets(9, 0, 0, 0);
|
||||
accountTypesPane.add(checkAllAccountTypesButton, gridBagConstraints);
|
||||
|
||||
accountTypesScrollPane.setPreferredSize(new java.awt.Dimension(2, 200));
|
||||
accountTypesScrollPane.setMaximumSize(new java.awt.Dimension(32767, 210));
|
||||
accountTypesScrollPane.setMinimumSize(new java.awt.Dimension(20, 210));
|
||||
accountTypesScrollPane.setName(""); // NOI18N
|
||||
accountTypesScrollPane.setPreferredSize(new java.awt.Dimension(2, 210));
|
||||
|
||||
accountTypeListPane.setLayout(new javax.swing.BoxLayout(accountTypeListPane, javax.swing.BoxLayout.PAGE_AXIS));
|
||||
accountTypesScrollPane.setViewportView(accountTypeListPane);
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2014-2019 Basis Technology Corp.
|
||||
* Copyright 2014-2020 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -60,7 +60,7 @@ public final class UserPreferences {
|
||||
private static final String MESSAGE_SERVICE_USER = "MessageServiceUser"; //NON-NLS
|
||||
private static final String MESSAGE_SERVICE_HOST = "MessageServiceHost"; //NON-NLS
|
||||
private static final String MESSAGE_SERVICE_PORT = "MessageServicePort"; //NON-NLS
|
||||
private static final String TEXT_TRANSLATOR_NAME = "TextTranslatorName";
|
||||
public static final String TEXT_TRANSLATOR_NAME = "TextTranslatorName";
|
||||
public static final String PROCESS_TIME_OUT_ENABLED = "ProcessTimeOutEnabled"; //NON-NLS
|
||||
public static final String PROCESS_TIME_OUT_HOURS = "ProcessTimeOutHours"; //NON-NLS
|
||||
private static final int DEFAULT_PROCESS_TIMEOUT_HR = 60;
|
||||
|
||||
@ -550,12 +550,7 @@ public class DataContentViewerArtifact extends javax.swing.JPanel implements Dat
|
||||
break;
|
||||
// Use Autopsy date formatting settings, not TSK defaults
|
||||
case DATETIME:
|
||||
long epoch = attr.getValueLong();
|
||||
value = "0000-00-00 00:00:00";
|
||||
if (null != content && 0 != epoch) {
|
||||
dateFormatter.setTimeZone(ContentUtils.getTimeZone(content));
|
||||
value = dateFormatter.format(new java.util.Date(epoch * 1000));
|
||||
}
|
||||
value = epochTimeToString(attr.getValueLong());
|
||||
break;
|
||||
case JSON:
|
||||
// Get the attribute's JSON value and convert to indented multiline display string
|
||||
@ -654,11 +649,34 @@ public class DataContentViewerArtifact extends javax.swing.JPanel implements Dat
|
||||
} else if (jsonElement.isJsonObject()) {
|
||||
sb.append(NEW_LINE).append(String.format("%s%s %s", startIndent, jsonKey, toJsonDisplayString(jsonElement.getAsJsonObject(), startIndent + INDENT_RIGHT)));
|
||||
} else if (jsonElement.isJsonPrimitive()) {
|
||||
sb.append(NEW_LINE).append(String.format("%s%s = %s", startIndent, jsonKey, jsonElement.getAsString()));
|
||||
String attributeName = jsonKey;
|
||||
String attributeValue;
|
||||
if (attributeName.toUpperCase().contains("DATETIME")) {
|
||||
attributeValue = epochTimeToString(Long.parseLong(jsonElement.getAsString()));
|
||||
} else {
|
||||
attributeValue = jsonElement.getAsString();
|
||||
}
|
||||
sb.append(NEW_LINE).append(String.format("%s%s = %s", startIndent, attributeName, attributeValue));
|
||||
} else if (jsonElement.isJsonNull()) {
|
||||
sb.append(NEW_LINE).append(String.format("%s%s = null", startIndent, jsonKey));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Converts epoch time to readable string.
|
||||
*
|
||||
* @param epochTime epoch time value to be converted to string.
|
||||
* @return String with human readable time.
|
||||
*/
|
||||
private String epochTimeToString(long epochTime) {
|
||||
String dateTimeString = "0000-00-00 00:00:00";
|
||||
if (null != content && 0 != epochTime) {
|
||||
dateFormatter.setTimeZone(ContentUtils.getTimeZone(content));
|
||||
dateTimeString = dateFormatter.format(new java.util.Date(epochTime * 1000));
|
||||
}
|
||||
return dateTimeString;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -154,7 +154,8 @@ public class ExtractedContent implements AutopsyVisitableItem {
|
||||
return filePath + "encrypted-file.png"; //NON-NLS
|
||||
} else if (typeID == BlackboardArtifact.ARTIFACT_TYPE.TSK_EXT_MISMATCH_DETECTED.getTypeID()) {
|
||||
return filePath + "mismatch-16.png"; //NON-NLS
|
||||
} else if (typeID == BlackboardArtifact.ARTIFACT_TYPE.TSK_GPS_ROUTE.getTypeID()) {
|
||||
} else if (typeID == BlackboardArtifact.ARTIFACT_TYPE.TSK_GPS_ROUTE.getTypeID()
|
||||
|| typeID == BlackboardArtifact.ARTIFACT_TYPE.TSK_GPS_TRACK.getTypeID()) {
|
||||
return filePath + "gps_trackpoint.png"; //NON-NLS
|
||||
} else if (typeID == BlackboardArtifact.ARTIFACT_TYPE.TSK_REMOTE_DRIVE.getTypeID()) {
|
||||
return filePath + "drive_network.png"; //NON-NLS
|
||||
@ -243,7 +244,7 @@ public class ExtractedContent implements AutopsyVisitableItem {
|
||||
doNotShow.add(new BlackboardArtifact.Type(TSK_DATA_SOURCE_USAGE));
|
||||
doNotShow.add(new BlackboardArtifact.Type(TSK_DOWNLOAD_SOURCE));
|
||||
doNotShow.add(new BlackboardArtifact.Type(TSK_TL_EVENT));
|
||||
|
||||
|
||||
//This is not meant to be shown in the UI at all. It is more of a meta artifact.
|
||||
doNotShow.add(new BlackboardArtifact.Type(TSK_ASSOCIATED_OBJECT));
|
||||
}
|
||||
@ -510,12 +511,12 @@ public class ExtractedContent implements AutopsyVisitableItem {
|
||||
if (skCase != null) {
|
||||
try {
|
||||
List<BlackboardArtifact> arts;
|
||||
if(filteringDSObjId > 0) {
|
||||
if (filteringDSObjId > 0) {
|
||||
arts = blackboard.getArtifacts(type.getTypeID(), filteringDSObjId);
|
||||
} else {
|
||||
arts = skCase.getBlackboardArtifacts(type.getTypeID());
|
||||
}
|
||||
for(BlackboardArtifact art: arts) {
|
||||
for (BlackboardArtifact art : arts) {
|
||||
//Cache attributes while we are off the EDT.
|
||||
//See JIRA-5969
|
||||
art.getAttributes();
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2012-2019 Basis Technology Corp.
|
||||
* Copyright 2012-2020 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -221,6 +221,7 @@ public final class DirectoryTreeTopComponent extends TopComponent implements Dat
|
||||
case UserPreferences.HIDE_SCO_COLUMNS:
|
||||
case UserPreferences.DISPLAY_TRANSLATED_NAMES:
|
||||
case UserPreferences.KEEP_PREFERRED_VIEWER:
|
||||
case UserPreferences.TEXT_TRANSLATOR_NAME:
|
||||
refreshContentTreeSafe();
|
||||
break;
|
||||
case UserPreferences.SHOW_ONLY_CURRENT_USER_TAGS:
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user