mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-06 21:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
autopsy-flatpak/docs/doxygen-user/email_parser.dox
Ann Priestman a9d51c2a44 Added EML support to email parser page
2019-09-24 12:22:22 -04:00

35 lines
1.2 KiB
Plaintext
Raw Blame History

/*! \page email_parser_page Email Parser Module
What Does It Do
========
The Email Parser module identifies MBOX, EML and PST format files based on file signatures, extracting the e-mails from them, adding the results to the Blackboard. This module skips known files and creates a Blackboard artifact for each message. It adds email attachments as derived files.
This allows the user to identify email-based communications from the system being analyzed.
Configuration
=======
There is no configuration required.
Using the Module
======
Explore the "Results", "E-Mail Messages" portion of the tree to review the results of this module.
Ingest Settings
------
There are no runtime ingest settings required.
Seeing Results
------
The results of this show up in the "Results", "E-Mail Messages" portion of the tree.
\image html email_results.PNG
The results can also be seen by browsing to the source file in the Data Sources tree, which will display the messages in the Results Viewer to the right. Any messages with attachments will be shown under the source file, and the attachments can be seen in the Result Viewer by selecting the message.
\image html email_datasource_tree.png
*/
Reference in New Issue View Git Blame Copy Permalink