Various release and doc updates

framework/README_bindist.txt

@@ -0,0 +1,63 @@
+                       Sleuth Kit Framework
+
+                        Binary Distribution
+
+
+                            May 2012
+
+
+OVERVIEW
+
+
+This document describes the binary distribution of The Sleuth Kit (TSK)
+Framework.  The framework makes it easier to develop end-to-end digital
+forensics systems that analyze disk images.  It provides a plug-in
+infrastructure that allows you to have modules to do various types of
+file analysis.  The binary distribution of the framework comes with
+pre-compiled tools that use the framework, including the a basic set of
+"official" modules.   You can find other third-party modules that you
+can also use with the framework.
+
+NOTE: This is not an SDK package that would be used to develop systems
+that leverage the framework.  The binary distribution package provides
+access to the tsk_anlayzeimg tool that allows you to analyze a disk
+image using the framework and other pre-compiled programs.
+
+
+
+FRAMEWORK BASICS
+
+Refer to the documentation on the sleuthkit.org website for the 
+framework basics. 
+
+	http://www.sleuthkit.org/sleuthkit/docs/framework-docs
+
+
+
+FRAMEWORK SETUP
+
+The framework and pipeline configuration files are both in the bin
+directory.  The analysis modules are all located in the modules
+folder.   If you want to add more modules to the system, then you can 
+copy them into that folder and update the pipeline configuration file.
+
+
+The README documents for each of the modules can be found in the docs
+folder. 
+
+
+
+USING THE FRAMEWORK
+
+
+The framework will be most useful when it starts to get incorporated into
+more tools and starts to have more modules written for it.  For now, the
+easiest way to use the framework is using tsk_analyzeimg.  It will take
+a disk image as input, populate a SQLite datbase, and run the pipelines
+on its contents. You can run the standard set of modules on an image or
+you can add other third-party modules.
+
+
+-----------------------------------------------------------------------
+Brian Carrier
+carrier <at> sleuthkit <dot> org

framework/SampleConfig/framework_config_bindist.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<TSK_FRAMEWORK_CONFIG>
+  <MODULE_DIR>..\modules\</MODULE_DIR>  
+  <CONFIG_DIR>.\</CONFIG_DIR>
+  <PIPELINE_CONFIG_FILE>pipeline_config.xml</PIPELINE_CONFIG_FILE>
+</TSK_FRAMEWORK_CONFIG>

framework/tsk_analyzeimg/tsk_analyzeimg.cpp

@@ -46,10 +46,12 @@ makeDir(const TSK_TCHAR *dir)
 void 
 usage(const char *program) 
 {
-    fprintf(stderr, "%s [-c framework_config_file] [-p pipeline_config_file] [-d outdir] image_name\n", program);
+    fprintf(stderr, "%s [-c framework_config_file] [-p pipeline_config_file] [-d outdir] [-vV] image_name\n", program);
     fprintf(stderr, "\t-c framework_config_file: Path to XML framework config file\n");
     fprintf(stderr, "\t-p pipeline_config_file: Path to XML pipeline config file (overrides pipeline config specified with -c)\n");
     fprintf(stderr, "\t-d outdir: Path to output directory\n");
+    fprintf(stderr, "\t-v: Enable verbose mode to get more debug information\n");
+    fprintf(stderr, "\t-V: Display the tool version\n");
     exit(1);
 }
 

release/release-win.pl

@@ -129,6 +129,7 @@ sub read_pipe_line {
 	unless (-e "$ENV{'LIBEWF_HOME'}/msvscpp/release/libewf.dll" ); 
 
 
+# Starts and ends in sleuthkit
 sub build_core {
 	print "Building TSK source\n";
 	chdir "win32" or die "error changing directory into win32";
@@ -238,18 +239,43 @@ sub package_framework {
 	mkdir ("$rdir") or die "error making release directory: $rdir";
 	mkdir ("${rdir}/bin") or die "error making bin release directory: $rdir";
 	mkdir ("${rdir}/modules") or die "error making module release directory: $rdir";
-	mkdir ("${rdir}/config") or die "error making config release directory: $rdir";
 	mkdir ("${rdir}/licenses") or die "error making licenses release directory: $rdir";
+	mkdir ("${rdir}/docs") or die "error making docs release directory: $rdir";
 
 	chdir "framework" or die "error changing directory into framework";
 
 	`cp win32/framework/release/*.exe \"${rdir}/bin\"`;
-	`cp win32/framework/release/*.dll \"${rdir}/bin\"`;
-
+	`cp win32/framework/release/libtsk*.dll \"${rdir}/bin\"`;
+	`cp win32/framework/release/Poco*.dll \"${rdir}/bin\"`;
+	`cp win32/framework/release/libewf*.dll \"${rdir}/bin\"`;
+	`cp win32/framework/release/zlib.dll \"${rdir}/bin\"`;
+	`cp win32/framework/release/*Module.dll \"${rdir}/modules\"`;
+
+	`cp SampleConfig/framework_config_bindist.xml \"${rdir}/bin/framework_config.xml\"`;
+	`unix2dos \"${rdir}/bin/framework_config.xml\"`;
+
+	`cp SampleConfig/pipeline_config_template.xml \"${rdir}/bin/pipeline_config.xml\"`;
+	`unix2dos \"${rdir}/bin/pipeline_config.xml\"`;
+
+	# Copy the readme files for each module
+	opendir(my $modDir, "./TskModules") or die "Error opening TskModules folder";
+	while(my $f = readdir($modDir)) {
+		next unless ($f =~ /^c_\w+/);
+		if (-f "TskModules/$f/README.txt") {
+			`cp TskModules/$f/README.txt \"${rdir}/docs/README_${f}.txt\"`;
+			`unix2dos \"${rdir}/docs/README_${f}.txt\"`;
+
+		}
+		else {
+			print "Didn't find readme in $f\n";
+		}
+	}
+	closedir($modDir);
 
 	# Copy standard files
-	`cp README.txt \"${rdir}\"`;
-	`unix2dos \"${rdir}/README.txt\"`;
+	#`cp README.txt \"${rdir}\"`;
+	#`unix2dos \"${rdir}/README.txt\"`;
+
 	`cp ../licenses/cpl1.0.txt \"${rdir}/licenses\"`;
 	`unix2dos \"${rdir}/licenses/cpl1.0.txt\"`;
 	`cp ../licenses/IBM-LICENSE \"${rdir}/licenses\"`;
@@ -267,9 +293,10 @@ sub package_framework {
 	die "ZIP file not created" unless (-e "${rfile}.zip");
 
 	print "File saved as ${rfile}.zip\n";
+	chdir "..";
 }
 
 #build_core();
 #package_core();
-build_framework();
+#build_framework();
 package_framework();