Documentation update in progress
GoldFynch's Advanced Search feature is receiving a major update, and so is its documentation. You can, however, find out more about the system by taking a quick guided tour within the the GoldFynch web application itself. To do so, open up the Advanced Search view, click on the
Create New Search button, then click on the button in the top-right corner (next to the help button.)
The Advanced Search feature is a powerful tool which makes use of logical operators like 'AND,' 'OR,' and 'NOT' to group together multiple search queries ("conditions") and produce refined search results.
You can perform an advanced search from both the upper search bar, or by clicking into the 'Advanced Search' view.
Using the 'Advanced Search' view
To access the Advanced Search view, click on the Advanced Search button from the left menu.
When you perform a search from the 'Advanced Search' view, you do so by building a search query using conditions, and linking the conditions together in groups using the query operators: "AND," "OR," and "NOT."
Each condition consists of:
- The parameter that you are searching by (e.g. by the "subject" line of emails, or the "type" of files)
- The corresponding value that you are looking for (e.g. the subject line "Revisions," or the file type "PDF".)
- Some conditions have connectors (e.g. "pages < 15"))
Groups determine the ways your conditions combine, and this will determine what you search query will look for as it searches through your files.
To build a search query, drag conditions and the query operators AND, OR, and NOT, which are found on the far right of the screen, into the query builder space to build your query. You can also:
- Click on the pencil icon of a condition to choose its parameter and add values to it
- Delete a group or condition by clicking on the trashcan icon
- Delete a group while keeping the conditions it contains intact by clicking on the indentation icon
- Drag around placed groups and conditions to relocate them
Let's start with the basics:
A basic search can be performed using just a single Condition without needed to use a group's logical connectors.
1. Creating a new search
To search for a word or term:
Step 1. Click the 'Advanced Search' view in the left pane
Step 2. Click on the
Create New Search button to create a new search query. Notice there is a warning message in the 'query preview' area. This is because we don't have a completed search query yet.
Step 3. Click on the 'edit' icon (the pencil) against the 'Body CONTAINS' text
Step 4. Type a term to search for in the 'value' field
Step 5. Click the
search execute button to run the query. In the example below, a query is run to find the word 'insurance.'
2. Save Searches
GoldFynch allows you to name and save your search queries. Saving searches allows you to:
- Reproduce results: Useful for quickly searching document sets
- Edit searches: if you create a complex search with different terms, you can save a base version and load it up again for quick editing
- Share searches with shared users: All saved search queries are available across the case for all shared users.
Here's how to save searches:
After creating your search, click on the red text under the search bar and give it a name
Click on the
save as...buttons to save the search
To load searches:
Click on the
openbutton to see a list of saved searches that you can choose from
Click on a saved search to load it. Note that your current search will be discarded
To delete saved searches:
Load the saved search you wish to delete
Click on the
Confirm the deletion in the overlay that appears
3. Undo and Redo
If you have made a change to your search query that you want to undo, you can use the
undo button. Similarly, to revert to a change that you'd made before using undo, you can use the
Undo and Redo can save you a lot of time while building and editing complex queries
Advanced Search Functions:
1. Searching against other parameters
To search against a particular parameter:
1.Click on the edit icon (the pencil) against the "body CONTAINS" text 2. Click on "body" to open a drop-down list that will contain the different search parameters you can search against (by default this is "body") 3. Based on the type of parameter, you will need to provide a value to search against by entering text, selecting a date, or picking an item from the drop-down menu.
Here is an example using the 'tags' parameter:
- Select 'tags' from the 'type' drop-down list
- The value field (on the right) will automatically populate with all available tags, out of which you will need to select one
- Start typing the name of the tag in value field to filter the tags OR click the name of the tag in the drop-down
- When the tag is selected, the query string is now created and the warning message disappears. In the image below we create a search query for files with the tag 'testing tags' The tag query in the preview will be
"tags = testing tags"
- Click the
search execute buttonto run the query
Here are descriptions of email-specific metadata parameters:
- subject: Restricts the search rule to subject line of the individual email in the case
- to.address: Restricts the search rule to the 'to' field of the email
- from.address: Restricts the search rule to the 'from' field of the email
- cc.address: Restricts the search rule to the cc (carbon copy) email addresses
- bcc.address: Restricts the search to the 'bcc' field of the email
- recipient.address: Restricts searches to the 'to', 'cc' and 'bcc' fields at the same time, without needing to construct and link each individual parameter in the query with an 'OR' operator
- participant.address: Restricts searches to the 'to', 'cc', 'bcc' and 'from' fields at the same time, without needing to construct and link each individual parameter in the query with an 'OR' operator (it functions identically to recipient.address but also includes the 'from' parameter)
- (field).address.domain: Restricts the search to the 'domain' component of the email (e.g. the query "from.address.domain is gmail.com" would display emails sent from addresses like "firstname.lastname@example.org") The valid domain fields are 'from', 'to', 'cc', 'bcc', 'recipient', and 'participant'.
Correct usage for email metadata parameters - full email address
Wrong usage for email metadata parameters - incomplete email (.com is missing)
Wrong usage for email metadata parameters - incomplete email (no name before @)
Here are descriptions of general files' metadata parameters:
- name: Restricts the search rule to the names of files. The full word will need to be present (e.g. searching for "discovery" will not produce results with "ediscovery")
- body: Restricts the search rule to the body of the document. In the case of emails that are replies or forwards, this will include all quoted content from earlier mails in the email thread
- type: Restricts the search to the file type of files
- hash: Restricts the search to the hash value (file fingerprint) of files, i.e. the calculated md5 hash value. The md5 hash value is used to detect exact duplicates in GoldFynch
- pstate: Restricts the search to one of the 4 processing states of the files:
- Queued: For files that have been uploaded to the server but not yet processed and are in line to be processed
- Processing: For files that are currently processing (read more about processing)
- Processed: Files that have successfully processed
- Errored: Files that were unable to be processed (read more about how errored files are handled)
- Custodian: The custodian of a file. This is assigned by the user during upload
- Source: The source of a file. This is assigned by the user during upload
- name.ext: Restricts the search to the file extension of documents
- Note that the "." before the extension should be left out (e.g. "name.ext = txt" not "name.ext = .txt")
- name.term: Searches for the exact full name of a file (e.g. name.term = agreements/drafts/draft_v0.9.pdf)
- name.dirs: Restricts the search to a particular directory (e.g. name.dirs = agreements) To search a subfolder, enter its full path (e.g. name.dirs = agreements/drafts) Note that when a parent directory is searched for, files in sub-folders are included as well
- directory: Functions similarly to the 'name.dirs' parameter, but when used in the 'Advanced Search' view it provides a 'Browse' overlay to help you select a folder
- tags: Restricts the search to the tags and codings that the case contains
- body.date: Restricts the search to all dates found in the body of documents
- date: Restricts the search to primary dates of files relative to an entered date (compared using the symbols =, >, <, >=, <=)
- Note that unlike the
Suggestionstab of the search bar, Advanced Searches require the date format "YYYY-DD-MM"
- Note that unlike the
- ingestion-date: Similar to the 'date' parameter, this restricts the search to the date of files relative to an entered date
- attachment-depth: Checks the 'depth' of an attachment file or a file extracted from one. So a child of a child file (e.g. a text document that is extracted from a zip file, which is itself an attachment to an email) would have an attachment-depth = 2
- family-role: Searches for files that are of a specific role in a file family's hierarchy (i.e. whether it's a container file, a file with attachments, an attachment, etc.)
- pages: Looks for files with a specific number of pages
Making complex queries
You can also create compound searches with multiple search parameters by adding new rules, connecting them with operators, and sorting them into groups:
Actions you can perform with rules and groups:
- Click on the
+NEW RULEbutton on a group's action bar to add a new rule inside that group
- Add new groups: Click on the
+NEW GROUPbutton on a group's action bar to add a new group within that group, along with a new rule inside the newly-created group
- Add a group around a rule: Click on the
WRAP WITH GROUPbutton on a rule to create a new group around that rule
Rearrange groups and rules: Clicking on the movement icon in the top left of a rule or group and dragging it over a new group allows you to move it from one group to another, including to nest one group inside another. (NOTE: GoldFynch is built to prevent redundant or illogical group and rule movements. If the destination group turns green when you drag a group or rule over it, it is a valid movement)
Raise a group's level: Click on the
RAISE THIS RULEbutton to replace a rule's parent group with the rule itself (NOTE: if this is used on a rule that is part of a group with multiple rules, it will replace the entire group, and thus all of the other rules the group contains. Use the 'undo' feature if this happens unintentionally)
Taking the earlier example of creating a new rule and building off of it, we can make a complex query like the one below:
1 - From the simple query "body CONTAINS categorization" (Rule 1), a new rule (Rule 2) of "body CONTAINS encroachment" was created by clicking on the
+NEW RULE button (and entering the keyword "categorization")
2 - A new group (Group 2) was created by clicking on the
+NEW GROUP button. This also created a new rule, Rule 3 (as using the
+NEW GROUP button automatically creates a new rule) for which the keyword "urbanization" was added
3 - Rule 2 was dragged into Group 2 by clicking on the movement icon and dragging it over Group 2's box
4 - Rule 1's
WRAP WITH GROUP button was clicked on, wrapping it with Group 3
NOTE: Group 1 is not mentioned in the query preview or referred to in the example. It is the container group that is present for every query, and represents the query as a whole.
- Selecting the AND operator: All conditions imposed by rules linked with the AND operator need to be fulfilled by a file for it to appear as a search result
- Selecting the OR operator: If any of the conditions imposed by rules linked with the OR operator are fulfilled by a file, it will appear as a search result
- Using the NOT operator (written in the query preview as NOT): Files outside of the conditions imposed by a rule with the NOT operator are added to the search results
Using the 'tags' parameter, in the following example we create a compound tag query for all items in the case that have tags "taggedsolo" and "first10relevant", and that are also emails (by setting the 'type' parameter to "email").
Choosing NOT as the logical operator allows you to search for items that do not have the entered tag attached to them. In the example below, when the search is executed, all items that do not have the tag "confidential" attached them will be returned in the search results. This is particularly useful when you want to search only through documents that do not contain tags for documents marked "confidential" or "privileged".
3. Using the slop search function
Adding a slop value to a phrase search using the 'body', 'subject' or 'name' parameters increases the flexibility of the search: GoldFynch finds documents that contain all the words in your phrase query, and then check how many times a word will need to be moved to get an exact match with the queried phrase. If the distance is less than or equal to the slop value, those documents are then included in the results of the search.
To use the slop function:
- Select the 'body', 'subject' or 'name' parameter in the 'Advanced Search' view
- Enter the phrase you wish to perform the search for in the 'value' field
- Enter the slop value you wish to search with in the box on the right of the 'value' field
- Click the
search execute buttonto run the query
At a slop value of 0, words will need to match your search query exactly. There are no exact matches in this case:
Searching with a slop value of 1 in this case produces 1 result, with the queried phrase's words separated by 1 word:
Raising the slop value to 3 sets a broad search range:
Advanced searches via the search bar
Performing an advanced search directly from the search bar can make searching for files much faster than using the Advanced Search view. Here, you need to type out the query into the search bar at the top of the screen. The queries will be identical to the queries generated from the 'query preview' section of the Advanced Search view.
When performing an advanced search from the search bar:
- Begin typing in the search bar at the top of the screen
- Select the 'Advanced Search' tab in the drop-down menu that appears under the search bar
- Continue typing your query in the search bar till it is complete
- Hit the
returnkey to perform the search
As you type out your search query, GoldFynch tracks whether your query up till that point is valid, and provides you with the available options to complete the query.
The information contained by the Advanced Search tab can be broken into:
1. Error information
- Parse error: The first line provides you with the location of the first invalid section of your entered query (in the above example, "column 6" denotes the 6th character in the query)
- Text entered: The second line displays the text you've entered so far into the search bar
^symbol is displayed below your search query to point out the character mentioned by the parse error. In the example below, the query is valid till "body.date " but the symbol
-is invalid, and needs to be changed to a valid symbol.
2. Expected text
- As you begin typing your query based on the parameter you've chosen, GoldFynch will give you a list of the valid characters, parameters or operators that you can use
- The parameters are the same as the ones described in the 'Advanced Search' view section at the beginning of this post
- The operators AND, OR, and NOT, can be used to join multiple search parameters together
- Parenthesis ( ) can be used to group search terms together
Things to keep in mind while performing advanced searches from the search bar:
- The operator to be used after the parameters 'body' and 'subject' is 'CONTAINS' (e.g. "subject CONTAINS invoices"), whereas all other parameters use "=" (e.g. "date = 2014-01-12")
- A slop value can be assigned to a 'body' or 'subject' section of a search query by adding "\~X" immediately after the phrase's quotation marks (where X is the slop value)
- Until the word is fully typed out, the parse error message will refer to erroneous word's first character. For example, as in the image below, when you type "body CONTAINS advocate" and stop typing after "body CONTAIN" it will display the error at "C":
- Only after the "S" in "CONTAINS" is entered will it look at the next section, which would be the " " (space) following the CONTAINS operator. The parse error then points to the " " (space) after the CONTAINS operator
- Finally, typing in the value or string to be searched against will make the query valid and allow you to perform the search. Note that even the first character typed at this point will fulfill the requirement - don't forget to complete your word!