Another way to index images for those using Docker on Linux #1811
paulobreim
started this conversation in
Show and tell
Replies: 2 comments 1 reply
-
Thanks @paulobreim, but maybe this info would fit better at iped-docker project page. |
Beta Was this translation helpful? Give feedback.
0 replies
-
I agree @lfcnassif , but there are no "Discussions" item to write. |
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Here's another way to index images for those using Docker on Linux
You can directly enter the docker image prompt like this:
Suppose your files where you want to process the image are in your /home/user/xxx folder
Then run the following command:
docker run -it -v /home/user/xxx:/work ipeddocker/iped
The -it flag indicates that you want to keep a shell inside docker
The -v flag indicates that inside docker, if you type "ls -l /work" (for example) it is equivalent to typing "ls -l /home/user/xxx" if you are outside docker. In other words, you are mapping everything in /home/user/xxx so that docker sees it as /work.
Now that you are inside docker, you can change any file, changing LocalConfig.txt, IPEdConfig.txt etc...
Even if you already have these files configured outside of docker, you can simply copy them using the cp command. For example:
cp /work/LocalConfig.txt .
Once the settings are done, just run the indexing, for example:
java -jar iped.jar --nogui --portable
-log /work/mylog.log
-profile forensic
-d /work/suspect
-o /work/suspectindexed
Beta Was this translation helpful? Give feedback.
All reactions