wladimirleite
commented
4 months ago It makes sense to move this parameter to command line, but I would prefer the last option (if the parameter is not defined, use the setting from LocalConfig.txt).
Open lfcnassif opened 4 months ago
wladimirleite
commented
4 months ago It makes sense to move this parameter to command line, but I would prefer the last option (if the parameter is not defined, use the setting from LocalConfig.txt).
paulobreim
commented
4 months ago I think staying in localconfig.txt is better because the trend is for SSD to become standard on computers, so it wouldn't make much sense to put this on the command line, as it would be the default.
In fact, I wanted to know one thing: In terms of software, what does the IPED do differently when it is an SSD?
wladimirleite
commented
4 months ago I think staying in localconfig.txt is better because the trend is for SSD to become standard on computers, so it wouldn't make much sense to put this on the command line, as it would be the default.
Although using a SSD disk as output is becoming more common, there are still many cases when it is not the case. Having the option in LocalConfig.txt (to be used as default) and the option to use a command parameter to override it when desired seems a more flexible approach.
In fact, I wanted to know one thing: In terms of software, what does the IPED do differently when it is an SSD?
outputOnSSD: There are a few details, but it basically creates the index directly on the output folder (instead of creating it on the temporary folder and moving in the end), when enabled (i.e. output is on a SSD).
tempOnSSD: It basically enables the creation of temporary files for items, so each task won't need to read (and perhaps decompress) them again from a potentially slower disk.
lfcnassif
commented
4 months ago tempOnSSD: It basically enables the creation of temporary files for items, so each task won't need to read (and perhaps decompress) them again from a potentially slower disk.
It also increases the number of index merge threads, making indexing faster.
This is another old thought. I think that parameter is more related to the specific case and not to the user machine, since he/she may choose to create the case on different disks, depending on evidences size, current free space on local disks, if the case will be analyzed by him/her or by another examiner...
A no parameter
--outputOnSSDswitch was my first and preferred option. But a more verbose-outputOnSSDoption accepting a boolean value would allow for backwards compatibility, reading the value from the old location if the new option is not specified in the command line.Thoughts?