[sleuthkit-users] recent activities autopsy 4.11
Brought to you by:
carrier
Menu
▾
▴
[sleuthkit-users] recent activities autopsy 4.11
|
From: Nanni B. <dig...@gm...> - 2019-05-01 15:25:52
|
Hi all, I tried to re-ingest an old test-case for finding the new features of Autopsy 4.11, e.g. logon/logoff, but I got an error in recent activities ingesting: INFO: Writing Full RegRipper results to: D:\test\win8\ModuleOutput\RecentActivity\reg\SOFTWARE-regripper-198290-full.txt 2019-04-30 11:18:40.206 org.sleuthkit.autopsy.recentactivity.ExtractRegistry parseAutopsyPluginOutput WARNING: Failed to parse epoch time when parsing the registry. 2019-04-30 11:18:40.206 org.sleuthkit.autopsy.recentactivity.ExtractRegistry parseAutopsyPluginOutput SEVERE: RegRipper::Conversion on DateTime -> java.text.ParseException: Unparseable date: "Sat Dec 12 03:03:15 2015" java.text.DateFormat.parse(DateFormat.java:366) org.sleuthkit.autopsy.recentactivity.ExtractRegistry.parseAutopsyPluginOutput(ExtractRegistry.java:468) org.sleuthkit.autopsy.recentactivity.ExtractRegistry.analyzeRegistryFiles(ExtractRegistry.java:228) org.sleuthkit.autopsy.recentactivity.ExtractRegistry.process(ExtractRegistry.java:985) org.sleuthkit.autopsy.recentactivity.RAImageIngestModule.process(RAImageIngestModule.java:125) org.sleuthkit.autopsy.ingest.DataSourceIngestPipeline$PipelineModule.process(DataSourceIngestPipeline.java:206) org.sleuthkit.autopsy.ingest.DataSourceIngestPipeline.process(DataSourceIngestPipeline.java:113) org.sleuthkit.autopsy.ingest.DataSourceIngestJob.process(DataSourceIngestJob.java:743) org.sleuthkit.autopsy.ingest.DataSourceIngestTask.execute(DataSourceIngestTask.java:30) org.sleuthkit.autopsy.ingest.IngestManager$ExecuteIngestJobTasksTask.run(IngestManager.java:880) java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) java.util.concurrent.FutureTask.run(FutureTask.java:266) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) java.lang.Thread.run(Thread.java:748) 2019-04-30 11:18:40.251 org.sleuthkit.autopsy.recentactivity.ExtractRegistry parseAutopsyPluginOutput WARNING: Failed to parse epoch time for installed program artifact. 2019-04-30 11:18:40.251 org.sleuthkit.autopsy.recentactivity.RAImageIngestModule process SEVERE: Exception occurred in Registry java.lang.NullPointerException org.sleuthkit.autopsy.recentactivity.ExtractRegistry.parseAutopsyPluginOutput(ExtractRegistry.java:662) org.sleuthkit.autopsy.recentactivity.ExtractRegistry.analyzeRegistryFiles(ExtractRegistry.java:228) org.sleuthkit.autopsy.recentactivity.ExtractRegistry.process(ExtractRegistry.java:985) org.sleuthkit.autopsy.recentactivity.RAImageIngestModule.process(RAImageIngestModule.java:125) org.sleuthkit.autopsy.ingest.DataSourceIngestPipeline$PipelineModule.process(DataSourceIngestPipeline.java:206) org.sleuthkit.autopsy.ingest.DataSourceIngestPipeline.process(DataSourceIngestPipeline.java:113) org.sleuthkit.autopsy.ingest.DataSourceIngestJob.process(DataSourceIngestJob.java:743) org.sleuthkit.autopsy.ingest.DataSourceIngestTask.execute(DataSourceIngestTask.java:30) org.sleuthkit.autopsy.ingest.IngestManager$ExecuteIngestJobTasksTask.run(IngestManager.java:880) java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) java.util.concurrent.FutureTask.run(FutureTask.java:266) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) java.lang.Thread.run(Thread.java:748) -- Dott. Nanni Bassetti http://www.nannibassetti.com CAINE project manager - http://www.caine-live.net |
