7953 base changes for interesting item change

Core/src/org/sleuthkit/autopsy/centralrepository/datamodel/CorrelationAttributeUtil.java

@@ -142,7 +142,7 @@ public class CorrelationAttributeUtil {
         if (CentralRepository.isEnabled()) {
             try {
                 int artifactTypeID = analysisResult.getArtifactTypeID();
-                if (artifactTypeID == ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT.getTypeID()) {
+                if (ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT.getTypeID() || artifactTypeID == ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getTypeID()) {
                     //because this attribute retrieval is only occuring when the analysis result is an interesting artifact hit 
                     //and only one attribute is being retrieved the analysis result's own get attribute method can be used efficently
                     BlackboardAttribute assocArtifactAttr = analysisResult.getAttribute(BlackboardAttribute.Type.TSK_ASSOCIATED_ARTIFACT);

Core/src/org/sleuthkit/autopsy/contentviewers/annotations/AnnotationUtils.java

@@ -73,6 +73,7 @@ public class AnnotationUtils {
         "AnnotationUtils.fileHitEntry.artifactCommentTitle=Artifact Comment",
         "AnnotationUtils.fileHitEntry.hashSetHitTitle=Hash Set Hit Comments",
         "AnnotationUtils.fileHitEntry.interestingFileHitTitle=Interesting File Hit Comments",
+        "AnnotationUtils.fileHitEntry.interestingItemTitle=Interesting Item Comments",
         "AnnotationUtils.fileHitEntry.setName=Set Name:",
         "AnnotationUtils.fileHitEntry.comment=Comment:",
         "AnnotationUtils.sourceFile.title=Source File",
@@ -94,8 +95,8 @@ public class AnnotationUtils {
     private static final SectionConfig<Tag> TAG_CONFIG
             = new SectionConfig<>(Bundle.AnnotationUtils_tagEntry_title(), TAG_ENTRIES);
 
-    // file set attributes and table configurations
+    // Item set attributes and table configurations
-    private static final List<ItemEntry<BlackboardArtifact>> FILESET_HIT_ENTRIES = Arrays.asList(
+    private static final List<ItemEntry<BlackboardArtifact>> ITEMSET_HIT_ENTRIES = Arrays.asList(
             new ItemEntry<>(Bundle.AnnotationUtils_fileHitEntry_setName(),
                     (bba) -> tryGetAttribute(bba, BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME)),
             new ItemEntry<>(Bundle.AnnotationUtils_fileHitEntry_comment(),
@@ -103,13 +104,16 @@ public class AnnotationUtils {
     );
 
     private static final SectionConfig<BlackboardArtifact> INTERESTING_FILE_CONFIG
-            = new SectionConfig<>(Bundle.AnnotationUtils_fileHitEntry_interestingFileHitTitle(), FILESET_HIT_ENTRIES);
+            = new SectionConfig<>(Bundle.AnnotationUtils_fileHitEntry_interestingFileHitTitle(), ITEMSET_HIT_ENTRIES);
+
+    private static final SectionConfig<BlackboardArtifact> INTERESTING_ITEM_CONFIG
+            = new SectionConfig<>(Bundle.AnnotationUtils_fileHitEntry_interestingItemTitle(), ITEMSET_HIT_ENTRIES);
 
     private static final SectionConfig<BlackboardArtifact> HASHSET_CONFIG
-            = new SectionConfig<>(Bundle.AnnotationUtils_fileHitEntry_hashSetHitTitle(), FILESET_HIT_ENTRIES);
+            = new SectionConfig<>(Bundle.AnnotationUtils_fileHitEntry_hashSetHitTitle(), ITEMSET_HIT_ENTRIES);
 
     private static final SectionConfig<BlackboardArtifact> ARTIFACT_COMMENT_CONFIG
-            = new SectionConfig<>(Bundle.AnnotationUtils_fileHitEntry_artifactCommentTitle(), FILESET_HIT_ENTRIES);
+            = new SectionConfig<>(Bundle.AnnotationUtils_fileHitEntry_artifactCommentTitle(), ITEMSET_HIT_ENTRIES);
 
     // central repository attributes and table configuration
     private static final List<ItemEntry<CorrelationAttributeInstance>> CR_COMMENTS_ENTRIES = Arrays.asList(
@@ -211,7 +215,7 @@ public class AnnotationUtils {
 
         // if artifact is a hashset hit or interesting file and has a non-blank comment
         if ((BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID() == bba.getArtifactTypeID()
-                || BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID() == bba.getArtifactTypeID())
+                || BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID() == bba.getArtifactTypeID() || BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getTypeID() == bba.getArtifactTypeID())
                 && (hasTskComment(bba))) {
 
             boolean filesetRendered = appendEntries(parent, ARTIFACT_COMMENT_CONFIG, Arrays.asList(bba), false, !contentRendered);
@@ -266,7 +270,12 @@ public class AnnotationUtils {
                     isSubheader,
                     !contentRendered);
 
-            contentRendered = contentRendered || hashsetRendered || interestingFileRendered;
+            boolean interestingItemRendered = appendEntries(parent, INTERESTING_ITEM_CONFIG,
+                    getFileSetHits(sourceFile, BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM),
+                    isSubheader,
+                    !contentRendered);
+
+            contentRendered = contentRendered || hashsetRendered || interestingFileRendered || interestingItemRendered;
         }
         return contentRendered;
     }

Core/src/org/sleuthkit/autopsy/contentviewers/annotations/AnnotationsContentViewer.java

@@ -75,7 +75,8 @@ public class AnnotationsContentViewer extends javax.swing.JPanel implements Data
 
     private static final Set<BlackboardArtifact.Type> ARTIFACT_TYPES_OF_INTEREST = ImmutableSet.of(
             BlackboardArtifact.Type.TSK_HASHSET_HIT,
-            BlackboardArtifact.Type.TSK_INTERESTING_FILE_HIT
+            BlackboardArtifact.Type.TSK_INTERESTING_FILE_HIT, 
+            BlackboardArtifact.Type.TSK_INTERESTING_ITEM
     );
 
     private final PropertyChangeListener ingestEventListener = (evt) -> {

Core/src/org/sleuthkit/autopsy/datamodel/Artifacts.java

@@ -250,6 +250,9 @@ public class Artifacts {
                 KeywordHits.RootNode keywordsNode = new KeywordHits(skCase, dsObjId).new RootNode();
                 return new TypeNodeKey(keywordsNode, TSK_KEYWORD_HIT);
 
+            } else if (TSK_INTERESTING_ITEM.getTypeID() == typeId) {
+                InterestingHits.RootNode interestingHitsNode = new InterestingHits(skCase, TSK_INTERESTING_ITEM, dsObjId).new RootNode();
+                return new TypeNodeKey(interestingHitsNode, TSK_INTERESTING_ITEM);
             } else if (TSK_INTERESTING_ARTIFACT_HIT.getTypeID() == typeId) {
                 InterestingHits.RootNode interestingHitsNode = new InterestingHits(skCase, TSK_INTERESTING_ARTIFACT_HIT, dsObjId).new RootNode();
                 return new TypeNodeKey(interestingHitsNode, TSK_INTERESTING_ARTIFACT_HIT);

Core/src/org/sleuthkit/autopsy/datamodel/BlackboardArtifactNode.java

@@ -151,7 +151,8 @@ public class BlackboardArtifactNode extends AbstractContentNode<BlackboardArtifa
      * should be displayed in the node's property sheet.
      */
     private static final Integer[] SHOW_FILE_METADATA = new Integer[]{
-        BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID()
+        BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID(), 
+        BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getTypeID()
     };
 
     private final BlackboardArtifact artifact;
@@ -925,7 +926,7 @@ public class BlackboardArtifactNode extends AbstractContentNode<BlackboardArtifa
          * hit, add the type and description of the interesting artifact to the
          * sheet.
          */
-        if (artifact.getArtifactTypeID() == ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT.getTypeID()) {
+        if (artifact.getArtifactTypeID() == ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT.getTypeID() || artifact.getArtifactTypeID() == ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getTypeID()) {
             try {
                 BlackboardAttribute attribute = artifact.getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_ASSOCIATED_ARTIFACT));
                 if (attribute != null) {
@@ -946,7 +947,7 @@ public class BlackboardArtifactNode extends AbstractContentNode<BlackboardArtifa
                             associatedArtifact.getShortDescription()));
                 }
             } catch (TskCoreException | NoCurrentCaseException ex) {
-                logger.log(Level.SEVERE, MessageFormat.format("Error getting associated artifact of TSK_INTERESTING_ARTIFACT_HIT artifact (objID={0}))", artifact.getId()), ex); //NON-NLS
+                logger.log(Level.SEVERE, MessageFormat.format("Error getting associated artifact of " + artifact.getType().getTypeName() + " artifact (objID={0}))", artifact.getId()), ex); //NON-NLS
             }
         }
 

Core/src/org/sleuthkit/autopsy/datasourcesummary/datamodel/AnalysisSummary.java

@@ -108,7 +108,7 @@ public class AnalysisSummary {
      * @throws TskCoreException
      */
     public List<Pair<String, Long>> getInterestingItemCounts(DataSource dataSource) throws SleuthkitCaseProviderException, TskCoreException {
-        return getCountsData(dataSource, TYPE_SET_NAME, ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT, ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT);
+        return getCountsData(dataSource, TYPE_SET_NAME, ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT, ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT, ARTIFACT_TYPE.TSK_INTERESTING_ITEM);
     }
 
     /**

Core/src/org/sleuthkit/autopsy/datasourcesummary/ui/AnalysisSummaryGetter.java

@@ -41,6 +41,7 @@ public class AnalysisSummaryGetter implements DefaultArtifactUpdateGovernor {
     private static final Set<Integer> ARTIFACT_UPDATE_TYPE_IDS = new HashSet<>(Arrays.asList(
             ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID(),
             ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT.getTypeID(),
+            ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getTypeID(),
             ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID(),
             ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()
     ));

Core/src/org/sleuthkit/autopsy/datasourcesummary/ui/PastCasesSummaryGetter.java

@@ -40,7 +40,8 @@ public class PastCasesSummaryGetter implements DefaultArtifactUpdateGovernor {
 
     private static final Set<Integer> ARTIFACT_UPDATE_TYPE_IDS = new HashSet<>(Arrays.asList(
             ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID(),
-            ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT.getTypeID()
+            ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT.getTypeID(),
+            ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getTypeID()
     ));
 
     private final PastCasesSummary pastSummary;

Core/src/org/sleuthkit/autopsy/directorytree/DirectoryTreeTopComponent.java

@@ -1358,6 +1358,8 @@ public final class DirectoryTreeTopComponent extends TopComponent implements Dat
             treeNode = getInterestingItemNode(typesChildren, BlackboardArtifact.Type.TSK_INTERESTING_FILE_HIT, art);
         } else if (typeID == BlackboardArtifact.Type.TSK_INTERESTING_ARTIFACT_HIT.getTypeID()) {
             treeNode = getInterestingItemNode(typesChildren, BlackboardArtifact.Type.TSK_INTERESTING_ARTIFACT_HIT, art);
+        } else if (typeID == BlackboardArtifact.Type.TSK_INTERESTING_ITEM.getTypeID()) {
+            treeNode = getInterestingItemNode(typesChildren, BlackboardArtifact.Type.TSK_INTERESTING_ITEM, art);
         } else if (typeID == BlackboardArtifact.Type.TSK_EMAIL_MSG.getTypeID()) {
             treeNode = getEmailNode(typesChildren, art);
         } else if (typeID == BlackboardArtifact.Type.TSK_ACCOUNT.getTypeID()) {

Core/src/org/sleuthkit/autopsy/discovery/search/DiscoveryAttributes.java

@@ -791,8 +791,8 @@ public class DiscoveryAttributes {
                 CentralRepository centralRepoDb, SearchContext context) throws DiscoveryException, SearchCancellationException {
 
             // Get pairs of (object ID, interesting item set name) for all files in the list of files that have
-            // interesting file set hits.
+            // interesting item set hits.
-            String selectQuery = createSetNameClause(results, BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID(),
+            String selectQuery = createSetNameClause(results, BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getTypeID(),
                     BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME.getTypeID());
 
             InterestingFileSetNamesCallback callback = new InterestingFileSetNamesCallback(results);

Core/src/org/sleuthkit/autopsy/discovery/search/SearchFiltering.java

@@ -875,8 +875,9 @@ public class SearchFiltering {
             String intItemSetPart = concatenateNamesForSQL(setNames);
 
             String queryStr = "(obj_id IN (SELECT obj_id from blackboard_artifacts WHERE artifact_id IN "
-                    + "(SELECT artifact_id FROM blackboard_attributes WHERE artifact_type_id = " + BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID()
+                    + "(SELECT artifact_id FROM blackboard_attributes WHERE (artifact_type_id = " + BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID() 
-                    + " AND attribute_type_ID = " + BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME.getTypeID() + " "
+                    +" OR artifact_type_id = " + BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getTypeID()
+                    + ") AND attribute_type_ID = " + BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME.getTypeID() + " "
                     + "AND (" + intItemSetPart + "))))";  // NON-NLS
 
             return queryStr;
@@ -964,6 +965,7 @@ public class SearchFiltering {
             if (scores.contains(Score.INTERESTING)) {
                 // Matches interesting item artifact
                 intItemQueryPart = " (obj_id IN (SELECT obj_id from blackboard_artifacts WHERE artifact_type_id = "
+                        + BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getTypeID() + " OR artifact_type_id = "
                         + BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID() + ")) ";
             }
 

Core/src/org/sleuthkit/autopsy/discovery/ui/DiscoveryDialog.java

@@ -746,7 +746,8 @@ final class DiscoveryDialog extends javax.swing.JDialog {
                                 shouldUpdate = shouldUpdateFilters(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DESCRIPTION.getTypeID(), eventData, objectsDetected);
                             } else if (eventData.getBlackboardArtifactType().getTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()) {
                                 shouldUpdate = shouldUpdateFilters(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME.getTypeID(), eventData, hashSets);
-                            } else if (eventData.getBlackboardArtifactType().getTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID()
+                            } else if (eventData.getBlackboardArtifactType().getTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getTypeID()
+                                    || eventData.getBlackboardArtifactType().getTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID()
                                     || eventData.getBlackboardArtifactType().getTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT.getTypeID()) {
                                 shouldUpdate = shouldUpdateFilters(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME.getTypeID(), eventData, interestingItems);
                             }

Core/src/org/sleuthkit/autopsy/discovery/ui/InterestingItemsFilterPanel.java

@@ -58,7 +58,7 @@ final class InterestingItemsFilterPanel extends AbstractDiscoveryFilterPanel {
     private void setUpInterestingItemsFilter() {
         try {
             interestingItemsList.clearList();
-            List<String> setNames = DiscoveryUiUtils.getSetNames(BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT,
+            List<String> setNames = DiscoveryUiUtils.getSetNames(BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM,
                     BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME);
             for (String name : setNames) {
                 interestingItemsList.addElement(name, null, name);

Core/src/org/sleuthkit/autopsy/logicalimager/dsp/AddLogicalImageTask.java

@@ -443,7 +443,7 @@ final class AddLogicalImageTask implements Runnable {
         BlackboardArtifact artifact;
         try {
             artifact = this.blackboard.newAnalysisResult(
-                    BlackboardArtifact.Type.TSK_INTERESTING_FILE_HIT, fileId, dataSourceId,
+                    BlackboardArtifact.Type.TSK_INTERESTING_ITEM, fileId, dataSourceId,
                     Score.SCORE_LIKELY_NOTABLE,
                     null, ruleSetName, null,
                     Arrays.asList(

Core/src/org/sleuthkit/autopsy/modules/embeddedfileextractor/SevenZipExtractor.java

@@ -69,7 +69,7 @@ import org.sleuthkit.autopsy.modules.filetypeid.FileTypeDetector;
 import org.sleuthkit.datamodel.AbstractFile;
 import org.sleuthkit.datamodel.Blackboard;
 import org.sleuthkit.datamodel.BlackboardArtifact;
-import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT;
+import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM;
 import org.sleuthkit.datamodel.BlackboardAttribute;
 import static org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_COMMENT;
 import static org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DESCRIPTION;
@@ -327,10 +327,10 @@ class SevenZipExtractor {
                             TSK_COMMENT, MODULE_NAME,
                             details));
 
-            if (!blackboard.artifactExists(archiveFile, TSK_INTERESTING_FILE_HIT, attributes)) {
+            if (!blackboard.artifactExists(archiveFile, TSK_INTERESTING_ITEM, attributes)) {
  
                 BlackboardArtifact artifact = rootArchive.getArchiveFile().newAnalysisResult(
-                        BlackboardArtifact.Type.TSK_INTERESTING_FILE_HIT, Score.SCORE_LIKELY_NOTABLE, 
+                        BlackboardArtifact.Type.TSK_INTERESTING_ITEM, Score.SCORE_LIKELY_NOTABLE, 
                         null, setName, null, 
                         attributes)
                         .getAnalysisResult();

Core/src/org/sleuthkit/autopsy/modules/filetypeid/FileTypeIdIngestModule.java

@@ -36,7 +36,7 @@ import org.sleuthkit.autopsy.modules.filetypeid.CustomFileTypesManager.CustomFil
 import org.sleuthkit.datamodel.AbstractFile;
 import org.sleuthkit.datamodel.Blackboard;
 import org.sleuthkit.datamodel.BlackboardArtifact;
-import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT;
+import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM;
 import org.sleuthkit.datamodel.BlackboardAttribute;
 import static org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_CATEGORY;
 import static org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME;
@@ -194,9 +194,9 @@ public class FileTypeIdIngestModule implements FileIngestModule {
 
             Blackboard tskBlackboard = currentCase.getSleuthkitCase().getBlackboard();
             // Create artifact if it doesn't already exist.
-            if (!tskBlackboard.artifactExists(file, TSK_INTERESTING_FILE_HIT, attributes)) {
+            if (!tskBlackboard.artifactExists(file, TSK_INTERESTING_ITEM, attributes)) {
                 BlackboardArtifact artifact = file.newAnalysisResult(
-                        BlackboardArtifact.Type.TSK_INTERESTING_FILE_HIT, Score.SCORE_LIKELY_NOTABLE, 
+                        BlackboardArtifact.Type.TSK_INTERESTING_ITEM, Score.SCORE_LIKELY_NOTABLE, 
                         null, fileType.getInterestingFilesSetName(), null, 
                         attributes)
                         .getAnalysisResult();
@@ -208,12 +208,12 @@ public class FileTypeIdIngestModule implements FileIngestModule {
                      */
                     tskBlackboard.postArtifact(artifact, FileTypeIdModuleFactory.getModuleName());
                 } catch (Blackboard.BlackboardException ex) {
-                    logger.log(Level.SEVERE, String.format("Unable to index TSK_INTERESTING_FILE_HIT blackboard artifact %d (file obj_id=%d)", artifact.getArtifactID(), file.getId()), ex); //NON-NLS
+                    logger.log(Level.SEVERE, String.format("Unable to index TSK_INTERESTING_ITEM blackboard artifact %d (file obj_id=%d)", artifact.getArtifactID(), file.getId()), ex); //NON-NLS
                 }
             }
 
         } catch (TskCoreException ex) {
-            logger.log(Level.SEVERE, String.format("Unable to create TSK_INTERESTING_FILE_HIT artifact for file (obj_id=%d)", file.getId()), ex); //NON-NLS
+            logger.log(Level.SEVERE, String.format("Unable to create TSK_INTERESTING_ITEM artifact for file (obj_id=%d)", file.getId()), ex); //NON-NLS
         } catch (NoCurrentCaseException ex) {
             logger.log(Level.SEVERE, "Exception while getting open case.", ex); //NON-NLS
         }

Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesIdentifierIngestModule.java

@@ -39,7 +39,7 @@ import org.sleuthkit.autopsy.ingest.IngestServices;
 import org.sleuthkit.datamodel.AbstractFile;
 import org.sleuthkit.datamodel.Blackboard;
 import org.sleuthkit.datamodel.BlackboardArtifact;
-import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT;
+import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM;
 import org.sleuthkit.datamodel.BlackboardAttribute;
 import static org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_CATEGORY;
 import static org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME;
@@ -142,9 +142,9 @@ final class FilesIdentifierIngestModule implements FileIngestModule {
                     );
 
                     // Create artifact if it doesn't already exist.
-                    if (!blackboard.artifactExists(file, TSK_INTERESTING_FILE_HIT, attributes)) {
+                    if (!blackboard.artifactExists(file, TSK_INTERESTING_ITEM, attributes)) {
                         BlackboardArtifact artifact = file.newAnalysisResult(
-                                BlackboardArtifact.Type.TSK_INTERESTING_FILE_HIT, Score.SCORE_LIKELY_NOTABLE, 
+                                BlackboardArtifact.Type.TSK_INTERESTING_ITEM, Score.SCORE_LIKELY_NOTABLE, 
                                 null, filesSet.getName(), null, 
                                 attributes)
                                 .getAnalysisResult();

Core/src/org/sleuthkit/autopsy/report/infrastructure/PortableCaseInterestingItemsListPanel.java

@@ -108,6 +108,7 @@ class PortableCaseInterestingItemsListPanel extends javax.swing.JPanel {
             try {
                 // Get all SET_NAMEs from interesting item artifacts
                 String innerSelect = "SELECT (value_text) AS set_name FROM blackboard_attributes WHERE (artifact_type_id = '"
+                        + BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getTypeID() + "' OR artifact_type_id = '"
                         + BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID() + "' OR artifact_type_id = '"
                         + BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT.getTypeID() + "') AND attribute_type_id = '"
                         + BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME.getTypeID() + "'"; // NON-NLS

Core/src/org/sleuthkit/autopsy/report/infrastructure/TableReportGenerator.java

@@ -358,7 +358,7 @@ class TableReportGenerator {
         // Give the modules the rows for the content tags. 
         for (ContentTag tag : tags) {
             try {
-                if(shouldFilterFromReport(tag.getContent())) {
+                if (shouldFilterFromReport(tag.getContent())) {
                     continue;
                 }
             } catch (TskCoreException ex) {
@@ -451,7 +451,7 @@ class TableReportGenerator {
         // Give the modules the rows for the content tags. 
         for (BlackboardArtifactTag tag : tags) {
             try {
-                if(shouldFilterFromReport(tag.getContent())) {
+                if (shouldFilterFromReport(tag.getContent())) {
                     continue;
                 }
             } catch (TskCoreException ex) {
@@ -813,7 +813,7 @@ class TableReportGenerator {
                     AbstractFile f = openCase.getSleuthkitCase().getAbstractFileById(objId);
                     if (f != null) {
                         uniquePath = openCase.getSleuthkitCase().getAbstractFileById(objId).getUniquePath();
-                        if(shouldFilterFromReport(f)) {
+                        if (shouldFilterFromReport(f)) {
                             continue;
                         }
                     }
@@ -973,7 +973,7 @@ class TableReportGenerator {
                     AbstractFile f = openCase.getSleuthkitCase().getAbstractFileById(objId);
                     if (f != null) {
                         uniquePath = openCase.getSleuthkitCase().getAbstractFileById(objId).getUniquePath();
-                        if(shouldFilterFromReport(f)) {
+                        if (shouldFilterFromReport(f)) {
                             continue;
                         }
                     }
@@ -1161,8 +1161,9 @@ class TableReportGenerator {
                 }
                 orderedRowData.add(makeCommaSeparatedList(getTags()));
 
-            } else if (BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID() == getArtifact().getArtifactTypeID()) {
+            } else if (BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID() == getArtifact().getArtifactTypeID()
-                String[] attributeDataArray = new String[5];
+                    || BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getTypeID() == getArtifact().getArtifactTypeID()) {
+                String[] attributeDataArray = new String[7];
                 // Array is used so that order of the attributes is maintained.
                 for (BlackboardAttribute attr : attributes) {
                     if (attr.getAttributeType().equals(new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME))) {
@@ -1173,6 +1174,10 @@ class TableReportGenerator {
                         attributeDataArray[3] = attr.getDisplayString();
                     } else if (attr.getAttributeType().equals(new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DESCRIPTION))) {
                         attributeDataArray[4] = attr.getDisplayString();
+                    } else if (attr.getAttributeType().equals(new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_ASSOCIATED_ARTIFACT))) {
+                        attributeDataArray[5] = attr.getDisplayString();
+                    } else if (attr.getAttributeType().equals(new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME))) {
+                        attributeDataArray[6] = attr.getDisplayString();
                     }
                 }
 
@@ -1218,7 +1223,7 @@ class TableReportGenerator {
         List<ArtifactData> artifacts = new ArrayList<>();
         try {
             for (BlackboardArtifact artifact : Case.getCurrentCaseThrows().getSleuthkitCase().getBlackboardArtifacts(type.getTypeID())) {
-                if(shouldFilterFromReport(artifact)) {
+                if (shouldFilterFromReport(artifact)) {
                     continue;
                 }
 
@@ -1339,7 +1344,7 @@ class TableReportGenerator {
                     new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH)));
 
             columns.add(new AttributeColumn(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.dateTime"),
-                    new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED )));
+                    new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED)));
 
             attributeTypeSet.remove(new Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH_ID));
         } else if (BlackboardArtifact.ARTIFACT_TYPE.TSK_INSTALLED_PROG.getTypeID() == artifactTypeId) {
@@ -1708,6 +1713,28 @@ class TableReportGenerator {
             columns.add(new AttributeColumn(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.program"),
                     new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME)));
 
+        } else if (BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getTypeID() == artifactTypeId) {
+            columns.add(new AttributeColumn(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.tskSetName"),
+                    new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME)));
+
+            columns.add(new AttributeColumn(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.associatedArtifact"),
+                    new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_ASSOCIATED_ARTIFACT)));
+
+            columns.add(new AttributeColumn(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.program"),
+                    new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME)));
+
+            columns.add(new AttributeColumn(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.tskInterestingFilesCategory"),
+                    new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_CATEGORY)));
+
+            columns.add(new AttributeColumn(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.tskPath"),
+                    new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH)));
+
+            columns.add(new AttributeColumn(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.comment"),
+                    new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_COMMENT)));
+
+            columns.add(new AttributeColumn(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.description"),
+                    new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DESCRIPTION)));
+
         } else if (BlackboardArtifact.ARTIFACT_TYPE.TSK_PROG_RUN.getTypeID() == artifactTypeId) {
             columns.add(new AttributeColumn(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.program"),
                     new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME)));
@@ -1822,7 +1849,7 @@ class TableReportGenerator {
      * Indicates if the content should be filtered from the report.
      */
     private boolean shouldFilterFromReport(Content content) throws TskCoreException {
-        if(this.settings.getSelectedDataSources() == null) {
+        if (this.settings.getSelectedDataSources() == null) {
             return false;
         }
 

Core/src/org/sleuthkit/autopsy/report/modules/html/HTMLReport.java

@@ -213,7 +213,7 @@ public class HTMLReport implements TableReportModule {
      * Copies a suitable icon for the given data type in the output directory
      * and returns the icon file name to use for the given data type.
      */
-    @SuppressWarnings( "deprecation" )
+    @SuppressWarnings("deprecation")
     private String useDataTypeIcon(String dataType) {
         String iconFilePath;
         String iconFileName;
@@ -326,9 +326,10 @@ public class HTMLReport implements TableReportModule {
                     in = getClass().getResourceAsStream("/org/sleuthkit/autopsy/images/mismatch-16.png"); //NON-NLS
                     break;
                 case TSK_INTERESTING_ARTIFACT_HIT:
-                    in = getClass().getResourceAsStream("/org/sleuthkit/autopsy/images/interesting_item.png"); //NON-NLS
+                //fall through deprecated type to TSK_INTERESTING_ITEM
-                    break;
                 case TSK_INTERESTING_FILE_HIT:
+                //fall through deprecated type to TSK_INTERESTING_ITEM
+                case TSK_INTERESTING_ITEM:
                     in = getClass().getResourceAsStream("/org/sleuthkit/autopsy/images/interesting_item.png"); //NON-NLS
                     break;
                 case TSK_PROG_RUN:
@@ -825,6 +826,7 @@ public class HTMLReport implements TableReportModule {
      * Finds all associated image tags.
      *
      * @param contentTags
+     *
      * @return
      */
     private List<ImageTagRegion> getTaggedRegions(List<ContentTag> contentTags) {

Core/src/org/sleuthkit/autopsy/report/modules/portablecase/PortableCaseReportModule.java

@@ -444,6 +444,24 @@ public class PortableCaseReportModule implements ReportModule {
                 handleError("Error copying interesting results", Bundle.PortableCaseReportModule_generateReport_errorCopyingInterestingResults(), ex, progressPanel); // NON-NLS
                 return;
             }
+
+            try {
+                List<AnalysisResult> interestingResults = currentCase.getSleuthkitCase().getBlackboard().getAnalysisResultsByType(BlackboardArtifact.Type.TSK_INTERESTING_ITEM.getTypeID());
+                for (AnalysisResult art : interestingResults) {
+                    // Check for cancellation 
+                    if (progressPanel.getStatus() == ReportProgressPanel.ReportStatus.CANCELED) {
+                        handleCancellation(progressPanel);
+                        return;
+                    }
+                    BlackboardAttribute setAttr = art.getAttribute(new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME));
+                    if (setNames.contains(setAttr.getValueString())) {
+                        copyContentToPortableCase(art, progressPanel);
+                    }
+                }
+            } catch (TskCoreException ex) {
+                handleError("Error copying interesting items", Bundle.PortableCaseReportModule_generateReport_errorCopyingInterestingResults(), ex, progressPanel); // NON-NLS
+                return;
+            }
         }
 
         // Check for cancellation 
@@ -469,7 +487,7 @@ public class PortableCaseReportModule implements ReportModule {
         if (options.shouldCompress()) {
             progressPanel.updateStatusLabel(Bundle.PortableCaseReportModule_generateReport_compressingCase());
 
-            if(!compressCase(progressPanel, options.includeApplication() ? outputDir.getAbsolutePath() : caseFolder.getAbsolutePath())){
+            if (!compressCase(progressPanel, options.includeApplication() ? outputDir.getAbsolutePath() : caseFolder.getAbsolutePath())) {
                 // Errors have been handled already
                 return;
             }
@@ -594,6 +612,8 @@ public class PortableCaseReportModule implements ReportModule {
                     BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT);
             allArtifacts.addAll(skCase.getBlackboardArtifacts(
                     BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT));
+            allArtifacts.addAll(skCase.getBlackboardArtifacts(
+                    BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM));
 
             for (BlackboardArtifact bArt : allArtifacts) {
                 BlackboardAttribute setAttr = bArt.getAttribute(
@@ -660,6 +680,7 @@ public class PortableCaseReportModule implements ReportModule {
         // Get all SET_NAMEs from interesting item artifacts
         String innerSelect = "SELECT (value_text) AS set_name FROM blackboard_attributes WHERE (artifact_type_id = '"
                 + BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID() + "' OR artifact_type_id = '"
+                + BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getTypeID() + "' OR artifact_type_id = '"
                 + BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT.getTypeID() + "') AND attribute_type_id = '"
                 + BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME.getTypeID() + "'"; // NON-NLS
 
@@ -1008,7 +1029,6 @@ public class PortableCaseReportModule implements ReportModule {
             newDataSourceId = copyContent(artifactToCopy.getDataSource());
         }
 
-        
         // Create the new artifact
         int newArtifactTypeId = getNewArtifactTypeId(artifactToCopy);
         BlackboardArtifact.Type newArtifactType = portableSkCase.getBlackboard().getArtifactType(newArtifactTypeId);
@@ -1171,7 +1191,7 @@ public class PortableCaseReportModule implements ReportModule {
             // Get or create the host (if needed) before beginning transaction.
             Host newHost = null;
             if (content instanceof DataSource) {
-                newHost = copyHost(((DataSource)content).getHost());
+                newHost = copyHost(((DataSource) content).getHost());
             }
 
             // Copy the associated OS account (if needed) before beginning transaction.
@@ -1278,11 +1298,13 @@ public class PortableCaseReportModule implements ReportModule {
     }
 
     /**
-     * Copy a host into the portable case and add it to the oldHostIdToNewHost map.
+     * Copy a host into the portable case and add it to the oldHostIdToNewHost
+     * map.
      *
      * @param oldHost The host to copy
      *
      * @return The new host
+     *
      * @throws TskCoreException
      */
     private Host copyHost(Host oldHost) throws TskCoreException {
@@ -1297,8 +1319,8 @@ public class PortableCaseReportModule implements ReportModule {
     }
 
     /**
-     * Copy an OS Account to the new case and add it to the oldOsAccountIdToNewOsAccountId map.
+     * Copy an OS Account to the new case and add it to the
-     * Will also copy the associated realm.
+     * oldOsAccountIdToNewOsAccountId map. Will also copy the associated realm.
      *
      * @param oldOsAccountId The OS account id in the current case.
      */
@@ -1364,7 +1386,8 @@ public class PortableCaseReportModule implements ReportModule {
     /**
      * Copy path ID attribute to new case along with the referenced file.
      *
-     * @param newArtifact The new artifact in the portable case. Should not have a TSK_PATH_ID attribute.
+     * @param newArtifact The new artifact in the portable case. Should not have
+     *                    a TSK_PATH_ID attribute.
      * @param oldArtifact The old artifact.
      *
      * @throws TskCoreException
@@ -1387,9 +1410,11 @@ public class PortableCaseReportModule implements ReportModule {
     /**
      * Copy attachments to the portable case.
      *
-     * @param newArtifact The new artifact in the portable case. Should not have a TSK_ATTACHMENTS attribute.
+     * @param newArtifact The new artifact in the portable case. Should not have
+     *                    a TSK_ATTACHMENTS attribute.
      * @param oldArtifact The old artifact.
-     * @param newFile     The new file in the portable case associated with the artifact.
+     * @param newFile     The new file in the portable case associated with the
+     *                    artifact.
      *
      * @throws TskCoreException
      */
@@ -1418,7 +1443,7 @@ public class PortableCaseReportModule implements ReportModule {
                 // Get the name of the module(s) that created the attachment
                 String newSourceStr = "";
                 List<String> oldSources = attachmentsAttr.getSources();
-                if (! oldSources.isEmpty()) {
+                if (!oldSources.isEmpty()) {
                     newSourceStr = String.join(",", oldSources);
                 }
 
@@ -1426,8 +1451,7 @@ public class PortableCaseReportModule implements ReportModule {
                 CommunicationArtifactsHelper communicationArtifactsHelper = new CommunicationArtifactsHelper(currentCase.getSleuthkitCase(),
                         newSourceStr, newFile, Account.Type.EMAIL);
                 communicationArtifactsHelper.addAttachments(newArtifact, new MessageAttachments(newFileAttachments, msgAttachments.getUrlAttachments()));
-            } 
+            } catch (BlackboardJsonAttrUtil.InvalidJsonException ex) {
-            catch (BlackboardJsonAttrUtil.InvalidJsonException ex) {
                 throw new TskCoreException(String.format("Unable to parse json for MessageAttachments object in artifact: %s", oldArtifact.getName()), ex);
             }
         } else {    // backward compatibility - email message attachments are derived files, children of the message.

Core/src/org/sleuthkit/autopsy/test/InterestingArtifactCreatorIngestModule.java

@@ -48,8 +48,8 @@ final class InterestingArtifactCreatorIngestModule extends FileIngestModuleAdapt
     private static final String MODULE_NAME = InterestingArtifactCreatorIngestModuleFactory.getModuleName();
     private static final String[] ARTIFACT_TYPE_NAMES = {"TSK_WEB_BOOKMARK", "TSK_KEYWORD_HIT", "TSK_CALLLOG"};
     private static final String[] ARTIFACT_DISPLAY_NAMES = {"Web Bookmarks", "Keyword Hits", "Call Logs"};
-    private static final String INT_ARTIFACT_TYPE_NAME = BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT.getLabel();
+    private static final String INT_ARTIFACT_TYPE_NAME = BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getLabel();
-    private static final String INT_ARTIFACT_DISPLAY_NAME = BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT.getDisplayName();
+    private static final String INT_ARTIFACT_DISPLAY_NAME = BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getDisplayName();
     private BlackboardArtifact.Type artifactType;
 
     @Override

Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/EmbeddedFileTest.java

@@ -134,7 +134,7 @@ public class EmbeddedFileTest extends NbTestCase {
                     ArrayList<BlackboardArtifact> artifacts = file.getAllArtifacts();
                     assertEquals("Zip bomb " + file.getName() + " has incorrect number of artifacts", 1, artifacts.size());
                     for (BlackboardArtifact artifact : artifacts) {
-                        assertEquals("Artifact for Zip bomb " + file.getName() + " has incorrect type ID", artifact.getArtifactTypeID(), BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID());
+                        assertEquals("Artifact for Zip bomb " + file.getName() + " has incorrect type ID", artifact.getArtifactTypeID(), BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM.getTypeID());
                         BlackboardAttribute attribute = artifact.getAttribute(new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME));
                         assertNotNull("No attribute found for artifact on zip bomb " + file.getName(), attribute);
                         assertEquals("Interesting artifact on file, " + file.getName() + ", does not reflect it being a zip bomb", zipBombSetName, attribute.getDisplayString());

Experimental/src/org/sleuthkit/autopsy/experimental/volatilityDSP/VolatilityProcessor.java

@@ -381,9 +381,9 @@ class VolatilityProcessor {
                         Collection<BlackboardAttribute> attributes = singleton(new BlackboardAttribute(TSK_SET_NAME, VOLATILITY, setName));
 
                         // Create artifact if it doesn't already exist.
-                        if (!blackboard.artifactExists(resolvedFile, BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT, attributes)) {
+                        if (!blackboard.artifactExists(resolvedFile, BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM, attributes)) {
                             BlackboardArtifact volArtifact = resolvedFile.newAnalysisResult(
-                                    BlackboardArtifact.Type.TSK_INTERESTING_FILE_HIT, Score.SCORE_LIKELY_NOTABLE, 
+                                    BlackboardArtifact.Type.TSK_INTERESTING_ITEM, Score.SCORE_LIKELY_NOTABLE, 
                                     null, setName, null, 
                                     attributes)
                                     .getAnalysisResult();

docs/doxygen/modFileIngestTutorial.dox

@@ -82,9 +82,9 @@ Now that we have found the files, we want to do something with them. In our situ
 
 A list of standard artifact types can be found in the <a href="http://sleuthkit.org/sleuthkit/docs/jni-docs/latest/artifact_catalog_page.html">artifact catalog</a>. It is important to note the catagory for the artifact you want to since this affects which method you will use to create the artifact.
 
-For our example, we are going to make an artifact of type "TSK_INTERESTING_FILE", which is an analysis result, whenever we find a big and round file. These are one of the most generic artifact types and are simply a way of alerting the user that a file is interesting for some reason. Once you make the artifact, it will be shown in the UI. The below code makes an artifact for the file and puts it into the set of "Big and Round Files". You can create whatever set names you want. The Autopsy GUI organizes Interesting Files by their set name.
+For our example, we are going to make an artifact of type "TSK_INTERESTING_ITEM", which is an analysis result, whenever we find a big and round file. These are one of the most generic artifact types and are simply a way of alerting the user that a file is interesting for some reason. Once you make the artifact, it will be shown in the UI. The below code makes an artifact for the file and puts it into the set of "Big and Round Files". You can create whatever set names you want. The Autopsy GUI organizes Interesting Files by their set name.
 \verbatim            
-    art = file.newAnalysisResult(BlackboardArtifact.Type.TSK_INTERESTING_FILE_HIT, Score.SCORE_LIKELY_NOTABLE,
+    art = file.newAnalysisResult(BlackboardArtifact.Type.TSK_INTERESTING_ITEM, Score.SCORE_LIKELY_NOTABLE,
         None, "Big and Round Files", None,
         Arrays.asList(
             BlackboardAttribute(BlackboardAttribute.Type.TSK_SET_NAME,
@@ -111,9 +111,9 @@ That's it. Your process() method should look something like this:
         # Look for files bigger than 10MB that are a multiple of 4096            
         if ((file.getSize() > 10485760) and ((file.getSize() % 4096) == 0)):
 
-            # Make an artifact on the blackboard.  TSK_INTERESTING_FILE_HIT is a generic type of
+            # Make an artifact on the blackboard.  TSK_INTERESTING_ITEM is a generic type of
             # artifact.  Refer to the developer docs for other examples.
-            art = file.newAnalysisResult(BlackboardArtifact.Type.TSK_INTERESTING_FILE_HIT, Score.SCORE_LIKELY_NOTABLE,
+            art = file.newAnalysisResult(BlackboardArtifact.Type.TSK_INTERESTING_ITEM, Score.SCORE_LIKELY_NOTABLE,
                                          None, "Big and Round Files", None,
                                          Arrays.asList(
                                              BlackboardAttribute(BlackboardAttribute.Type.TSK_SET_NAME,

pythonExamples/July2015FileTutorial_BigRound/FindBigRoundFiles.py

@@ -120,9 +120,9 @@ class FindBigRoundFilesIngestModule(FileIngestModule):
         # Look for files bigger than 10MB that are a multiple of 4096            
         if ((file.getSize() > 10485760) and ((file.getSize() % 4096) == 0)):
 
-            # Make an artifact on the blackboard.  TSK_INTERESTING_FILE_HIT is a generic type of
+            # Make an artifact on the blackboard.  TSK_INTERESTING_ITEM is a generic type of
             # artifact.  Refer to the developer docs for other examples.
-            art = file.newAnalysisResult(BlackboardArtifact.Type.TSK_INTERESTING_FILE_HIT, Score.SCORE_LIKELY_NOTABLE,
+            art = file.newAnalysisResult(BlackboardArtifact.Type.TSK_INTERESTING_ITEM, Score.SCORE_LIKELY_NOTABLE,
                                          None, "Big and Round Files", None,
                                          Arrays.asList(
                                              BlackboardAttribute(BlackboardAttribute.Type.TSK_SET_NAME,

pythonExamples/dataSourceIngestModule.py

@@ -137,12 +137,12 @@ class SampleJythonDataSourceIngestModule(DataSourceIngestModule):
             self.log(Level.INFO, "Processing file: " + file.getName())
             fileCount += 1
 
-            # Make an artifact on the blackboard.  TSK_INTERESTING_FILE_HIT is a generic type of
+            # Make an artifact on the blackboard.  TSK_INTERESTING_ITEM is a generic type of
-            # artfiact.  Refer to the developer docs for other examples.
+            # artifact.  Refer to the developer docs for other examples.
             attrs = Arrays.asList(BlackboardAttribute(BlackboardAttribute.Type.TSK_SET_NAME,
                                                       SampleJythonDataSourceIngestModuleFactory.moduleName,
                                                       "Test file"))
-            art = file.newAnalysisResult(BlackboardArtifact.Type.TSK_INTERESTING_FILE_HIT, Score.SCORE_LIKELY_NOTABLE,
+            art = file.newAnalysisResult(BlackboardArtifact.Type.TSK_INTERESTING_ITEM, Score.SCORE_LIKELY_NOTABLE,
                                          None, "Test file", None, attrs).getAnalysisResult()
 
             try:

pythonExamples/fileIngestModule.py

@@ -125,12 +125,12 @@ class SampleJythonFileIngestModule(FileIngestModule):
             self.log(Level.INFO, "Found a text file: " + file.getName())
             self.filesFound+=1
 
-            # Make an artifact on the blackboard.  TSK_INTERESTING_FILE_HIT is a generic type of
+            # Make an artifact on the blackboard.  TSK_INTERESTING_ITEM is a generic type of
             # artifact.  Refer to the developer docs for other examples.
             attrs = Arrays.asList(BlackboardAttribute(BlackboardAttribute.Type.TSK_SET_NAME,
                   SampleJythonFileIngestModuleFactory.moduleName, "Text Files"))
 
-            art = file.newAnalysisResult(BlackboardArtifact.Type.TSK_INTERESTING_FILE_HIT, Score.SCORE_LIKELY_NOTABLE,
+            art = file.newAnalysisResult(BlackboardArtifact.Type.TSK_INTERESTING_ITEM, Score.SCORE_LIKELY_NOTABLE,
                                          None, "Text Files", None, attrs).getAnalysisResult()
 
             try:
@@ -142,7 +142,7 @@ class SampleJythonFileIngestModule(FileIngestModule):
             # For the example (this wouldn't be needed normally), we'll query the blackboard for data that was added
             # by other modules. We then iterate over its attributes.  We'll just print them, but you would probably
             # want to do something with them.
-            artifactList = file.getArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT)
+            artifactList = file.getArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ITEM)
             for artifact in artifactList:
                 attributeList = artifact.getAttributes()
                 for attrib in attributeList: