hi, My EnCase version is v7 and I found a terrible issue about index search in Unallocated area. Without Internet Evidence Finder I could not the truth of EnCase index search...Thanks God I use IEF to carve the evidence file and some webmail found..s…

My friend told me that she installed EnCase v8.05 on her workstation which OS version is Win 10. She conducted an index search but no any hits found in results. I told her not to jump to conclusions too soon. For caution's sake, I install EnCase v8 o…

My friend she told me last week that FTK could not "see" keywords in a plain text files when doing index search. That's very interesting. I used to trust the search results of FTK, and I think there must be something wrong . I have to do a test…

Some of my friends ask me a question: "Does FTK index search support regular expression?" They just participated in FTK Bootcamp last month, and they're trying to spend more time with FTK now. The answer is "Yes". FTK index search supp…

I used to conduct raw search in EnCase v6, and I'd like to see if EnCase v7 raw search could hit keywords inside compound files or not. You won't believe it~search results is 0 but those keywords do exist inside compound files...Let my show you my te…

结合网上的资料,抄袭了几张图,记录下. 1.solrcloud-collection/shard/replica 1.Replica.Leader是core的角色,在index.search的过程中作用不同. 2.不同shard尽量分布在不同的solr节点上.solr上的core尽量分布“均匀”,确保负载平均. 2.solrCloud-index 1.将index请求发送到任意core上. 2.如果core是Replica,则转发到同shard的Leader上. 3.判断index到哪个分片上(…

转发自:  https://my.oschina.net/u/3777556/blog/1647031 什么是Lucene?? Lucene 是 apache 软件基金会发布的一个开放源代码的全文检索引擎工具包,由资深全文检索专家 Doug Cutting 所撰写,它是一个全文检索引擎的架构,提供了完整的创建索引和查询索引,以及部分文本分析的引擎. Lucene的目的是为软件开发人员提供一个简单易用的工具包,以方便在目标系统中实现全文检索的功能,或者是以此为基础建立起完整的全文检索引擎,Luce…

A friend of mine said to me that she could fool those forensic tools easily by changing writing direction in text. I said to her: "Really? Are you sure...don't jump to conclusions too soon...". She showed me two screenshots as below: 1.She used…

Operators: space AND | OR ! NOT < > Grouping " " Search for an exact phrase. Wildcards: * Matches zero or more characters. ? Matches one character. *.* Same as * Macros: quot: Literal double quote (") apos: Literal apostrophe (') amp:…

Last week my friend told me that she made a terrible mistake. She conducted raw serch and found no search hits within M$ docx files. She did not know what's wrong in the first place until her clients told her that some words actually exist in those d…

https://www.elastic.co/guide/en/elasticsearch/guide/current/getting-started.html Elasticsearch is a real-time distributed search and analytics engine. It allows you to explore your data at a speed and at a scale never before possible. It is used for…

Solution for automatic update of Chinese word segmentation full-text index in NEO4J 1. Sample data 2. Differences between English and Chinese Full-Text Indexes 1. Create NEO4J default index 2. Delete Index 3. Create an index that supports Chinese wor…

elastic4s是elasticsearch一个第三方开发的scala语言终端工具库(Elastic4s is a concise, idiomatic, reactive, type safe Scala client for Elasticsearch.).scala用户可以用elastic4s提供的DSL用编程代码形式来构建ES服务请求.与字符型json文本直接编写请求不同的是:在编译DSL编写的ES服务请求时可以发现无论是语法上或者语意上的错误.一般来讲:elastic4s的程序流程相…

elasticsearch的config文件夹里面有两个配置文件:elasticsearch.yml和logging.yml,第一个是es的基本配置文件,第二个是日志配置文件,es也是使用log4j来记录日志的,所以logging.yml里的设置按普通log4j配置文件来设置就行了.下面主要讲解下elasticsearch.yml这个文件中可配置的东西. cluster.name: elasticsearch配置es的集群名称,默认是elasticsearch,es会自动发现在同一网段下的es,…

##################### Elasticsearch Configuration Example ##################### # This file contains an overview of various configuration settings, # targeted at operations staff. Application developers should # consult the guide at <http://elasticse…

一.简介 ElasticSearch和Solr都是基于Lucene的搜索引擎,不过ElasticSearch天生支持分布式,而Solr是4.0版本后的SolrCloud才是分布式版本,Solr的分布式支持需要ZooKeeper的支持. 这里有一个详细的ElasticSearch和Solr的对比:http://solr-vs-elasticsearch.com/ 二.基本用法 Elasticsearch集群可以包含多个索引(indices),每一个索引可以包含多个类型(types),每一个类型包含…

在js中,经常会遇到在函数里调用其它函数的情况,这时候会有 fn() 这种调用方式,还有一种是 return fn() 这种调用方式,一些初学者经常会一脸萌逼地被这两种方式给绕晕了.这里用一个优雅的面试题来分析一下两种方式的不同之处. var i = 0; function fn(){ i++; if(i < 10){ fn(); }else{ return i; } } var result = fn(); console.log(result); 这是一道隐藏了坑的面试题,看似很简单,大部分…

简介 链表就是链式存储数据的一种数据结构.双向链表每个数据存储都包含他的前后数据节点的位置信息(索引/指针). class DSChain<T> { //使用栈来进行废弃空间回收 private DSStack<int> _recycle; //数据需要三个数据来存储内容,分别存储前后节点索引和数据本身 private int[] _prev; private T[] _ds; private int[] _next; //链表头尾的索引,跟踪表尾主要方便LRU使用 private…

支持多种存储引擎是众所周知的MySQL特性,也是MySQL架构的关键优势之一.如果能够理解MySQL Server与存储引擎之间是怎样通过API交互的,将大大有利于理解MySQL的核心基础架构.本文将首先介绍MySQL的整体逻辑架构,然后分析MySQL的存储引擎API并介绍如何编写自己的MySQL存储引擎. MySQL逻辑架构 MySQL作为一个大型的网络程序.数据管理系统,架构非常复杂.下图大致画出了其逻辑架构. Connectors MySQL首先是一个网络程序,其在TCP之上定义了自己的应…

一.Cluster  setting Cluster indices.ttl.interval  允许设置多久过期的文件会被自动删除.默认值是60秒. indices.cache.filter.size  ES的filter cache有两种,一种是node级别的cache(filter cache默认类型),一种是index级别的filter cache.Node级别的cache被整个node共享,并且可以使用百分比设置,对应的属性为index.cache.filter.size,这个属性的值…

基于discuz的索引配置文件,这个配置文件比较灵活,可以根据不同的需求来配置 # # linuxTone full index search configure file # source lt_posts { type = mysql sql_host = 127.0.0.1 sql_user = root sql_pass = sql_db = lt_bbs sql_port = 3306 sql_query_pre = SET NAMES utf8 sql_query = SELECT…

Datatables是一款jquery表格插件.它是一个高度灵活的工具,可以将任何HTML表格添加高级的交互功能.详细学习请参考其官网:http://datatables.net/中文网:http://dt.thxopen.com/ 下面是我学习datatables写的一个服务器端分页例子,首先,上图: 2.接着是js代码了     2.1显示初始化datatables,并撰写删除修改增加记录这几个功能按钮函数 function initTable () { var table = $("#ex…

由于网上有朋友对于这个问题已经有了很详细的研究,所以我就不班门弄斧了: 转载于:http://android-performance.com/android/2014/02/10/android-sparsearray-vs-hashmap.html http://liuzhichao.com/p/832.html http://www.codes51.com/article/detail_163576.html 源码: /* * Copyright (C) 2006 The Android O…

Mathematical Induction Mathematical Induction is a special way of proving things. It has only 2 steps: Step 1. Show it is true for the first one Step 2. Show that if any one is true then the next one is true Then all are true Have you heard of the "D…

为支持MVC的验证,无刷新查询,EF,以及让代码可读性更强一点,所以就重构了下原来的解决方案. 这里就简单讲下使用方法吧: Model: 继承PagerBase: 1 public class SearchModel : PagerBase 2 { 3 public SearchModel() 4 { 5 AddFields("UserName", "Age", "Sex"); 6 } 7 8 [Required(ErrorMessage = &…

开发环境vs2010 css:bootstrap js:jquery bootstrap paginator 原先只是想做个mvc的分页,但是一般的数据展现都需要检索条件,而且是多个条件,所以就变成了MVC多条件+分页查询 因为美工不是很好,所以用的是bootstrap前端框架,自己懒得写前端的分页控件,用的是bootstrap paginator分页控件. 方式: 用Get方式提交检索条件,分页可用2种模式,无刷新或者带刷新的跳转. Shared\_Layout.cshtml中添加css.js…

在此之前对commons包了解的不多,最常用的就是StringUtils.isBlack(str)来取代if(str !=null && str.lenght()>1)的判断,昨天忽然想看看StringUtils是个什么神奇的东西,这一看才发现里面没那么简单! 先看StringUtils中的所有方法:太多了不能一一列出…

5.onethink页面端获得后台服务器传值的方法 1:一般后台通过assign的值前台通过{$value}显示出来; 2:如果需要在js中使用 则可以通过 在js中写 var m = "{$value}"得到传来的值 注意这里的js需要与html在同一页面 不是封装的js 3:如果需要在dom元素中通过自定义属性获得后台传值 可以这样:<a  del ="{$value}" url="{:U('books/del')}">删除<…

cluster.name: estest   集群名称node.name: “testanya”  节点名称 node.master: false  是否主节点node.data: true   是否存储数据 index.store.type: niofs 读写文件方式 index.cache.field.type: soft 缓存类型 bootstrap.mlockall: true 禁用swap gateway.type: local 本地存储 gateway.recover_after_n…

今天我们主要看一下MySQL information_schema里面的关于innodb的锁和事物的两三个系统表: 看一下锁对应的sql: select * from innodb_lock_waits; select * from innodb_locks limit 2\G select * from information_schema.innodb_trx\G select * from information_schema.innodb_trx where trx_id = 45734…