Digital Forensics XML Schema

From ForensicsWiki
Revision as of 17:43, 21 April 2010 by Jbgross (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Forensics XML, or Digital Forensics XML, is an XML format designed to help standardize output/logging for a variety of digital forensics tools. The format and schema originated with fiwalk, but is being adopted by other tools.

Background

Simson Garfinkel has developed a series of tools designed to generate and analyze forensic data, and is using this XML format to produce analysis-ready output[[1]].

Schema

The Media:Forensics XML schema is available for download. The schema is somewhat in flux, in that new elements will be added as necessary. However, the basic structure is unlikely to change.