File: main.dox

package info (click to toggle)
sleuthkit 4.6.5-1%2Bdeb10u1
  • links: PTS, VCS
  • area: main
  • in suites: buster
  • size: 39,264 kB
  • sloc: ansic: 171,812; cpp: 44,216; sh: 31,364; java: 17,674; makefile: 1,241; xml: 838; perl: 797; python: 707; sed: 16
file content (41 lines) | stat: -rw-r--r-- 2,083 bytes parent folder | download | duplicates (5) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
/*! \mainpage The Sleuth Kit (TSK) Framework User's Guide and API Reference

  <h3>Overview</h3>
  The framework in TSK makes it easier to build automated, end-to-end digital forensics applications.  
  If you need only volume and file system-level support, then the original Sleuth Kit library may be all you need.  
  If you want a more comprehensive disk image analysis solution, the framework will help. 
  It's plug-in pipelines allow you to incorporate a variety of analysis techniques into your application.
  
  The framework was designed to be used in a distributed environment so that jobs could be scheduled among a cluster of computers, but it can also be used to create desktop applications. 
  The tsk_analyzeimg program provided with the Sleuth Kit is an example of a simple desktop program that uses the framework. 

This document is for:
  - Users of tools that leverage the framework.
  - Developers who want to make modules for the framework.
  - Developers who want to integrate the framework into a larger system.

<h3>Framework Overview</h3>
The following pages contain an overview of the framework.  Both users and developers should be familiar with this content. 
  - \subpage basics_page
  - \subpage pipeline_config_page
  - \subpage mod_bbpage


<h3>Developers Guide to Building Modules</h3>
The following pages are relevant when developing modules to be used in the framework.
  - \subpage mod_devpage
  - \subpage mod_example_page
  - \subpage img_db_schema_v1_5_page


<h3>Developers Guide to Using the Framework</h3>
The following pages are relevant when integrating the framework into a new or existing application. 
  - \subpage fw_setup_page 
  - \subpage fw_extract_page
  - \subpage fw_pipeline_page
  - \subpage fw_example_page
  
Application developers may also wish to examine the source code for tsk_analyzeimg, which is included with the framework.  
It is a single-threaded command line program that analyzes a disk image using the framework's pipeline infrastructure to run a file analysis pipeline and a post-processing pipeline.   
  
*/