Incident Response Forensic Framework Overview

The application is specifically designed to present forensic data forensic data. It is designed to collect the Mandiant Redline collection file and provide search / stack flexibility and tags. Many of the searches are structured, unstructured, geo, metric – any way you want.

Elasticsearch helps to realize the full power of Apache Lucene with simple tools and mechanisms. Elasticsearch – implements more functionality than Apache Lucene. About Elasticsearch it can be said that he is:

1. A mechanism for storing documents (analogous to database tables, similar to MySQL) in real time.
2. The system of search and analytics in real time.
3. Scalable system.

This article describes what Elasticsearch and the Elasticsearch installation.

More.

DISCLAIMER: THIS POST IS FOR INFORMATIONAL PURPOSES ONLY AND IS NOT TO BE CONSIDERED LEGAL ADVICE ON ANY SUBJECT MATTER. DIGITAL FORENSICS CORP. IS NOT A LAWFIRM AND DOES NOT PROVIDE LEGAL ADVICE OR SERVICES. By viewing posts, the reader understands there is no attorney-client relationship, the post should not be used as a substitute for legal advice from a licensed professional attorney, and readers are urged to consult their own legal counsel on any specific legal questions concerning a specific situation.