Installation and Setup
This section will guide you through the steps necessary to install and set up ForensicVM on your system.
AutopsyVM Client Plugin Installation
Introduction
The AutopsyVM client plugin is a valuable addition to Autopsy, enhancing its functionality for digital forensics. Follow the steps below to install the plugin.
Step 1: Download ForensicVM.exe Setup File
Download the latest version of the ForensicVM.exe setup file from the [AutopsyForensicVM GitHub Releases](https://github.com/nunomourinho/AutopsyForensicVM/releases) page. Navigate to the “Assets” section and download the setup file.
Step 2: Run the ForensicVM.exe Setup
Run the ForensicVM.exe setup file to begin the installation process. The setup consists of four steps:
Welcome Screen: Displays an introduction to the installation process.
Component Installation: Proceed with the default settings. Do not make any changes.
Plugin Location: Specify the location where the AutopsyVM client plugin will be installed. Typically, this does not require any changes.
Install: Click the “Install” button to start the installation process.
Step 3: Complete the Installation
Follow the on-screen instructions to complete the installation. Once the installation is finished, you can proceed with using the AutopsyVM client plugin in Autopsy.
Step 4: Verify the Installation
To verify the successful installation of the AutopsyVM client plugin, open Autopsy and check if the plugin is available and functional.
Screenshots
Here are the screenshots that illustrate the installation process:
Initial Setup
After successfully installing ForensicVM one needs to configure the AutopsyVM plugin. The initial configuration is composed of the following steps:
Step 1: In Autopsy: Add a new data source to Autopsy. This new data source is the forensic image that we need to convert to a forensicVM
Add datasource
Specify a new hostname
Next
Step 2: Select your Disk Image
Select the option disk image or VM FIle
Next
Step 3: Select your forensic image
Browse for your forensic image, select it
Click Next
Step 4: Run the ForensicVM client plugin
Deselect all other plugins
Select the forensicVM Client plugin
Click next
Step 5: Open your forensicVM Server web address in the admin. Ex: https://<ip-or-web>:port/admin
Enter user and password
Click the login button
Step 6: Add a new user
Enter user, password and password confirmation dialogues
Click SAVE
Step 7: Add a new api key to the user
Click the add button on the api keys
Select the user
Click the plus sign
Step 8: Copy the user API key
Select the newly created API key
Press CTRL + C or copy it using the right mouse button and select copy
Step 9: Paste the user API key
Put the mouse on the Forensic API field
Press CTRL + V or paste it using the right mouse button and select paste
Step 10: Fill and test the Forensic VM Server configuration
Put the mouse on the Forensic VM server address. Fill in the information with your server address
Click the Test Server Connection to test if API and server address are correct
Step 11: Forensic VM Server configuration test success
If all pieces of information are correct and if the server is online you should see a connected successfully dialog box.
If there are any problems, you should see a red error dialogue. Please check and correct the field values.