Modified Python scripts to add Raman's work

Core/release/InternalPythonModules/android/calllog.py → InternalPythonModules/android/calllog.py

@@ -35,6 +35,8 @@
 from org.sleuthkit.autopsy.coreutils import MessageNotifyUtil
 from org.sleuthkit.autopsy.datamodel import ContentUtils
 from org.sleuthkit.autopsy.ingest import IngestJobContext
+from org.sleuthkit.autopsy.ingest import IngestServices
+from org.sleuthkit.autopsy.ingest import ModuleDataEvent
 from org.sleuthkit.datamodel import AbstractFile
 from org.sleuthkit.datamodel import BlackboardArtifact
 from org.sleuthkit.datamodel import BlackboardAttribute
@@ -98,10 +100,12 @@ def __findCallLogsInDB(self, databasePath, abstractFile):
         if not databasePath:
             return
 
+        bbartifacts = list()
         try:
             connection = DriverManager.getConnection("jdbc:sqlite:" + databasePath)
             statement = connection.createStatement()
 
+
             for tableName in CallLogAnalyzer._tableNames:
                 try:
                     resultSet = statement.executeQuery("SELECT number, date, duration, type, name FROM " + tableName + " ORDER BY date DESC;")
@@ -126,6 +130,8 @@ def __findCallLogsInDB(self, databasePath, abstractFile):
                             artifact.addAttribute(BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DIRECTION, general.MODULE_NAME, directionString))
                             artifact.addAttribute(BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME, general.MODULE_NAME, name))
 
+                            bbartifacts.add(artifact)
+
                             try:
                                 # index the artifact for keyword search
                                 blackboard = Case.getCurrentCase().getServices().getBlackboard()
@@ -143,3 +149,7 @@ def __findCallLogsInDB(self, databasePath, abstractFile):
         except SQLException as ex:
             self._logger.log(Level.SEVERE, "Could not parse call log; error connecting to db " + databasePath, ex)
             self._logger.log(Level.SEVERE, traceback.format_exc())
+        finally:
+            if bbartifacts:
+                IngestServices.getInstance().fireModuleDataEvent(ModuleDataEvent(general.MODULE_NAME, BlackboardArtifact.ARTIFACT_TYPE.TSK_CALLLOG, bbartifacts))
+

Core/release/InternalPythonModules/android/contact.py → InternalPythonModules/android/contact.py

@@ -34,6 +34,8 @@
 from org.sleuthkit.autopsy.coreutils import MessageNotifyUtil
 from org.sleuthkit.autopsy.datamodel import ContentUtils
 from org.sleuthkit.autopsy.ingest import IngestJobContext
+from org.sleuthkit.autopsy.ingest import IngestServices
+from org.sleuthkit.autopsy.ingest import ModuleDataEvent
 from org.sleuthkit.datamodel import AbstractFile
 from org.sleuthkit.datamodel import BlackboardArtifact
 from org.sleuthkit.datamodel import BlackboardAttribute
@@ -77,6 +79,7 @@ def __findContactsInDB(self, databasePath, abstractFile):
         if not databasePath:
             return
 
+        bbartifacts = list()
         try:
             Class.forName("org.sqlite.JDBC") # load JDBC driver
             connection = DriverManager.getConnection("jdbc:sqlite:" + databasePath)
@@ -131,6 +134,8 @@ def __findContactsInDB(self, databasePath, abstractFile):
 
                 oldName = name
 
+                bbartifacts.add(artifact)
+
                 try:
                     # index the artifact for keyword search
                     blackboard = Case.getCurrentCase().getServices().getBlackboard()
@@ -146,6 +151,9 @@ def __findContactsInDB(self, databasePath, abstractFile):
             self._logger.log(Level.SEVERE, "Error posting to blackboard", ex)
             self._logger.log(Level.SEVERE, traceback.format_exc())
         finally:
+            if bbartifacts:
+                IngestServices.getInstance().fireModuleDataEvent(ModuleDataEvent(general.MODULE_NAME, BlackboardArtifact.ARTIFACT_TYPE.TSK_CONTACT, bbartifacts))
+
             try:
                 if resultSet is not None:
                     resultSet.close()

Core/release/InternalPythonModules/android/textmessage.py → InternalPythonModules/android/textmessage.py

@@ -35,6 +35,8 @@
 from org.sleuthkit.autopsy.coreutils import MessageNotifyUtil
 from org.sleuthkit.autopsy.datamodel import ContentUtils
 from org.sleuthkit.autopsy.ingest import IngestJobContext
+from org.sleuthkit.autopsy.ingest import IngestServices
+from org.sleuthkit.autopsy.ingest import ModuleDataEvent
 from org.sleuthkit.datamodel import AbstractFile
 from org.sleuthkit.datamodel import BlackboardArtifact
 from org.sleuthkit.datamodel import BlackboardAttribute
@@ -71,6 +73,7 @@ def __findTextsInDB(self, databasePath, abstractFile):
         if not databasePath:
             return
 
+        bbartifacts = list()
         try:
             Class.forName("org.sqlite.JDBC") # load JDBC driver
             connection = DriverManager.getConnection("jdbc:sqlite:" + databasePath)
@@ -102,6 +105,7 @@ def __findTextsInDB(self, databasePath, abstractFile):
                 artifact.addAttribute(BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_TEXT, general.MODULE_NAME, body))
                 artifact.addAttribute(BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_MESSAGE_TYPE, general.MODULE_NAME, "SMS Message"))
 
+                bbartifacts.add(artifact)
                 try:
                     # index the artifact for keyword search
                     blackboard = Case.getCurrentCase().getServices().getBlackboard()
@@ -115,6 +119,9 @@ def __findTextsInDB(self, databasePath, abstractFile):
             self._logger.log(Level.SEVERE, "Error parsing text messages to blackboard", ex)
             self._logger.log(Level.SEVERE, traceback.format_exc())
         finally:
+            if bbartifacts:
+                IngestServices.getInstance().fireModuleDataEvent(ModuleDataEvent(general.MODULE_NAME, BlackboardArtifact.ARTIFACT_TYPE.TSK_MESSAGE, bbartifacts))
+
             try:
                 if resultSet is not None:
                     resultSet.close()