Technical docs
Supported Sources
Launch-scope source categories for local evidence review and enterprise enrichment.
Source categories
TraceLodger documentation should describe supported categories without implying that every provider, platform, browser, and artifact family has equal parser depth.
- Desktop AI application artifacts where implemented.
- Browser history, storage, downloads, and share-style traces where supported.
- Claude local-agent session audit logs and produced artifacts where retained.
- Provider account exports and selected compliance exports.
- iPhone KnowledgeC, Biome, consolidated location, and media metadata where supported.
- Enterprise alerts, case metadata, Purview or eDiscovery context, and manual review inputs.
- Validation corpora, release-gate metadata, and provenance export bundles.
Input model
The evidence target is a local directory tree. It can be a mounted evidence source, a logical extraction, a copied filesystem tree, or a Docker-mounted workspace path.
- Direct raw disk image input is outside current target behavior.
- Direct archive handoff is outside current target behavior.
- Operators should mount or extract source material first, then run the pipeline against the exposed directory.
- Evidence-root containment blocks traversal or symlink escapes outside the target tree.