EnCase EnScript Operations Guide
EnCase EnScript Operations Guide#
The EnCase EnScript integration transfers selected evidence entries from an OpenText EnCase case into an authenticated unJaena collection session. It does not replace EnCase acquisition, examiner validation, or evidence preservation procedures.
Use Cases#
- Send files or logs already identified in EnCase into AI analysis.
- Upload selected evidence instead of an entire image.
- Combine EnCase-led examination with unJaena AI reporting.
- Transfer examiner-selected evidence when direct collector execution is not practical.
Workflow#
- Prepare a collection session for the unJaena case.
- Open the case in EnCase and select evidence entries to upload.
- Run the EnScript and confirm session and consent steps.
- Upload entries that fit the authorized collection profile.
- Check parsing and indexing status in the unJaena case.
- Review the evidence in AI analysis, manual review, timeline, and reports.
Publicly Described Transfer Context#
| Category | Example |
|---|---|
| File content | Byte stream for selected evidence entries |
| File metadata | Filename, size, hash, and source-path context |
| Session context | Authenticated collection session and case linkage |
| Consent record | Operator consent confirmed before collection |
Detailed API headers, server validation logic, and internal profile generation are not published here.
Troubleshooting Checklist#
| Symptom | Check |
|---|---|
| Authentication fails | Expired authentication context, case state, need for a new collection session |
| Selected entry upload fails | File access, entry size, network connection, profile scope |
| Uploaded item not visible | Case processing state, parser queue, supported format |
| Duplicate upload | Same hash and source path already processed |
Security and Legal Notes#
- Use only for cases where you have lawful authority.
- Keep EnCase original evidence preservation and hash verification separate.
- Review retention and deletion settings before uploading sensitive data.
- Do not publish internal server paths, tokens, private rules, or customer-specific policy in public packages.
Next Steps#
Continue in the service
Move from this guide into a sample workflow or the relevant upload surface. Upload real evidence only when you have lawful authority.