Forsta Message Vault: https://github.com/ForstaLabs/message-vault
This is a bot that performs secure autonomous monitoring of an entire organization's messaging traffic, storing all messages and useful metadata to support basic forensic searching and retrieval of messages via a UI on the bot's website.
The Why — Decentralized Data Security
What is important to Forsta is that your messaging data is only accessible to messaging clients that you are in control of, whether the client is an app running on the phone in your pocket, or a bot that is running on a server in your datacenter or the compute cloud of your choice.
Some organizations need to be able perform forensic e-discovery on past messages. Others may need to be able to automatically monitor for transmission of sensitive information. Or maybe they want something to automatically deliver sensitive information, or answer help-desk questions and handle after-hours inquires. Or individual users might want to be able to securely access their own message histories after buying a new phone and reinstalling their messaging client.
There are countless needs like these, and typically they are satisfied using centrally-managed infrastructure that can receive, store, process, and respond to messages as needed. Even systems that have pluggable architectures to facilitate outside development of these sorts of capabilities usually rely on a centralized approach. Unfortunately, the centralized approach provides a tempting, centralized target for outside attackers -- and it also requires users to trust that insiders won't abuse their access to all messages. Forsta is different.
Forsta does not offer anything that depends on centralized receipt, storage, or processing of users’ messaging data. Instead, Forsta makes it trivial for others to run messaging “bots” to perform these functions. These bots are just another kind of messaging client, like the messaging clients running in users’ browsers and on their phones. And just like the other messaging clients, Forsta bots send and receive end-to-end encrypted messages to do their work while running in a context controlled by the user.