Skip to content
Snippets Groups Projects
Commit 47ce334b authored by eugene.livis's avatar eugene.livis
Browse files

Polishing

parent 0dfa1fb9
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Core/src/org/sleuthkit/autopsy/datamodel/Artifacts.java
+ 1
0
View file @ 47ce334b
...@@ -73,6 +73,7 @@ public class Artifacts { ...@@ -73,6 +73,7 @@ public class Artifacts {
private static final Set<IngestManager.IngestJobEvent> INGEST_JOB_EVENTS_OF_INTEREST private static final Set<IngestManager.IngestJobEvent> INGEST_JOB_EVENTS_OF_INTEREST
= EnumSet.of(IngestManager.IngestJobEvent.COMPLETED, IngestManager.IngestJobEvent.CANCELLED); = EnumSet.of(IngestManager.IngestJobEvent.COMPLETED, IngestManager.IngestJobEvent.CANCELLED);
// this is currently a custom TSK artifact type, created in MalwareScanIngestModule
private static BlackboardArtifact.Type MALWARE_ARTIFACT_TYPE = null; private static BlackboardArtifact.Type MALWARE_ARTIFACT_TYPE = null;
private static final String MALWARE_HITS = "TSK_MALWARE"; private static final String MALWARE_HITS = "TSK_MALWARE";
......
Core/src/org/sleuthkit/autopsy/datamodel/MalwareHits.java
+ 5
5
View file @ 47ce334b
...@@ -57,7 +57,7 @@ ...@@ -57,7 +57,7 @@
*/ */
public class MalwareHits implements AutopsyVisitableItem { public class MalwareHits implements AutopsyVisitableItem {
private static final String MALWARE_HITS = "TSK_MALWARE"; private static final String MALWARE_HITS = "TSK_MALWARE"; // this is currently a custom TSK artifact type, created in MalwareScanIngestModule
private static BlackboardArtifact.Type MALWARE_ARTIFACT_TYPE = null; private static BlackboardArtifact.Type MALWARE_ARTIFACT_TYPE = null;
private static String DISPLAY_NAME; private static String DISPLAY_NAME;
private static final Logger logger = Logger.getLogger(MalwareHits.class.getName()); private static final Logger logger = Logger.getLogger(MalwareHits.class.getName());
...@@ -139,12 +139,12 @@ final void update() { ...@@ -139,12 +139,12 @@ final void update() {
String query = "SELECT blackboard_artifacts.artifact_obj_id " //NON-NLS String query = "SELECT blackboard_artifacts.artifact_obj_id " //NON-NLS
+ "FROM blackboard_artifacts,tsk_analysis_results WHERE " //NON-NLS + "FROM blackboard_artifacts,tsk_analysis_results WHERE " //NON-NLS
+ "blackboard_artifacts.artifact_type_id=" + MALWARE_ARTIFACT_TYPE.getTypeID() + "blackboard_artifacts.artifact_type_id=" + MALWARE_ARTIFACT_TYPE.getTypeID() //NON-NLS
+ " AND tsk_analysis_results.artifact_obj_id=blackboard_artifacts.artifact_obj_id" //NON-NLS + " AND tsk_analysis_results.artifact_obj_id=blackboard_artifacts.artifact_obj_id" //NON-NLS
+ " AND (tsk_analysis_results.significance=" + Score.Significance.NOTABLE.getId() + " AND (tsk_analysis_results.significance=" + Score.Significance.NOTABLE.getId() //NON-NLS
+ " OR tsk_analysis_results.significance=" + Score.Significance.LIKELY_NONE.getId() + " )"; // ELTODO LIKELY_NOTABLE + " OR tsk_analysis_results.significance=" + Score.Significance.LIKELY_NOTABLE.getId() + " )"; //NON-NLS
if (filteringDSObjId > 0) { if (filteringDSObjId > 0) {
query += " AND blackboard_artifacts.data_source_obj_id = " + filteringDSObjId; query += " AND blackboard_artifacts.data_source_obj_id = " + filteringDSObjId; //NON-NLS
} }
try (CaseDbQuery dbQuery = skCase.executeQuery(query)) { try (CaseDbQuery dbQuery = skCase.executeQuery(query)) {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment