itemstore

package module
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 7, 2019 License: MIT Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Directory added in v0.1.1 

type Directory struct {
	Artifact string     `json:"artifact,omitempty"`
	Type     string     `json:"type"`
	Errors   []string   `json:"errors,omitempty"`
	Path     string     `json:"path"`
	Created  *time.Time `json:"created,omitempty"`
	Modified *time.Time `json:"modified,omitempty"`
	Accessed *time.Time `json:"accessed,omitempty"`
}

type File added in v0.1.1 

type File struct {
	Artifact   string            `json:"artifact,omitempty"`
	Type       string            `json:"type"`
	Errors     []string          `json:"errors,omitempty"`
	Hashes     map[string]string `json:"hashes,omitempty"`
	Size       *int64            `json:"size,omitempty"`
	Name       string            `json:"name"`
	Created    *time.Time        `json:"created,omitempty"`
	Modified   *time.Time        `json:"modified,omitempty"`
	Accessed   *time.Time        `json:"accessed,omitempty"`
	Origin     map[string]string `json:"origin,omitempty"`
	ExportPath string            `json:"export_path,omitempty"`
}

func (File) AddError added in v0.1.1 

func (f File) AddError(err string) File

type Itemstore 

type Itemstore struct {
	Items []interface{}
}

The Itemstore is a central storage for elements in digital forensic investigations. It stores any piece of information in the investigation and serves as a single source of truth for the data. Cases, artifacts, evidence, meta data, bookmarks etc. can be stored in the itemstore. Larger binary objects like files are usually stored outside the itemstore and references from the itemstore.

func (*Itemstore) AddItem 

func (store *Itemstore) AddItem(item interface{})

AddItem adds a single item to the itemstore

func (*Itemstore) Save 

func (store *Itemstore) Save(fs afero.Fs, saffile string) error

Save persists the itemstore as json file to the given filesystem

func (*Itemstore) Size 

func (store *Itemstore) Size() int

Size returns the number of items in the itemstore

type Process added in v0.1.1 

type Process struct {
	Artifact    string     `json:"artifact,omitempty"`
	Type        string     `json:"type"`
	Errors      []string   `json:"errors,omitempty"`
	Name        string     `json:"name,omitempty"`
	Created     *time.Time `json:"created,omitempty"`
	Cwd         string     `json:"cwd,omitempty"`
	Arguments   []string   `json:"arguments,omitempty"`
	CommandLine string     `json:"command_line,omitempty"`
	StdoutPath  string     `json:"stdout_path,omitempty"`
	StderrPath  string     `json:"stderr_path,omitempty"`
}

func (Process) AddError added in v0.1.1 

func (f Process) AddError(err string) Process

type RegistryKey added in v0.1.1 

type RegistryKey struct {
	Artifact string          `json:"artifact,omitempty"`
	Type     string          `json:"type"`
	Errors   []string        `json:"errors,omitempty"`
	Key      string          `json:"key"`
	Values   []RegistryValue `json:"values,omitempty"`
	Modified *time.Time      `json:"modified,omitempty"`
}

type RegistryValue added in v0.1.1 

type RegistryValue struct {
	Name     string `json:"name"`
	Data     string `json:"data,omitempty"`
	DataType string `json:"data_type,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.