Elasticsearch Index & Search¶

License https://img.shields.io/pypi/v/esis.svg Documentation Requirements Status Code Health https://img.shields.io/travis/jcollado/esis.svg https://coveralls.io/repos/jcollado/esis/badge.svg 'Stories in Ready' Join the chat at https://gitter.im/jcollado/esis No Maintenance Intended

Elasticsearch Index & Search, esis for short, is a tool to easily search for information in the files available under a given directory in the filesystem.

Features¶

  • Index content for every SQLite database row in Elasticsearch
  • Search indexed content

Why?¶

esis is based on the code used in a mobile forensics product. An important use case of such a product is to extract data from a mobile device and provide a way for investigators to search relevant information in that data. Since most of that data is stored in SQLite databases, it makes sense to figure out a way to perform that operation in an efficient way and Elasticsearch has been a good solution to that problem so far.

The tool was initially released as a companion to the presentation how to search extracted data that was given at DFRWS EU 2015

Table Of Contents

  • Elasticsearch Index & Search
    • Features
    • Why?

Related Topics

  • Documentation overview
    • Previous: Welcome to esis’s documentation!
    • Next: Installation

This Page

  • Show Source

Quick search

©2015, NowSecure. | Powered by Sphinx 1.6.5 & Alabaster 0.7.10 | Page source