TruxtonEnumeration
This class lets you enumerate things in Truxton.
Contents
Attributes and Methods
currentfile: TruxtonFileIO
The file that contained whatever is being enumerated.
currentinvestigation: TruxtonInvestigation
The investigation that contained whatever is being enumerated.
currentmedia: TruxtonMedia
The media that contained whatever is being enumerated.
reset() -> None
Rewinds the enumeration to the beginning.
scope: int
This sets the level at which things can be enumerated. The default is a global scope, you want to enumerate everything in Truxton. You can set it to:
- Type_Investigation - This will tell Truxton you wish to enumerate things in a particular investigation
- Type_Media - This will tell Truxton you wish to enumerate things in a particular piece of media
scopeid: str | UUID
This isolates the scope
to the particular investigation or media you wish to enumerate.
target: int
These are the things you want to enumerate. It can be one of the following:
- Type_Artifact - The enumeration will be TruxtonArtifact objects
- Type_Camera_Information - The enumeration will be TruxtonEXIF objects
- Type_Event - The enumeration will be TruxtonEvent objects
- Type_File - The enumeration will be TruxtonFileIO objects
- Type_Investigation - The enumeration will be TruxtonInvestigation objects
- Type_Location - The enumeration will be TruxtonLocation objects
- Type_Media - The enumeration will be TruxtonMedia objects
- Type_Message_Attachment - The enumeration will be TruxtonFileIO objects of message attachments
- Type_Message_Body - The enumeration will be TruxtonFileIO objects of message bodies
- Type_Participant - The enumeration will be TruxtonMessageParticipant objects
- Type_Website_Visit - The enumeration will be TruxtonUrl objects
Sample
This sample will enumerate all of the investigations in Truxton and list all media in those investigations. The output is JSON format. There is a more complete example on GitHub.
import sys
import json
sys.path.append('C:/Program Files/Truxton/SDK')
import truxton
trux = truxton.create()
media_status_names = json.loads(trux.mediastatusnames())
media_type_names = json.loads(trux.mediatypenames())
def output_investigation(investigation: truxton.TruxtonInvestigation, instance: int) -> None:
if instance > 0:
print(",")
d = dict()
d["id"] = investigation.id.lower()
d["name"] = investigation.name
d["case"] = investigation.case
d["description"] = investigation.description
d["jurisdiction"] = str(investigation.jurisdiction)
d["opened"] = F"{investigation.opened:%Y-%m-%dT%H:%M:%SZ}"
d["status"] = str(investigation.status)
d["type"] = str(investigation.type)
object_name = dict()
object_name["investigation"] = d;
print(json.dumps(object_name, ensure_ascii = False, sort_keys = True))
def output_media(media: truxton.TruxtonMedia) -> None:
d = dict()
d["id"] = media.id.lower()
d["name"] = media.name
d["case"] = media.case
d["loadconfiguration"] = str(media.configid)
d["created"] = F"{media.created:%Y-%m-%dT%H:%M:%SZ}"
d["description"] = media.description
d["evidencebag"] = media.evidencebag
d["expires"] = F"{media.expires:%Y-%m-%dT%H:%M:%SZ}"
d["generatedfolderid"] = media.generatedfolderid.lower()
d["latitude"] = str(media.latitude)
d["longitude"] = str(media.longitude)
d["originator"] = media.originator
d["percentcomplete"] = str(media.percentcomplete)
d["rootid"] = media.rootid.lower()
d["status"] = str(media.status)
d["statusname"] = media_status_names[str(media.status)]
d["type"] = str(media.type)
d["typename"] = media_type_names[str(media.type)]
d["updated"] = F"{media.updated:%Y-%m-%dT%H:%M:%SZ}"
object_name = dict()
object_name["media"] = d;
print("," + json.dumps(object_name, ensure_ascii = False, sort_keys = True))
def dump_investigation(investigation: truxton.TruxtonInvestigation, instance: int) -> None:
output_investigation(investigation, instance)
investigation_media = trux.newenumerator()
investigation_media.scope = truxton.Type_Investigation
investigation_media.scopeid = investigation.id
investigation_media.target = truxton.Type_Media
for media in investigation_media:
output_media(media)
def main():
investigations = trux.newenumerator()
investigations.target = truxton.Type_Investigation
print("[")
instance = 0
for investigation in investigations:
dump_investigation(investigation, instance)
instance += 1
print("]")
if __name__ == "__main__":
sys.exit(main())