3.3. Adding a Host¶
To add data from a host, press Add New Host from the Incident Dashboard. You’ll be prompted to choose a method.

Add New Host Panel¶
As mentioned in the previous chapter, Cyber Triage supports a variety of ways of getting host data into it. Some scenarios will involve using the Cyber Triage Collector tool to extract artifacts from a live system. Others involve importing an already collected data set, such as an E01 image.
The basic process is:
Ensure the threat intelligence is up to date (Update Threat Intelligence)
Choose the method to add (Getting Data Into Cyber Triage)
Configure the automated analysis settings, such as malware scanning (Ingest-Time Settings)
The details are in the following pages:
- 3.3.1. Basic Concepts
- 3.3.2. Update Threat Intelligence
- 3.3.3. Add Over The Network - PsExec Launch
- 3.3.4. Add a Cyber Triage Collector File
- 3.3.5. Add Over The Network - Manual Launch
- 3.3.6. Add a Disk Image
- 3.3.7. Add a Memory Image
- 3.3.8. Add KAPE Output
- 3.3.9. Add Logical Files and Folders
- 3.3.10. Add a Local Windows Disk
- 3.3.11. Add Linux UAC Output