Merge pull request #6921 from APriestman/7393_contentViewers
7393 OS Account content viewer doc
Richard Cordovano
GitHub
@ -75,23 +75,17 @@ Registry hive files can be viewed in a format similar to a registry editor.
|
||||
|
||||
\image html content_viewer_registry.png
|
||||
|
||||
\section cv_message Message
|
||||
|
||||
The Message tab shows details of emails and SMS messages.
|
||||
|
||||
\image html content_viewer_message.png
|
||||
|
||||
\section cv_metadata File Metadata
|
||||
|
||||
The File Metadata tab displays basic information about the file, such as type, size, and hash. It also displays the output of the Sleuth Kit istat tool.
|
||||
|
||||
\image html content_viewer_metadata.png
|
||||
|
||||
\section cv_context Context
|
||||
\section cv_os_account OS Accounts
|
||||
|
||||
The Context tab shows information on where a file came from and allows you to navigate to the original result. For example, it can show the the URL for downloaded files and the email message a file was attached to. In the image below you can see the context for an image that was sent as an email attachment.
|
||||
The OS Accounts tab displays information on the OS account associated with a given result, if present. It is also used to give details on accounts listed under the OS Accounts node in the tree.
|
||||
|
||||
\image html content_viewer_context.png
|
||||
\image html content_viewer_os_account.png
|
||||
|
||||
\section cv_results Results
|
||||
|
||||
@ -101,6 +95,12 @@ The Results tab is active when selecting items with associated results such as k
|
||||
<br>
|
||||
\image html content_viewer_results_bookmark.png
|
||||
|
||||
\section cv_context Context
|
||||
|
||||
The Context tab shows information on where a file came from and allows you to navigate to the original result. For example, it can show the the URL for downloaded files and the email message a file was attached to. In the image below you can see the context for an image that was sent as an email attachment.
|
||||
|
||||
\image html content_viewer_context.png
|
||||
|
||||
\section cv_annotations Annotations
|
||||
|
||||
The Annotations tab shows information added by an analyst about a file or result. It displays any tags and comments associated with the file or result, and if the \ref central_repo_page is enabled it will also display any comments saved to the Central Repository.
|
||||
|
||||
|
Before Width: | Height: | Size: 16 KiB After Width: | Height: | Size: 25 KiB |
|
Before Width: | Height: | Size: 293 KiB After Width: | Height: | Size: 314 KiB |
|
Before Width: | Height: | Size: 25 KiB After Width: | Height: | Size: 34 KiB |
|
Before Width: | Height: | Size: 27 KiB After Width: | Height: | Size: 38 KiB |
|
Before Width: | Height: | Size: 41 KiB After Width: | Height: | Size: 42 KiB |
|
Before Width: | Height: | Size: 20 KiB After Width: | Height: | Size: 33 KiB |
|
Before Width: | Height: | Size: 27 KiB After Width: | Height: | Size: 37 KiB |
|
Before Width: | Height: | Size: 20 KiB After Width: | Height: | Size: 26 KiB |
|
Before Width: | Height: | Size: 22 KiB After Width: | Height: | Size: 33 KiB |
BIN
docs/doxygen-user/images/content_viewer_os_account.png
Normal file
|
After Width: | Height: | Size: 22 KiB |
|
Before Width: | Height: | Size: 22 KiB After Width: | Height: | Size: 30 KiB |
|
Before Width: | Height: | Size: 33 KiB After Width: | Height: | Size: 42 KiB |
|
Before Width: | Height: | Size: 19 KiB After Width: | Height: | Size: 19 KiB |
|
Before Width: | Height: | Size: 20 KiB After Width: | Height: | Size: 15 KiB |
|
Before Width: | Height: | Size: 37 KiB After Width: | Height: | Size: 48 KiB |
|
Before Width: | Height: | Size: 28 KiB After Width: | Height: | Size: 36 KiB |
|
Before Width: | Height: | Size: 132 KiB After Width: | Height: | Size: 140 KiB |