macro_rules! notify {
($priority:expr, $typ:expr, $($arg:tt)+) => { ... };
}Expand description
Alerts of a suspicious evidence found during the processing of an artifact.
use forensic_rs::prelude::*;
notify!(Priority::High, NotificationType::AntiForensicsDetected, "The artifact {} has been tampered: filled with zeros.", r"C:\Windows\Prefetch\POWERSHELL.EXE-AE8EDC9B.pf")