macro_rules! notify_medium {
($typ:expr, $($arg:tt)+) => { ... };
}Expand description
Alerts of a suspicious evidence found during the processing of an artifact.
use forensic_rs::prelude::*;
notify_medium!(NotificationType::AntiForensicsDetected, "The artifact {} has been tampered: filled with zeros.", r"C:\Windows\Prefetch\POWERSHELL.EXE-AE8EDC9B.pf")