Jump to content

All Activity

This stream auto-updates     

  1. Today
  2. Corey do you use batching to assist your customers with the review process? I think you could completely exclude irrelevant items when creating the batches, not precisely what you are asking for I know but it's a workable solution, this method would also negate the need for the client to worry about the dedupe button.
  3. Okay Corey, I've found myself with some time on my hands so ran a test on some existing data which I had already used to create a Relativity load file. Below are the steps I took and the results achieved when importing the overlay back into the case. First step is to setup custom columns, I like to do this prior to indexing my source data. Basically add sources but do not index, then once the custom columns are setup go back and 'reindex' the data. You don't have to do this, you can index your data then add custom columns, however you will need to reindex after adding custom columns so you are better off time wise to index only once if you can set your workflow that way. 1. Custom Columns For what you are trying to achieve I would setup the following custom columns (the names are not important, those are just what I use). DOCID PARENT_DOCID ATTACH_DOCID BEGINGROUP ENDGROUP I set these up without mapping them to any specific fields in the Properties or RAW DATA tabs, so I just use the options like the pic below, this just creates a column without any data populated. They need to be kept blank in this instance so I can map them when I overlay the loadfile data. 2. Loadfile Creation After the data is indexed and the loadfile data selection is done it's time to create my loadfile, ensuring I use the same names as my custom columns for continuity, the pics below show the field selection options I chose for these fields when creating the load file: DOCID - Default field created when you setup the loadfile, depending on your naming conventions it will be something like PREFIX.000001.0000023 PARENT_DOCID - exactly what it sounds like, the same naming convention but reflecting the parent document ATTACH_DOCID - as you would expect, the child items BEGINGROUP - This is the first file in a group, which will be the parent ENDGROUP - The final file in a group, ie the last child item For the purpose of this discussion you can ignore the BATES numbering columns. The below picture is an excerpt of my load file showing the relationships are captured at the loadfile creation using the DOCID numbers. 3. Import .DAT Loadfile as Overlay Now go to File-->Import Loadfile Change the Import Operation to "Overlay", then use the "..." button to navigate to your .DAT file from the loadfile you just created and click 'next'. You should now have something like the screen below Now we need to map the columns from the loadfile to the custom columns you created. Click 'Next' then begin the mapping exercise You don't have to map all the fields, just the ones you need, in the right hand box under 'Intella Columns' locate the custom fields you created, highlight then click the left blue arrow to move that across to match the corresponding load file field you want to map it to. Once you have all the desire fields mapped click 'import'. IMPORTANT - it's very important the you have the overlay options (top left) field correctly setup otherwise the import will not work. I have use the MD5 hash as this is part of my loadfile, however the ITEM_ID would be the logical choice provided this is part of your loadfile. Screenshot below shows my new fields exposed buy unpopulated at the beginning of the overlay import (the column with numbers is the Item ID field). This overlay import was for 26k items and took about 15 minutes. The screenshot below shows after the process has completed and you can see the new fields have been populated. Now to address your specific needs This is now achievable simply by sorting by the DOCID field 1. Sorting by DOCID achieves this 2. The BEGINGROUP is what you want here I think, this is the parent file and first file in a family 3. I'm not sure I understand the goal here. The very nature of hashes is to be unique so it would go against all forensic procedures to have different files with the same hash. What sort of custom deduping are you wanting. Perhaps this can be achieved now with the custom fields. This is another one I'm not sure that I'm understanding correctly. If you mean if you have 2 emails which both contain exactly the same children items? If that's the case a normal dedupe would take care of that now as all items would have duplicates. If you mean you have 2 identical parent emails but then have slightly different children and you want to only keep one of those parents and the resulting children I believe you can accomplish that now by using top level deduplication then tagging only children of the deduped top level items. Perhaps you could elaborate on this point a bit as I'm not sure what your goal is here. Intella has a fairly strong customisation ability for loadfile creation already, and in fact I found it's just as extensive (if not better) than the other common tool used for processing data. I've found that eDiscovery can vary greatly from client to client as to what they would like to see, however you are correct that there are many data points which are standard across load files, even if the end client doesn't see them on the review side of things. I hope I have at least answered some of your questions
  4. Yesterday
  5. Last week
  6. Hi Qasim, No, this feature has not been added to Intella/Connect yet. To work around it, you will need to export the item, open it in its native application, then print it from there.
  7. jon.pearse

    W4 Latest Version

    Vound is pleased to announce the official release of W4 1.0.3. W4 1.0.3 is available from the Downloads section in the Vound Support Portal, after logging in with your email address and password. Users with a W4 1.0.x license can use this version. Please read the Release Notes before installing or upgrading, to ensure you do not affect any active cases. Highlights Added support for cellphone extractions (Cellebrite, XRY and Oxygen) Added an option to extract Raw data Added a license manager where you can choose with license to use when starting W4 Added version update notification The Dongle Manager is now included in the W4 installer Release Notes W4-1.0.3-Release-Notes.pdf For additional information, please visit our W4 website website.
  8. Corey I suspect you can accomplish some (if not all) of this currently by using custom columns and then creating an overlay to import back in to the case. I currently have quite a few custom columns that I add to a case before I index any data to avoid the need for reindexing. The parent/child relationship is created when preparing Loadfiles, so I suspect there a way you can leverage this back into the case with an overlay. Sorry I don't have the time at the moment to run any tests and provide you something definitive, but I suspect Jon won't be too far behind in providing something more substantial.
  9. Indexing an Office 365 source This document should be read along with the information listed in Section 10.2 of the Intella User Manual in regards to connecting to an Office 365 source. Connect to Online Office 365 The Office 365 source type allows for retrieving both user account and user groups. For each user account used to access Office 365, the source can retrieve data from Outlook, OneDrive, and SharePoint. For each user group, the source retrieves titled conversations containing emails. For Outlook, the source retrieves all folders (both standard and user-defined) and all emails therein. For OneDrive, the source retrieves all folders and all files. The Office 365 source uses the Microsoft Graph API to connect to Office 365 and retrieve its resources. There are two ways in which a connection can be made: as a user and as an application. A user login allows for the retrieval of that user’s resources only. An application login allows for the retrieval of the resources of selected or all users. Depending on the connection type used, the Microsoft Graph service uses a different group of privileges to control access to the Office 365 resources. For both connection types, it is required to grant admin consent after assigning the privileges. Before using Intella to index the Office 365 data, you need to configure Office 365 in the Azure portal so that Intella can access the data. Note that Intella can only access the resource if there are adequate permissions to access the account and content. Below are some issues that have been reported to us. These issues are all related to the Azure portal where the Office 365 permissions have not being set correctly. You get an error (similar to below) when using the 'Connect to Office 365' option in Intella's Add new source wizard. The 'Connect to Office 365' option in the Add new source wizard completes successfully, but you can not index any data from the account. You can connect to the account with no issues, and you can index data in the account with no issues, but Intella indexes other data associated with the account which should not be indexed. Intella will be able to index an Office 365 source provided that the permissions are set correctly. The Office 365 permissions are to do with the account on the Azure portal, and therefore, the user must manage these connectors and permission themselves. This is something that Intella can not do. Below is a guide on how to grant Intella access to Office 365 as a user. Please note that this guide is a conservative measure to ensure that Intella has ample permissions to access all aspects of the account, so that it can index the data. This guide may have more permissions/access set in Azure than what is minimally required for the purpose that you want to use. It is up to the user to set the correct permissions for the required access to the Office 365 account within the Azure portal. Note that Intella reads the data through the Microsoft Graph API. No write permissions are required, and Intella does this in read only mode. Step 1: Go to https://portal.azure.com and login using the Office 365 admin credentials. Step 2: Select Azure Active Directory option in the sidebar menu. The Active Directory overview page will be shown. Step 3: In the subsequent sidebar submenu select the App registrations option. Step 4: Click the New application registration button. Step 5: The Create form will be shown. Enter a name for your application in the Name field (e.g. Office365crawler). In the "Redirect URI" section, select Native in the drop-down list. Set an artificial redirect URL in the second field (e.g. https://localhost/office365/crawler). Finally, click on the Register button. Step 6: The newly created application will appear in the App Registrations result table, as shown in the following figure. Click on the application name in order to see the application's Properties page. Step 7: The Properties for the new application will be shown. This page shows the Application ID. The Application ID is required by Intella when connecting to a Office 365 source. Record this ID as we will need it later when adding the source in Intella. Step 8: Click on the View API Permissions button, as indicated by the arrow in the screen above. By default there is a User.Read privilege added for the Microsoft Graph API. We now need to add additional access permissions to the APIs for Microsoft Graph and Office 365 Online. Click the Add a permission button. A new panel will open after pressing the Add a permission button. Click on the Microsoft Graph option. Step 9: Select the Delegated permissions option from the list. Step 10: The list of permissions will appear in the "Select permissions" section of the "Request API permissions page". For connecting to an Office 365 source, set the following permissions: Permission groups Permissions granted Calendars Calendars.Read Contacts Contacts.Read Tasks Tasks.Read Mail Mail.Read Sites Sites.Read.All User User.Read.All By design, Intella invokes only Read and Sign in operations, so no data in Office 365 will be changed, even if Write permissions are chosen. However, Read and Read.All privileges must be granted in order to allow Intella to download the corresponding elements. Note: These are the correct permission settings at the time of this writing. Over the last year we have seen several changes to the Azure management portal and related permissions. If you have access or connection issues, you may not have granted enough permissions to access the source. You should troubleshoot this by checking whether new permissions, relevant to Office 365, have been added to Azure, or whether there have been any changes to the current permissions mentioned above. Finally, click the Update permissions button to complete the configuration of the permissions for the selected API. Step 12: After adding all required permissions to the list, you need to grant admin consent for the permissions. Please click on the 'Grant admin consent' button on the 'API permissions' page. Step 13: Now that you have configured access to a Office 365 account, you can use the Add new wizard, with the 'Office 365' option, in Intella to index the Office 365 data. Remember that you will need your login credentials, and the Application ID to connect to a Office 365 source.
  10. Earlier
  11. My team has been using Vound products for years and the following are items that we would love to see added or changed in the current offering of Intella Connect: Add the capability to exclude “Irrelevant Items” entirely from a case. For eDiscovery, we have not found an instance where we needed these files and while we can hide them for our reviewers it would be nice if they never had to see them. Add the capability that forces families to sort in order (i.e. parent before children, etc). This would help when reviewing and producing documents. For example, if we sort by "Family Date" it should sort families together so that we can produce with families together or review families in that order. Add a number of new fields to help better track families, as it is a challenge currently. Below are some field changes we would like to see: Change Item IDs so that they are in order by family or add a separate field that has a file level ID that allows the attachments to be in order with the parent files. Create a Family ID column (all files in a family have same ID) so that the files can be sorted by the field and kept families together or so that families can easily be figured out on a report, etc. Create a Family Hash or Parent Hash field so that all files in a family have the same hash value as the parent file. Helps if custom de-duplication needs to be done. Add the capability to de-duplicate on a family level instead of on a file level Add an option as the case manager to enable de-duplication (and select the type) at a case level so that reviewers don’t have to check the option to de-duplicate. Enhance production capabilities so they are more standard for eDiscovery. For example, for emails it is possible to not include standard meta-data fields in the image but it should be standard for eDiscovery to always show the same information. Add the capability to create a report of all of the users for a particular case. all shared cases, or all loaded cases so that we can create targeted communications regarding case or service outages. Let me know if you have any questions, concerns, or need clarification on the items above. Thanks! Corey
  12. My team has been using Vound products for years and the following are items that we would love to see added or changed in the current offering of Intella: Add the capability that forces families to sort in order (i.e. parent before children, etc). This would help when reviewing and producing documents. For example, if we sort by "Family Date" it should sort families together so that we can produce with families together or review families in that order. Add a number of new fields to help better track families, as it is a challenge currently. Below are some field changes we would like to see: Change Item IDs so that they are in order by family or add a separate field that has a file level ID that allows the attachments to be in order with the parent files. Create a Family ID column (all files in a family have same ID) so that the files can be sorted by the field and kept families together or so that families can easily be figured out on a report, etc. Create a Family Hash or Parent Hash field so that all files in a family have the same hash value as the parent file. Helps if custom de-duplication needs to be done. Add the capability to de-duplicate on a family level instead of on a file level. Enhance production capabilities so they are more standard for eDiscovery. For example, for emails it is possible to not include standard meta-data fields in the image but it should be standard for eDiscovery to always show the same information. Let me know if you have any questions, concerns, or need clarification on the items above. Thanks! Corey
  13. Hi all This is an issue I hadn't seen before. When I try and preview an email or file internally I only see the name of the document or email and not the content. If I preview the document or email externally I see the content. This includes not seeing anything in the preview tab, raw data, properties etc. Interestingly when I run a keyword search it does find data, so that would indicate the indexing has been successful. Any help gratefully accepted. This is an urgent case by the way (Aren't they all) Chris McNaughton
  14. Thanks Adam, as always. I should probably grab an ATI card like you suggest. I thought there might be some magic bullet setting in Nvidia or Java that I had forgotten about setting on the old machine.
  15. While you could spend much time testing and trying beta drivers or other tricks, I think ultimately the best solution here would be to work through with the Intella Dev guys to find a permanent fix. I've never seen anything remotely like what you are experiencing, but it would seem that from time to time Nvidia and Intella don't play nice together. If you are desperate for a short term fix I would suggest possibly going out and grabbing a cheap video card that with an ATI chip, remove Nvidia from the equation until a suitable fix can be found.....or possibly Beta drivers..
  16. I just assembled a new workstation and am having trouble with the Intella interface having some nasty display issues. The new machine has an Nvidia GT1050ti video card and is using the 419.67 driver (I know it's not the newest driver, see below). My other machine I run Intella on (older machine) has an Nvidia GTX750Ti with driver version 364.72. Every attempt to update the older machine to newer drivers resulted in Intella issues, so I kept the old drivers in place. On the new machine, whenever I mouse-over any interactive area of the interface, I get second and third and fourth, etc. instances of my Intella screen. My problem is that there is no "older driver" for the new video card, so I tried both the newest and the oldest (currently using) and have the same issues, as seen in the below screen capture of an export dialogue. I replicated the video driver options as best I could between the two machines, but I am still having the same issues. The old machine is W7Pro and the new one is W10Pro. Any suggestions for how to handle? It pretty much makes Intella unusable on this machine.
  17. I didn't realise this either, and it's something I've been wanting for ages haha
  18. The parent_tab/child_tag syntax will assist in the short term, however to avoid the need having the ability to simply tick a box and type a 'Parent' name as part of the AutoTag process would be ideal. The changes I'm thinking of are giving the ability to apply parameters to keyword lists for searching and auto tagging. So for comparison, if I want to search across the subject lines ONLY of all emails I do the following steps: Highlight emails in the type-->communications facet, right click and select 'include' select the 'options' button next to the free text search field (top left) and untick all options except 'subject' enter search term in the free text search field and press enter results display matches across emails only in the subject field I can then highlight and tag those results before moving on to the next search term Using that as a basis for what I'm looking for imagine how to make that possible using a keyword list so we can avoid typing in hundreds of individual search terms. When we add a keyword list and then select 'AutoTag' the only option we can change is the tagging rules (item only, including child items or including all family tree items). There will be many uses I think where having the ability to apply the following filters to keyword lists AND have them auto tag would be great: Dedupe/ignore irrelevant Specify fields to search across (subject, text/body, email addresses etc) One tag only per keyword per item/document First occurrence applies within single item (single item has multiple keywords which are responsive, only the first responsive keyword tag is recorded) Highest number of hits on single document (single item has multiple keywords responsive, keyword with the highest number of occurrences is recorded) Just a few thoughts but I'm sure there are other ways we could give some granular control over keyword list auto tagging.
  19. Wow, I had NO idea the keyword list search adhered to the check boxes under the individual keyword search box. That makes things much easier, thanks!
  20. Hi Adam! You should note that Primary Dates are calculated based on values stored in Intella columns. Different file formats are populating it differently: sometimes from RAW DATA, sometimes from item properties directly, etc. Therefore I wouldn't go this road because it would be hard to achieve 1:1 consistency. However, I think that the solution to your problem is rather simple. I would create a CSV export (or a load file) containing two columns: Item ID Primary Date Primary date will be populated using full date format (date + time + time zone). Then I'd use some text processing tool (Excel, advanced text editors, etc.) to remove date + time from the 2nd column. Now you'll need to create a new Custom Column of type "TEXT". The final step would be to add a new source as a Load File Overlay with following settings: As you can see the column which you modified (PRIMARY DATE) will be mapped to new custom column you created (TZ ONLY). Item ID is used to match items. After the overlay is imported, you will see: Is that what you need? I hope it helps a bit.
  21. Hello Adam, When using auto-tag feature you can provide the tag name in the following format: parent_tag/new_tag. That way a parent tag will be created first and you should be able to maintain your structure. Is that what you were seeking? As for the other part of your question - what changes/features in the UI you would like to see to influence the scope of this search/tagging operation? Filtering by type or something else?
  22. Hello, You can indeed do a search like e.g. "car NOT path:car", but a drawback is that items that have a hit for "car" in another field besides the path field are then also excluded. What I suspect you really want is to simply ignore the text in the path field. Fortunately, the Keyword Lists does take into account the search options selected in the Keyword Search panel. You can simply unselect the Path field there. Note that in Intella 2.3 we added a separate "File name" field. Depending on your situation, you may want to uncheck that one as well. We plan to give the Keyword Lists facet its own search options list in a future version, to make this type of control more apparent.
  23. What about excluding path hits when using a keyword list (no checkboxes for search options)? I seem to recall there being a way to prepend each keyterm in the list with something like 'notpath', but I cannot find where I think I recall that from.
  24. The autotag feature when undertaking keyword list searches is something I use quite a bit, but it would be great to see some further control over how those tags are applied. Lets say I already have a dozen or so tags applied, and a structure built up, if I import a new keyword list and want to auto tag those new tags are going to be interspersed between my existing tags and basically make a mess and trigger my neatness OCD bug To whit, currently we can set the tagging preference only (ie tag the selected item only, tag it's children as well etc..) I would be great to simply have a check box and be able to put that list of new tags into it's own nested parent tag, for example all these new keyword tags would be under a parent tag 'KWS 2' or what ever we want to call it. That way once the search and subsequent tag operation has completed it is very easy to work with that new set of tags. Secondly we can't influence what those new keywords are searching across, it would be another good addition if we could apply exceptions/inclusions or the options filter to the autotag/search process to limit the false positives and the cleanup that we have to undertake after the operation.
  25. Hi Adam, Thanks for your suggestion! I agree that having such a button would be a good idea. We might add it in one of the future versions.
  1. Load more activity
×
×
  • Create New...