Add table of contents to each page with sections.

docs/doxygen-user/EXIF_parser_page.dox

@@ -1,5 +1,8 @@
 /*! \page EXIF_parser_page Picture Analyzer Module
 
+[TOC]
+
+
 \section exif_overview Overview
 
 The Picture Analyzer module extracts EXIF (Exchangeable Image File Format) information from ingested pictures. This information can contain geolocation data for the picture, time, date, camera model and settings (exposure values, resolution, etc) and other information. The discovered attributes are added to the Blackboard. This can tell you where and when a picture was taken, and give clues to the camera that took it.

docs/doxygen-user/adHocKeywordSearch.dox

@@ -1,5 +1,6 @@
 /*! \page ad_hoc_keyword_search_page Ad Hoc Keyword Search
 
+[TOC]
 
 \section ad_hoc_kw_overview Overview
 

docs/doxygen-user/android_analyzer.dox

@@ -1,5 +1,7 @@
 /*! \page android_analyzer_page Android Analyzer Module
 
+[TOC]
+
 What Does It Do
 ========
 

docs/doxygen-user/archive_extractor.dox

@@ -1,5 +1,7 @@
 /*! \page embedded_file_extractor_page Embedded File Extraction Module
 
+[TOC]
+
 \section embedded_files_overview What Does It Do
 
 

docs/doxygen-user/auto_ingest.dox

@@ -1,5 +1,8 @@
 /*! \page auto_ingest_page Automated Ingest
 
+[TOC]
+
+
 \section auto_ingest_overview Overview
 
 Auto ingest allows one or many computers to process \ref ds_page "data sources" automatically with minimal support from a user. The resulting \ref multiuser_page "multi-user cases" can be opened and reviewed by analysts, using any of the normal functions in Autopsy.

docs/doxygen-user/auto_ingest_administration.dox

@@ -1,5 +1,8 @@
 /*! \page auto_ingest_admin_page Auto Ingest Administration
 
+[TOC]
+
+
 \section auto_ingest_admin_overview Overview
 
 Examiner nodes in an \ref auto_ingest_page environment can be given a type of administrator access. This allows an admin to:

docs/doxygen-user/auto_ingest_setup.dox

@@ -1,5 +1,8 @@
 /*! \page auto_ingest_setup_page Auto Ingest Configuration
 
+[TOC]
+
+
 \section auto_ingest_setup_overview Overview
 
 A multi-user installation requires several network-based services, such as a central database and a messaging system, and automated ingest requires one or more auto ingest nodes. While you may run all of the external services on a single node, this is not likely to be ideal - spreading the services out across several machines can improve throughput. Keeping in mind that all the following machines need to be able to communicate with each other with network visibility to the shared drive, here is a description of a possible configuration:

docs/doxygen-user/case_management.dox

@@ -1,5 +1,8 @@
 /*! \page cases_page Cases
 
+[TOC]
+
+
 You need to create a case before you can analyze data in Autopsy.  A case can contain one or more data sources (disk images, disk devices, logical files). The data sources can be from multiple drives in a single computer or from multiple computers.  It's up to you. 
 
 Each case has its own directory that is named based on the case name. The directory will contain configuration files, a database, reports, and other files that modules generates. The main Autopsy case configuration file has an ".aut" extension. 

docs/doxygen-user/central_repo.dox

@@ -1,5 +1,8 @@
 /*! \page central_repo_page Central Repository
 
+[TOC]
+
+
 \section cr_overview Overview
 
 The central repository allows a user to find matching artifacts both across cases and across data sources in the same case. 

docs/doxygen-user/command_line_ingest.dox

@@ -1,5 +1,8 @@
 /*! \page command_line_ingest_page Command Line Ingest
 
+[TOC]
+
+
 \section command_line_ingest_overview Overview
 
 The Command Line Ingest feature allows you to run many of Autopsy's functions from the command line. You can add data sources to cases, choose which ingest modules to run, and automatically generate a report. When complete, these cases can be opened as normal or you can simply use the reports and other output without opening Autopsy.

docs/doxygen-user/common_files.dox

@@ -1,5 +1,8 @@
 /*! \page common_properties_page Common Properties Search
 
+[TOC]
+
+
 \section common_properties_overview Overview
 
 The Common Properties Search feature allows you to search for multiple copies of a property within the current case or within the \ref central_repo_page.

docs/doxygen-user/communications.dox

@@ -1,5 +1,8 @@
 /*! \page communications_page Communications Visualization Tool
 
+[TOC]
+
+
 \section cvt_overview Overview
 
 The Communications Visualization Tool gives a consolidated view of all communication events for the case. This allows an analyst to quickly view communications data such as:

docs/doxygen-user/content_viewer.dox

@@ -1,5 +1,8 @@
 /*! \page content_viewer_page Content Viewer
 
+[TOC]
+
+
 The Content Viewer lives in the lower right-hand side of the Autopsy main screen and shows pictures, video, hex, text, extracted strings, metadata, etc. The Content Viewer is populated when you select an entry in the \ref ui_results.
 
 The Content Viewer is context-aware, meaning different tabs will be enabled depending on the type of content selected and which ingest modules have been run. It will default to what it considers the "most specific" tab. For example, selecting a JPG will cause the Content Viewer to automatically select the "Application" tab and will display the image there. If you instead would like the Content Viewer to stay on the previously selected tab when you change to a different content object, go to the \ref view_options_page panel through Tools->Options->Application Tab and select the "Stay on the same file viewer" option.

docs/doxygen-user/data_source_integrity.dox

@@ -1,5 +1,8 @@
 /*! \page data_source_integrity_page Data Source Integrity Module
 
+[TOC]
+
+
 \section data_source_integrity_overview Overview
 
 The Data Source Integrity module has two purposes:

docs/doxygen-user/data_sources.dox

@@ -1,6 +1,9 @@
 /*! \page ds_page Data Sources
 
 
+[TOC]
+
+
 A data source is the thing you want to analyze. It can be a disk image, some logical files, a local disk, etc. You must open a case prior to adding a data source to Autopsy. 
 
 Autopsy supports multiple types of data sources:

docs/doxygen-user/drone.dox

@@ -1,5 +1,8 @@
 /*! \page drone_page Drone Analyzer
 
+[TOC]
+
+
 \section drone_overview Overview
 
 The Drone Analyzer module allows you to analyze files from a drone.

docs/doxygen-user/email_parser.dox

@@ -1,5 +1,8 @@
 /*! \page email_parser_page Email Parser Module
 
+[TOC]
+
+
 What Does It Do
 ========
 

docs/doxygen-user/encryption_detection.dox

@@ -1,5 +1,8 @@
 /*! \page encryption_page Encryption Detection Module
 
+[TOC]
+
+
 \section encrypt_overview Overview
 
 The Encryption Detection Module searches for files that could be encrypted using both a general entropy calculation and more specialized tests for certain file types. 

docs/doxygen-user/experimental.dox

@@ -1,5 +1,8 @@
 /*! \page experimental_page Experimental Module
 
+[TOC]
+
+
 \section exp_overview Overview
 
 The Experimental module, as the name implies, contains code that is not yet part of the official Autopsy release. These experimental features can be used but may be less polished than other features and will have less documentation. These modules may be changed at any time. 

docs/doxygen-user/extension_mismatch.dox

@@ -1,5 +1,8 @@
 /*! \page extension_mismatch_detector_page Extension Mismatch Detector Module
 
+[TOC]
+
+
 What Does It Do
 ========
 

docs/doxygen-user/file_export.dox

@@ -1,5 +1,8 @@
 /*! \page file_export_page File Export
 
+[TOC]
+
+
 \section file_export_overview Overview
 
 If enabled, the File Exporter will run after each \ref auto_ingest_page job and export any files from that data source that match the supplied rules. Most users will not need to use this feature - analysts can open the auto ingest cases in an examiner node and look through the data there.

docs/doxygen-user/file_search.dox

@@ -1,5 +1,8 @@
 /*! \page file_search_page File Search
 
+[TOC]
+
+
 \section about_file_search About File Search
 The File Search tool can be accessed either from the Tools menu or by right-clicking on a data source node in the Data Explorer / Directory Tree. By using File Search, you can specify, filter, and show the directories and files that you want to see from the images in the currently opened case. The File Search results will be populated in a brand new Table Result viewer on the right-hand side.
 

docs/doxygen-user/filetype.dox

@@ -1,5 +1,8 @@
 /*! \page file_type_identification_page File Type Identification Module
 
+[TOC]
+
+
 What Does It Do
 ========
 

docs/doxygen-user/geolocation.dox

@@ -1,5 +1,8 @@
 /*! \page geolocation_page  Geolocation
 
+[TOC]
+
+
 \section geo_overview Overview
 
 The Geolocation window shows artifacts that have longitude and latitude attributes as waypoints on a map.  In the field, when access to online map tile servers may not be available, the Geolocation window provides support for offline map tile data sources.

docs/doxygen-user/gpx.dox

@@ -1,5 +1,8 @@
 /*! \page gpx_page GPX Analyzer
 
+[TOC]
+
+
 \section gpx_overview Overview
 
 The GPX Analyzer modules allows you to import GPS data from a GPX file. Information on the GPX format can be found <a href="https://www.topografix.com/gpx.asp">here</a>. The following is a short sample of a GPX file:

docs/doxygen-user/hashdb_lookup.dox

@@ -1,5 +1,8 @@
 /*! \page hash_db_page  Hash Lookup Module
 
+[TOC]
+
+
 What Does It Do
 ========
 

docs/doxygen-user/image_gallery.dox

@@ -1,4 +1,8 @@
 /*! \page image_gallery_page Image Gallery Module
+
+[TOC]
+
+
 Overview
 ========
 This document outlines the use of the Image Gallery feature of Autopsy.  This feature was funded by DHS S&T to help provide free and open source digital forensics tools to law enforcement. 

docs/doxygen-user/ingest.dox

@@ -1,5 +1,8 @@
 /*! \page ingest_page Ingest Modules
 
+[TOC]
+
+
 Ingest modules analyze the data in a data source.  They perform all of the analysis of the files and parse their contents.  Examples include \ref hash_db_page "hash calculation and lookup", \ref keyword_search_page "keyword searching", and \ref recent_activity_page "web artifact extraction". 
 
 Immediately after you add a data source to a case (see \ref ds_page), you will be presented with a dialog to configure the ingest modules to run on it.  Once configured, they will run in the background and provide you real-time results when they find relevant information.  

docs/doxygen-user/interesting_files.dox

@@ -1,5 +1,8 @@
 /*! \page interesting_files_identifier_page Interesting Files Identifier Module
 
+[TOC]
+
+
 \section interesting_files_overview Overview
 
 The Interesting Files module allows you to automatically flag files and directories that match a set of rules. This can be useful if you always need to check whether files with a given name or path are in the data source, or if you are always interested in files with a certain type.

docs/doxygen-user/keyword_search.dox

@@ -1,5 +1,8 @@
 /*! \page keyword_search_page Keyword Search Module
 
+[TOC]
+
+
 \section keyword_module_overview What Does It Do
 
 The Keyword Search module facilitates both the \ref ingest_page "ingest" portion of searching and also supports manual text searching after ingest has completed (see \ref ad_hoc_keyword_search_page). It extracts text from files being ingested, selected reports generated by other modules, and results generated by other modules. This extracted text is then added to a Solr index that can then be searched.

docs/doxygen-user/live_triage.dox

@@ -1,5 +1,8 @@
 /*! \page live_triage_page Creating a Live Triage Drive
 
+[TOC]
+
+
 \section live_triage_overview Overview
 
 The Live Triage feature allows you to load Autopsy onto a removable drive to run on target systems while making minimal changes to that target system. This will currently only work on Windows systems.

docs/doxygen-user/logical_imager.dox

@@ -1,5 +1,8 @@
 /*! \page logical_imager_page Logical Imager
 
+[TOC]
+
+
 \section logical_imager_overview Overview
 
 The logical imager allows you to collect files from a live Windows computer. The imager is configured with rules that specify what files to collect. Rules can be based on file attributes such as folder names, extensions, and sizes. You can use this feature when you do not have time or authorization to perform a full drive acquisition.

docs/doxygen-user/machine_translation.dox

@@ -1,5 +1,8 @@
 /*! \page machine_translation_page Machine Translation
 
+[TOC]
+
+
 You can configure a machine translation service to use with Autopsy. If one is configured, you will be able to translate text in the \ref content_viewer_page and file names in the \ref result_viewer_page and \ref tree_viewer_page.
 
 \section mt_config Configuration

docs/doxygen-user/manifest_tool.dox

@@ -1,5 +1,8 @@
 /*! \page manifest_tool_page Manifest Tool
 
+[TOC]
+
+
 \section manifest_tool_overview Overview
 
 Manifest Tool is an executable designed to assist in the automated creation of manifest files 	which are necessary to run Auto Ingest on a data source. There is no installation necessary. To 	use the tool double click on Manifest Tool executable, when it opens select the option with the  	algorithm you 	wish to run from the combo box, and fill in all the available settings before 	clicking the Run button. A log with the success or failure of each manifest file it attempts to 	create will appear in the progress area.

docs/doxygen-user/object_detection.dox

@@ -1,5 +1,8 @@
 /*! \page object_detection_page Object Detection
 
+[TOC]
+
+
 \section object_overview Overview
 
 The Object Detection module uses OpenCV to try to detect objects in images.

docs/doxygen-user/photorec_carver.dox

@@ -1,5 +1,8 @@
 /*! \page photorec_carver_page PhotoRec Carver Module
 
+[TOC]
+
+
 \section photorec_overview Overview
 
 The PhotoRec Carver module carves files from unallocated space in the data source and sends the files found through the ingest processing chain.

docs/doxygen-user/plaso.dox

@@ -1,5 +1,8 @@
 /*! \page plaso_page Plaso
 
+[TOC]
+
+
 Plaso is a framework for running modules to extract timestamps for various types of files. The Plaso ingest module runs Plaso to generate events that are displayed in the Autopsy \ref timeline_page. For more information on Plaso, see <a href="https://plaso.readthedocs.io/en/latest/"> the documentation</a>.
 
 \section plaso_config Running the Module

docs/doxygen-user/portable_case.dox

@@ -1,5 +1,8 @@
 /*! \page portable_case_page Portable Cases
 
+[TOC]
+
+
 \section portable_case_overview Overview
 
 A portable case is a partial copy of a normal Autopsy case that can be opened from anywhere. It contains a subset of the data from its original case and has been designed to make it easy to share relevant data with other examiners. Portable cases will contain a \ref report_case_uco report detailing the contents of the portable case.

docs/doxygen-user/quick_start_guide.dox

@@ -1,5 +1,8 @@
 /*! \page quick_start_guide Quick Start Guide
 
+[TOC]
+
+
 \section s1 Cases and Data Sources
 
 Autopsy organizes data by <strong>case</strong>.  Each case can have one or more <strong>data sources</strong>, which can be a disk image, a set of logical files, a USB-connected device, etc.  

docs/doxygen-user/recent_activity.dox

@@ -1,5 +1,8 @@
 /*! \page recent_activity_page Recent Activity Module
 
+[TOC]
+
+
 What Does It Do
 ========
 

docs/doxygen-user/reporting.dox

@@ -1,5 +1,8 @@
 /*! \page reporting_page Reporting
 
+[TOC]
+
+
 \section reporting_overview Overview
 
 The report modules allow the user to extract key information from a case in a variety of formats. This includes

docs/doxygen-user/result_viewer.dox

@@ -1,5 +1,8 @@
 /*! \page result_viewer_page Result Viewer
 
+[TOC]
+
+
 The Result Viewer is located on the top right of the Autopsy screen and shows the the contents of what was selected in the \ref tree_viewer_page. 
 
 \section result_viewer_table Table Viewers

docs/doxygen-user/search_all_cases.dox

@@ -1,5 +1,8 @@
 /*! \page search_all_cases_page Search All Cases
 
+[TOC]
+
+
 \section search_all_cases_overview Overview
 
 The Search All Cases feature allows you to search the \ref central_repo_page for arbitrary properties. You must have the Central Repository enabled to run 

docs/doxygen-user/stix.dox

@@ -1,4 +1,8 @@
 /*! \page stix_page STIX
+
+[TOC]
+
+
 Overview
 ========
 This document outlines the use of the STIX feature of Autopsy. This feature allows one or more Structured Threat Information Exchange (STIX) files to be run against a data source, reporting which indicators were found in the data source. More information about STIX can be found at https://stix.mitre.org/.

docs/doxygen-user/tagging.dox

@@ -1,5 +1,8 @@
 /*! \page tagging_page Tagging and Commenting
 
+[TOC]
+
+
 Tagging (or Bookmarking) allows you to create a reference to a file or object and easily find it later or include it in a \ref reporting_page "report". Tagging is also used by the \ref central_repo_page "central repository" to mark items as notable. You can add comments to files and results using tags or through the central repository.
 
 \section tagging_items Tagging items

docs/doxygen-user/timeline.dox

@@ -1,5 +1,8 @@
 /*! \page timeline_page Timeline
 
+[TOC]
+
+
 \section timeline_overview Overview
 
 This document outlines the use of the Timeline feature of Autopsy.  This feature was funded by DHS S&T to help provide free and open source digital forensics tools to law enforcement. The timeline feature can help answer questions such as these:

docs/doxygen-user/translations.dox

@@ -1,5 +1,8 @@
 /*! \page translations_page Translating Documentation and the UI
 
+[TOC]
+
+
 The Autopsy user base is global. You can help out by translating the UI and this documentation. 
 
 \section translations_doc Translating Documentation

docs/doxygen-user/tree_viewer.dox

@@ -1,5 +1,8 @@
 /*! \page tree_viewer_page Tree Viewer
 
+[TOC]
+
+
 The tree on the left-hand side of the main window is where you can browse the files in the data sources in the case and find saved results from automated analyis (ingest). The tree has five main areas:
 - <b>Data Sources:</b> This shows the directory tree hierarchy of the data sources. You can navigate to a specific file or directory here. Each data source added to the case is represented as a distinct sub tree. If you add a data source multiple times, it shows up multiple times.
 - <b>Views:</b> Specific types of files from the data sources are shown here, aggregated by type or other properties. Files here can come from more than one data source.

docs/doxygen-user/triage.dox

@@ -1,5 +1,8 @@
 /*! \page triage_page Triage
 
+[TOC]
+
+
 \section triage_overview Overview
 
 Sometimes you need to make a quick decision about a system or systems and don't have the time or resources to make full images. For example, during a knock and talk you want to know if there is notable data on their system. Or you are at a location with many systems and want to know which should be analyzed first. Autopsy has features that will allow you to quickly find the data of interest without making full images of the devices. Those features will be described below, followed by some example scenarios that show how to put everything together.

docs/doxygen-user/troubleshooting.dox

@@ -1,5 +1,8 @@
 /*! \page troubleshooting_page Troubleshooting
 
+[TOC]
+
+
 If you are experiencing an error, we encourage you to post on the forum (https://sleuthkit.discourse.group/), including as much information as possible: 
 <ul>
 <li>Your operating system and version of Autopsy

docs/doxygen-user/ui_quick_search.dox

@@ -1,5 +1,8 @@
 /*! \page ui_quick_search UI Quick Search
 
+[TOC]
+
+
 The user interface quick search feature allows you to search within the data on a panel for a given string, it will not search data in hidden columns or collapsed nodes.
 
 How to use it

docs/doxygen-user/uilayout.dox

@@ -1,6 +1,9 @@
 /*! \page uilayout_page UI Layout
 
 
+[TOC]
+
+
 <br>
 \section ui_overview Overview
 

docs/doxygen-user/view_options.dox

@@ -1,5 +1,8 @@
 /*! \page view_options_page View Options
 
+[TOC]
+
+
 The View options allow you to configure how data is displayed in the Autopsy user interface.
 
 There are two ways to access the options. The first way is through the gear icon above the directory tree:

docs/doxygen-user/volatility_dsp.dox

@@ -1,5 +1,8 @@
 /*! \page volatility_dsp_page Volatility Data Source Processor
 
+[TOC]
+
+
 \section Overview
 
 The Volatility data source processor runs Volatility on a memory image and saves the individual Volatility module results. If the disk image associated with the memory image is also available, it will create Interesting Item artifacts linking the Volatility results to files in the disk image.