diff --git a/Core/src/org/sleuthkit/autopsy/coreutils/PlatformUtil.java b/Core/src/org/sleuthkit/autopsy/coreutils/PlatformUtil.java index 59bf3c258e1..edd58ae582d 100644 --- a/Core/src/org/sleuthkit/autopsy/coreutils/PlatformUtil.java +++ b/Core/src/org/sleuthkit/autopsy/coreutils/PlatformUtil.java @@ -340,6 +340,24 @@ public static boolean isWindowsOS() { return PlatformUtil.getOSName().toLowerCase().contains("windows"); //NON-NLS } + /** + * Check if running on Linux OS + * + * @return true if running on Linux OS + */ + public static boolean isLinuxOS() { + return PlatformUtil.getOSName().toLowerCase().contains("linux"); //NON-NLS + } + + /** + * Check if running on Macos OS + * + * @return true if running on Macos OS + */ + public static boolean isMacOS() { + return PlatformUtil.getOSName().toLowerCase().contains("mac"); //NON-NLS + } + /** * Convert file path (quote) for OS specific * diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractSru.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractSru.java index 9a96b3d1d26..12e4d8d1ac2 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractSru.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractSru.java @@ -62,8 +62,11 @@ final class ExtractSru extends Extract { private static final String APPLICATION_USAGE_SOURCE_NAME = "System Resource Usage - Application Usage"; //NON-NLS private static final String NETWORK_USAGE_SOURCE_NAME = "System Resource Usage - Network Usage"; private static final String SRU_TOOL_FOLDER = "markmckinnon"; //NON-NLS - private static final String SRU_TOOL_NAME_WINDOWS = "Export_Srudb.exe"; //NON-NLS - private static final String SRU_TOOL_NAME_LINUX = "export_srudb_linux"; //NON-NLS + private static final String SRU_TOOL_NAME_X64_WINDOWS = "mm_artifact_parser_x64_win.exe"; //NON-NLS + private static final String SRU_TOOL_NAME_X64_LINUX = "mm_artifact_parser_x64_linux"; //NON-NLS + private static final String SRU_TOOL_NAME_X64_MACOS = "mm_artifact_parser_x64_macos"; //NON-NLS + private static final String SRU_TOOL_NAME_AARCH64_LINUX = "mm_artifact_parser_aarch64_linux"; //NON-NLS + private static final String SRU_TOOL_NAME_AARCH64_MACOS = "mm_artifact_parser_aarch64_macos"; //NON-NLS private static final String SRU_OUTPUT_FILE_NAME = "Output.txt"; //NON-NLS private static final String SRU_ERROR_FILE_NAME = "Error.txt"; //NON-NLS @@ -237,9 +240,11 @@ void extractSruFiles(String sruExePath, String sruFile, String tempOutFile, Stri List commandLine = new ArrayList<>(); commandLine.add(sruExePath); + commandLine.add("-a"); + commandLine.add("sru"); commandLine.add("-sr"); commandLine.add(sruFile); //NON-NLS - commandLine.add("-s"); + commandLine.add("-sh"); commandLine.add(softwareHiveFile); commandLine.add("-db"); commandLine.add(tempOutFile); @@ -254,10 +259,18 @@ void extractSruFiles(String sruExePath, String sruFile, String tempOutFile, Stri private String getPathForSruDumper() { Path path = null; if (PlatformUtil.isWindowsOS()) { - path = Paths.get(SRU_TOOL_FOLDER, SRU_TOOL_NAME_WINDOWS); - } else { - if ("Linux".equals(PlatformUtil.getOSName())) { - path = Paths.get(SRU_TOOL_FOLDER, SRU_TOOL_NAME_LINUX); + path = Paths.get(SRU_TOOL_FOLDER, SRU_TOOL_NAME_X64_WINDOWS); + } else if (PlatformUtil.isLinuxOS()) { + if ("aarch64".equals(PlatformUtil.getOSArch())) { + path = Paths.get(SRU_TOOL_FOLDER, SRU_TOOL_NAME_AARCH64_LINUX); + } else { + path = Paths.get(SRU_TOOL_FOLDER, SRU_TOOL_NAME_X64_LINUX); + } + } else if (PlatformUtil.isMacOS()) { + if ("aarch64".equals(PlatformUtil.getOSArch())) { + path = Paths.get(SRU_TOOL_FOLDER, SRU_TOOL_NAME_AARCH64_MACOS); + } else { + path = Paths.get(SRU_TOOL_FOLDER, SRU_TOOL_NAME_X64_MACOS); } } File sruToolFile = InstalledFileLocator.getDefault().locate(path.toString(), diff --git a/thirdparty/markmckinnon/export_srudb.exe b/thirdparty/markmckinnon/export_srudb.exe deleted file mode 100644 index 15f1bcb53d5..00000000000 Binary files a/thirdparty/markmckinnon/export_srudb.exe and /dev/null differ diff --git a/thirdparty/markmckinnon/export_srudb_linux b/thirdparty/markmckinnon/export_srudb_linux deleted file mode 100755 index 603bb032e90..00000000000 Binary files a/thirdparty/markmckinnon/export_srudb_linux and /dev/null differ diff --git a/thirdparty/markmckinnon/mm_artifact_parser__aarch64_linux b/thirdparty/markmckinnon/mm_artifact_parser__aarch64_linux new file mode 100644 index 00000000000..2486199d336 Binary files /dev/null and b/thirdparty/markmckinnon/mm_artifact_parser__aarch64_linux differ diff --git a/thirdparty/markmckinnon/mm_artifact_parser_aarch64_macos b/thirdparty/markmckinnon/mm_artifact_parser_aarch64_macos new file mode 100644 index 00000000000..df579d759aa Binary files /dev/null and b/thirdparty/markmckinnon/mm_artifact_parser_aarch64_macos differ diff --git a/thirdparty/markmckinnon/mm_artifact_parser_x64_linux b/thirdparty/markmckinnon/mm_artifact_parser_x64_linux new file mode 100644 index 00000000000..3197710dae8 Binary files /dev/null and b/thirdparty/markmckinnon/mm_artifact_parser_x64_linux differ diff --git a/thirdparty/markmckinnon/mm_artifact_parser_x64_macos b/thirdparty/markmckinnon/mm_artifact_parser_x64_macos new file mode 100644 index 00000000000..07fcd9b94db Binary files /dev/null and b/thirdparty/markmckinnon/mm_artifact_parser_x64_macos differ diff --git a/thirdparty/markmckinnon/mm_artifact_parser_x64_win.exe b/thirdparty/markmckinnon/mm_artifact_parser_x64_win.exe new file mode 100644 index 00000000000..d9e52517c3a Binary files /dev/null and b/thirdparty/markmckinnon/mm_artifact_parser_x64_win.exe differ