Re: [sleuthkit-users] Autopsy: Solr or Elastic?
Brought to you by:
carrier
Menu
▾
▴
Re: [sleuthkit-users] Autopsy: Solr or Elastic?
|
From: Richard C. <rco...@ba...> - 2016-11-03 20:53:09
|
One clarification: Autopsy currently uses Solr 4, not Solr 5. On Thu, Nov 3, 2016 at 9:35 AM, Brian Carrier <ca...@sl...> wrote: > As mentioned last week at OSDFCon, we are undertaking an effort right now > to reexamine keyword searching in Autopsy. We built it with an old version > of Solr 5 years ago and a lot has changed. One of the things that we are > looking into is if we should change to Elastic. We are making a proof of > concept system that uses it to evaluate its performance and such compared > to the latest Solr. > > We are looking for feedback from people who have a strong opinion about > this. As of right now, it isn’t clear what we gain by moving to Elastic > (and some say we’ll get a performance decrease from it during ingest for > standalone deployments) for the current Autopsy features (text search). > But, there is a theory that if we put more data into the index (times and > other metadata) that other module writers could do some cool stuff with it > (though that data is already in the SQLite database). > > Basic question is, If we simply upgrade to Solr 6 and make some schema > changes to take advantage of new features, who would be sad that we didn’t > jump to Elastic and why? > > brian > > > ------------------------------------------------------------ > ------------------ > Developer Access Program for Intel Xeon Phi Processors > Access to Intel Xeon Phi processor-based developer platforms. > With one year of Intel Parallel Studio XE. > Training and support from Colfax. > Order your platform today. http://sdm.link/xeonphi > _______________________________________________ > sleuthkit-users mailing list > https://lists.sourceforge.net/lists/listinfo/sleuthkit-users > http://www.sleuthkit.org > |
