es4forensics/ecs/objects/
ntfs_file.rs1use std::collections::HashMap;
2
3use serde::{Serialize, Deserialize};
4use serde_json::Value;
5
6use crate::{timestamp::Timestamp, utils::json::add_to_json};
7
8#[derive(Serialize, Deserialize)]
9pub struct NtfsFile {
10
11}
12
13impl NtfsFile {
14 #[allow(dead_code)]
15 pub fn documents(&self) -> impl Iterator<Item=Value> {
16 let docs: HashMap<Timestamp, Value> = HashMap::new();
17 docs.into_iter().map(|(ts, v)| {
18 add_to_json(&v, "|@timestamp|", Value::Number(ts.timestamp_millis().into()))
19 })
20 }
21}