We have just pushed out FEC v3.13. In addition to the numerous under-the-hood improvements, this version introduces two major new features:
Unified Query Builder
This feature has been requested in various contexts since we released the in-place search functionality in FEC. Some of you wanted an easier way to construct IMAP searches, and some of you really wished we had a date picker and a label picker for Gmail searches.
All that valuable feedback culminated in a unified query builder that brings a common interface to Gmail / G Suite, Exchange / O365, and IMAP searches. Here is what it looks like:
Once we completed work on the Unified Query Builder, I was pleasantly surprised by how concise and efficient the search queries we have been able to produce were. Even if you don’t mind putting search queries together with a text editor or spreadsheet, I suggest you play with the Unified Query Builder and take a look at how it forms the in-place search queries.
Packaging Drive Attachments/Revisions with Parents
It is now possible to package Google Drive attachments and revisions with their parent messages. This helps form a parent/child relationship and allows you to run the entire family through subsequent investigative or eDiscovery steps.
Packaging is possible for MIME and MSG output and can be done at the time of the acquisition or after the fact as a post-acquisition action.
I have already updated the download links in the community and you can find the complete list of changes in FEC’s changelog. I hope you enjoy the new features!