[sleuthkit-users] Naming Help Needed

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

We're about to release the first version of a new database that Autopsy can
use to support various analytical features and we're having trouble with
terms and naming.  So, we are seeking some more opinions.

Question 1) A file has additional data, such as its path and MD5 values.
What do you call those?  We've used the terms feature, indicator, artifact,
property, etc.  Which makes the most sense to you?

Question 2) A web bookmark has additional data, such as dates and URL.
What do you call those?  Same as in Q1?

To give some more context, we are about to release a new database that can
be used to correlate data between cases (or between devices in the same
case).  But, we need a name to describe what we are storing, which includes:
- MD5 hash of files
- path of files
- Email addresses
- Domain names
- Phone numbers

For a while, we were referring to these as artifacts, but that got too
confusing because we already have a notion of artifacts in Autopsy, which
are "bigger" things like web bookmarks and  keyword hits.

thanks,
brian