Changes between Version 31 and Version 32 of TipAndDoc/network/Chrome


Ignore:
Timestamp:
Jan 19, 2013 9:25:03 AM (13 years ago)
Author:
mitty
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • TipAndDoc/network/Chrome

    v31 v32  
    104104 * http://log2timeline.net/ 
    105105 > a framework for automatic creation of a super timeline. The main purpose is to provide a single tool to parse various log files and artifacts found on suspect systems (and supporting systems, such as network equipment) and produce a timeline that can be analysed by forensic investigators/analysts. 
     106 
     107 * Archived History 
     108{{{ 
     109sqlite> .schema 
     110CREATE TABLE keyword_search_terms (keyword_id INTEGER NOT NULL,url_id INTEGER NOT NULL,lower_term LONGVARCHAR NOT NULL,term LONGVARCHAR NOT NULL); 
     111CREATE TABLE meta(key LONGVARCHAR NOT NULL UNIQUE PRIMARY KEY,value LONGVARCHAR); 
     112CREATE TABLE urls(id INTEGER PRIMARY KEY,url LONGVARCHAR,title LONGVARCHAR,visit_count INTEGER DEFAULT 0 NOT NULL,typed_count INTEGER DEFAULT 0 NOT NULL,last_visit_time INTEGER NOT NULL,hidden INTEGER DEFAULT 0 NOT NULL,favicon_id INTEGER DEFAULT 0 NOT NULL); 
     113CREATE TABLE visit_source(id INTEGER PRIMARY KEY,source INTEGER NOT NULL); 
     114CREATE TABLE visits(id INTEGER PRIMARY KEY,url INTEGER NOT NULL,visit_time INTEGER NOT NULL,from_visit INTEGER,transition INTEGER DEFAULT 0 NOT NULL,segment_id INTEGER,is_indexed BOOLEAN); 
     115CREATE INDEX keyword_search_terms_index1 ON keyword_search_terms (keyword_id, lower_term); 
     116CREATE INDEX keyword_search_terms_index2 ON keyword_search_terms (url_id); 
     117CREATE INDEX urls_url_index ON urls (url); 
     118CREATE INDEX visits_from_index ON visits (from_visit); 
     119CREATE INDEX visits_time_index ON visits (visit_time); 
     120CREATE INDEX visits_url_index ON visits (url); 
     121}}} 
     122 * History 
     123{{{ 
     124sqlite> .schema 
     125CREATE TABLE downloads (id INTEGER PRIMARY KEY,full_path LONGVARCHAR NOT NULL,url LONGVARCHAR NOT NULL,start_time INTEGER NOT NULL,received_bytes INTEGER NOT NULL,total_bytes INTEGER NOT NULL,state INTEGER NOT NULL, end_time INTEGER NOT NULL DEFAULT 0, opened INTEGER NOT NULL DEFAULT 0); 
     126CREATE TABLE keyword_search_terms (keyword_id INTEGER NOT NULL,url_id INTEGER NOT NULL,lower_term LONGVARCHAR NOT NULL,term LONGVARCHAR NOT NULL); 
     127CREATE TABLE meta(key LONGVARCHAR NOT NULL UNIQUE PRIMARY KEY,value LONGVARCHAR); 
     128CREATE TABLE presentation(url_id INTEGER PRIMARY KEY,pres_index INTEGER NOT NULL); 
     129CREATE TABLE segment_usage (id INTEGER PRIMARY KEY,segment_id INTEGER NOT NULL,time_slot INTEGER NOT NULL,visit_count INTEGER DEFAULT 0 NOT NULL); 
     130CREATE TABLE segments (id INTEGER PRIMARY KEY,name VARCHAR,url_id INTEGER NON NULL,pres_index INTEGER DEFAULT -1 NOT NULL); 
     131CREATE TABLE "urls"(id INTEGER PRIMARY KEY,url LONGVARCHAR,title LONGVARCHAR,visit_count INTEGER DEFAULT 0 NOT NULL,typed_count INTEGER DEFAULT 0 NOT NULL,last_visit_time INTEGER NOT NULL,hidden INTEGER DEFAULT 0 NOT NULL,favicon_id INTEGER DEFAULT 0 NOT NULL); 
     132CREATE TABLE visit_source(id INTEGER PRIMARY KEY,source INTEGER NOT NULL); 
     133CREATE TABLE visits(id INTEGER PRIMARY KEY,url INTEGER NOT NULL,visit_time INTEGER NOT NULL,from_visit INTEGER,transition INTEGER DEFAULT 0 NOT NULL,segment_id INTEGER,is_indexed BOOLEAN); 
     134CREATE INDEX keyword_search_terms_index1 ON keyword_search_terms (keyword_id, lower_term); 
     135CREATE INDEX keyword_search_terms_index2 ON keyword_search_terms (url_id); 
     136CREATE INDEX segment_usage_time_slot_segment_id ON segment_usage(time_slot, segment_id); 
     137CREATE INDEX segments_name ON segments(name); 
     138CREATE INDEX segments_url_id ON segments(url_id); 
     139CREATE INDEX segments_usage_seg_id ON segment_usage(segment_id); 
     140CREATE INDEX urls_favicon_id_INDEX ON urls (favicon_id); 
     141CREATE INDEX urls_url_index ON urls (url); 
     142CREATE INDEX visits_from_index ON visits (from_visit); 
     143CREATE INDEX visits_time_index ON visits (visit_time); 
     144CREATE INDEX visits_url_index ON visits (url); 
     145}}} 
     146 * History Index YYYY-MM 
     147{{{ 
     148sqlite> .schema 
     149CREATE TABLE info(time INTEGER NOT NULL); 
     150CREATE TABLE meta(key LONGVARCHAR NOT NULL UNIQUE PRIMARY KEY,value LONGVARCHAR); 
     151CREATE VIRTUAL TABLE pages USING fts3(TOKENIZE icu,url LONGVARCHAR,title LONGVARCHAR,body LONGVARCHAR); 
     152CREATE TABLE pages_content(  docid INTEGER PRIMARY KEY,c0url, c1title, c2body); 
     153CREATE TABLE pages_segdir(  level integer,  idx integer,  start_block integer,  leaves_end_block integer,  end_block integer,  root blob,  primary key(level, idx)); 
     154CREATE TABLE pages_segments(  blockid INTEGER PRIMARY KEY,  block blob); 
     155CREATE INDEX info_time ON info(time); 
     156}}} 
     157  * ICU対応のsqlite3をビルドしないとdump出来ないので注意