Primoz
-
Posts
35 -
Joined
-
Last visited
-
Days Won
2
Posts posted by Primoz
-
-
Hi Chris,
Please follow the instructions below:
1. Do Email Address facet query:
All senders -> [person X]This will result in a cluster representing all emails sent by [person X].
2. Expand Email Address facet -> All receivers branch
3. Right click on All receivers branch and select Organize -> Sort by item count
4. Click 'Show only highlighted values' icon at the bottom of Email Address facet
5. The last step is to just export the results by right clicking on All receivers branch and selecting 'Export values...'
-
We don't have any experience with ECC but maybe this blog post:
(and discussion underneath it) will help you to decide on this.
-
Hi Lukasz,
I suggest you to read through these threads:
Selecting a Computer to Host Your Intella Software
Connect Hardware RequirementsThe last one is targeted at Intella Connect but I believe you can get some usable information there anyway.
Please understand that it's really hard (or near impossible) to predict how much different hardware combinations will improve processing speed because of countless variables. I guess you've already got a sense of that by reading through the threads above. Anyway, there are few guidelines/recommendations in the order of effectiveness:
- SSD: we recommend using SSD drives over HDD
- RAM: 32 GB should be (just) OK for indexing with 6 cores, having more may help with certain types of evidence
- CPU: moving from 4 to 6 (or more) cores will help to reduce indexing time, provided that the machine has sufficient RAM
- GPU: not a factor
Note that there is no need to switch to Windows 10 as far as Intella is concerned. But given the fact that mainstream support for Windows 7 ended in January 13, 2015 you might consider upgrading it anyway.
With regards to your last question - as already said it's hard to predict what will be the increase of performance when using:
- i9 instead of i7
- 64GB RAM instead of 32GB
so we can't give you any definite answer on that.
-
Did you maybe try to open the resulting PDF in some standalone PDF viewer?
Is the second page still missing in that case?
-
Hi AdamS,
Are you experiencing this with Intella or Intella Connect?
Are you referring to:
... when saying that this only occurs when selecting the "print preview view"?
Also did you try to open the resulting PDF in some standalone PDF viewer (i.e. Adobe)?
-
Hi Brendan,
We cannot give you an exact date.
However it is on our roadmap already.
-
Hi PF1,
Wondering how hard it would be to allow the import of multiple key word lists at once?
I often have numerous lists that I need to run independently of each other, and it would be nice to be able to load them all in at once instead of having to load each one individually.
Thank you for suggestion. I will make a note of it and discuss it with our dev. team.
-
Hi Todd,
I'd like to second Adam's request for the ability to search email senders and receivers by Identity. I had a request today to find all emails between two people. Since each person may have multiple email addresses, it would be great if I could create Identities for them, then run a search that was essentially:
(From:Identify-A AND To:Identity-B ) OR (From:Identity-B AND To:Identity-A)
This should be possible with the use of Identities facet.
Please follow the steps below:
- Switch to Social graph view
- Set Edges to Only Identities
- Use Identities facet:
- Search for Identity A
- Search for Identity B
- Select the edge connecting Identity A and Identity B
-
Hi KTD3287,
In order to index only Skype conversations from specific source the alternative approach to the one described by Jon is to add just SQLite type as this is a database type which is used by Skype to store it's data. The thing is that Intella can't know whether certain SQLite database is actually produced by Skype unless it's indexed - that's why selecting just "Skype conversations" doesn't have any effect at the moment. We might improve this in the future.
Side note: If you want to index also SQLite databases inside archives, you have to include also the appropriate archive types.
-
Hi Cayerpm,
Our database consists of multiple proprietary databases developed by Vound so there is no "one database" that could be effectively queried.
Could you please elaborate on the problem you are trying to solve?
-
Hello fuzed,
We had never heard of such issue before.
I suggest you to open up a support ticket as we will need server log files and some additional information in order to investigate this further.
-
So if emails are selected but chat logs are not selected you could potentially have the following scenario:
An email has a chat log attachment, and the chat log has an embedded zip file which was sent between parties.
Intella will index the email, but as chat logs are not selected it will not index the embedded zip file and any of it's contents?
So to avoid missing any embedded/nested files it's probably a good idea to select all items at this screen where there is any doubt about possible hidden files, unless you are indexing files which you are sure have no embedded content of any kind.
Adam, you're right. If chat messages were not selected Intella would skip them - that means that also embedded zip files would be skipped.
I feel like this begs the question "if none of these selections have an impact on performance, why are they UNselectable?"
I mean, I have no way to know if an email has an attached chat log and the log that in turn has an embedded zip file. That's WHY I am using a tool like Intella to process the email!
I just don't see the point of having this configurable if the best course of action is always to run it with all items selected.
The performance gain can be observed when un-selected data types are present in the source data (as those are not indexed in this case).
For example: If we know that a data set contains registry files (which are time-consuming from indexing perspective, and give no information), we deselect Registry indexing and gain better performance.
-
Hi Fuzed,
The safest way to achieve this would be to create an export (Original Format) of the data you want so share with the 'other side' and then create new case out of it.
-
I am glad you solved it.
Braking a single query
"john smith" OR "bob smith" OR "dav* jones"
into three separate queries
"john smith"
"bob smith"
"dav* jones"and then making use of a cluster map to find items of interest is a way to go.
Similar thing can be achieved using "Include Search" (see User Manuals - 13.2.1 Including a facet value).
Let's say that you phrase of interest is "john smith" - in this case you would make two queries like:
"john smith" (include search)
"bob smith" OR "dav* jones" (search)Doing it that way only one cluster map would be produced containing all items that contains phrase "john smith" and one or both of the phrases "bob smith" or "dav* jones".
As you see the beauty of Intella is that you can achieve same thing with different approaches.
Side note:
There is an interesting post on "Testing keywords queries" topic that might be of interest for you:
http://community.vound-software.com/index.php?/topic/134-keyword-testing-tips/
-
Hi CFA,
It's hard to judge based on the description that you've provided whether this is a user error or something else.
Running a phrase search "john smith" finds items containing "John Smith" and highlights queries properly in my test case. See example:
You can check out whether search is working properly in your case by searching for "John Smith" and then checking out few items from the result set whether "John Smith" phrase is actually present.
In order to provide you with more information I suggest you open up a support ticket attaching an item for which you think highlighting doesn't work properly (or at least provide us with some screenshots demonstrating the issue).
-
Hello CFA,1. There is no automatic way to extract search terms from Saved searches directly. The good news is you can do it manually by evaluating each of the Saved searches and then do the Export of queries (right click on the Searches panel -> Export queries). Produced CSV/XLS will contain following data:
Facet, Result, Total Count, Count after Includes and Excludes
Search term will be placed in Result and number of found items in Count column.
For more detailed statistics the Keywords tab (User manuals: 16.4 Keywords tab) in Statistics view can be used on the Keyword list created out of the data produced in the previous step.2. This behaviour is normal. Hits in previewer are highlighted only when Keyword Search is present in the Searches list. This can be achieved using Saved search or Keyword list. Example:Let's say we have a tag Intella where keywords of interest are:- Vound
- Intella
- eDiscovery
In this case one would have to make Include search for "Intella" tag and then do an ordinary query of Saved search or Keyword list containing the words of interest in order for those to be highlighted in the previewer. -
Hi Daniel,
The section "10.8 Restoring annotations" that can be found in User manual might help you with this.
-
Hi Gary,Can you please open a support ticket.Please provide us with as much details as possible:
1. Some indexed emails come up with an error when we try to export them, even though the evidence paths are correct, the email has indexed correctly and the email opens fine if you browse to it manually.
What is exact error/exception? Note: Details can be found in Export report.2. Some emails have been flagged as exception items, even though there’s no obvious reason why, the original emails open up fine. These exception items have not been indexed and are not keyword searchable.
What is exact error/exception? Note: Details can be found in the indexing Exceptions Report (Sources > Exceptions Report)...
There’s an issue in that some attachments are not loading up correctly.
3. What exactly do you mean with "some attachments are not loading up correctly"? What happens when you try to preview such item? -
Hi Josh,Exactly, right now the only way to achieve this is to allow them to manage all of the cases.
-
Hi Josh,You are right on that - we will make it possible for Case administrators to change their password on their own in next release.Please note that Server administrator can still change the password of any user.
-
1
-
-
We got an interesting question from one of our customer with regards to Proximity search using more that two words.
As this might be valuable information also for others I decided to publish the recap of an answer:
Proximity is actually the number of other words permitted between words in query phrase.If zero, then this is an exact phrase search. Please note that ordering doesn't matter.
Let's look at the example:
"vound connect intella"~3
Will match:
"vound intella connect" (words in between: 0)
"vound extra words here connect intella" (words in between: 3)
"vound some words connect separated intella" (words in between: 3)
"intella vound connect" (words in between: 0)
Will not match:
"vound too many extra words here connect intella" (words in between: 5)
"vound some words connect further separated intella" (words in between: 4)-
1
-
-
Actually it's possible to achieve similar effect by passing same Keyword List you've used to prepare workload together with assigned tagged items to reviewers.Each of them can then evaluate/search by Keyword List and do a `Include search` of tagged items assigned to him.That way reviewers will be able to see same highlighted keywords as you did when preparing a workload.
-
Hi markjrouse,Can you please open a support ticket with regards to keyword list not being evaluated as we will have to investigate that further. Please provide us with as much details as possible.With regards to highlighted keyword hits please note that keywords are highlighted based on the present keyword queries in the main window at the time when previewer is opened. This is by design and can't be changed at the moment.
-
Hi dpmills,It's hard to say what is causing this at first sight.In order to find a reason why number of discovered items dropped to around half a further investigation will be required.Could you please open a support ticket - that way you will be able to provide us with all neccesary information.
Some thoughts about W4
in W4
Posted
Hi Fabian,
You're welcome.
Please see my answers below:
1. I see how this could be helpful. Ticket for this was created and will hopefully be tackled in on one of the future releases.
2. It really is just a basic CSV export functionality. Presets would indeed make things more usable. We will think about whether it makes sense to make it part of reporting functionality though.
3. We will consider this.
4. Like you've already found out - we suggest using Intella for more detailed reporting.
5. Good idea. Ticket was created for this.
6. So the idea there is to show all folders/files in the selected folder instead of direct children (like it's working now)?
7. Would possibility to assign shortcuts to tags work for you? Or are you strictly after "flagging" functionality?
8. That indeed could be improved.
9. So you mean to make it collapsible - similar to how previewer can be hidden?