Class ArtifactDefinition

source code

The main artifact class.

Instance Methods

CheckLabels(self, art_definition)
Ensure labels are defined.

source code

BuildSources(self, art_definition)

source code

SupportedOS(self, art_definition)

source code

__init__(self, data, source_types=None)
x.__init__(...) initializes x; see help(type(x)) for signature

source code

set_implementations(self, source_types)

source code

Inherited from object: __delattr__, __format__, __getattribute__, __hash__, __new__, __reduce__, __reduce_ex__, __repr__, __setattr__, __sizeof__, __str__, __subclasshook__

Class Variables
	name = `'unknown'`
	source_types = `{'ARTIFACT_GROUP': <class 'rekall.plugins.respo...`

Properties
Inherited from `object`: `__class__`

Method Details

init(self, data, source_types=None)
(Constructor)

source code

x.__init__(...) initializes x; see help(type(x)) for signature

Overrides: object.__init__: (inherited documentation)

Class Variable Details

source_types

Value:

{'ARTIFACT_GROUP': <class 'rekall.plugins.response.forensic_artifacts.
ArtifactGroupSourceType'>,
 'FILE': <class 'rekall.plugins.response.forensic_artifacts.FileSource
Type'>,
 'REGISTRY_KEY': <class 'rekall.plugins.response.forensic_artifacts.Re
gistryKeySourceType'>,
 'REGISTRY_VALUE': <class 'rekall.plugins.response.forensic_artifacts.
RegistryValueSourceType'>,
...

Class ArtifactDefinition

__init__(self, data, source_types=None) (Constructor)

source_types

init(self, data, source_types=None)
(Constructor)