Feat/diag pack content

conf.py

@@ -1,7 +1,7 @@
 import os
 
 project = 'THOR Util Manual'
-copyright = '2025, Nextron Systems GmbH'
+copyright = '2026, Nextron Systems GmbH'
 author = 'Nextron Systems GmbH'
 version='1.0'
 extensions = [

usage/diagnostics.rst

@@ -5,9 +5,9 @@ Diagnostics
 ===========
 
 If THOR does not behave like it should, e.g. using more resources than
-you expected, taking more time with the scan as usual or unexpectedly
+you expected, taking a prolonged time to finish a scan, or unexpectedly
 exits with a generic error, you can create a diagnostics pack for our
-support to help in troubleshooting the issue.
+support to help you troubleshoot the issue.
 
 This can be done using THOR Util's diagnostics command.
 
@@ -32,8 +32,11 @@ of the data collection and can be changed using the ``--output`` flag.
 Get diagnostics of a running THOR scan
 --------------------------------------
 
-The generally preferred method of collecting THOR diagnostics is to run THOR Util's
-diagnostics command directly when the issue is occurring.
+The preferred method of collecting THOR diagnostics is
+to run THOR Util's diagnostics command directly when
+the issue is occurring. This generally means if you
+suspect THOR is stuck during a scan, high memory or
+CPU usage by THOR, or anything else during its runtime.
 
 .. code:: doscon
 
@@ -42,17 +45,42 @@ diagnostics command directly when the issue is occurring.
 Get diagnostics of a finished THOR scan
 ---------------------------------------
 
-If the THOR run is already finished, you can also use the diagnostics
-command like above with reduced information being collected.
-
-Another possibility is to use the ``--run`` flag to rerun the last
-THOR scan. In addition to conveniently rerunning the scan, THOR
-Util can now watch over the THOR process for interrupting signals
-from other processes (e.g. anti virus) which greatly helps in
-determining if anti virus exclusions for THOR are applied correctly
-or not. Using the ``--run`` flag should be the preferred method if
-THOR is exiting unexpectedly.
+If the THOR run is already finished or stopped unexpectedly,
+you can also use the diagnostics command above, with the
+biggest downside that only a reduced - and mostly not helpful -
+amount of information can be collected. In those cases, you
+should use the ``--run`` flag to rerun the last THOR scan.
+Using the ``--run`` flag is the preferred method if THOR
+is exiting unexpectedly/randomly.
 
 .. code:: doscon
 
    C:\thor>thor-util.exe diagnostics --run
+
+What data is being collected
+----------------------------
+
+The below data is being collected by THOR Util's
+diagnostics function:
+
+- A log of THOR Utils diagnostics run itself
+- Go Profiles for CPU, Memory and Go routines, see: https://go.dev/blog/pprof
+- THOR's running configuration parameters
+- A process list of all running processes on the machine. (this
+  helps tremendously identifying processes that might disturb
+  THOR, like an AV/EDR)
+- A process dump of the running THOR instance
+- The progress state of the running THOR instance
+- A dump of the THOR DB
+- The latest THOR log
+
+.. hint::
+   Critical or personal information may be present in the THOR log, THOR DB dump,
+   running process list, in the THOR process dump, and in the progress report
+   (working item details like path information). The profiles may allow insights
+   on what type of data is being scanned but does not contain any specific pieces
+   of data.
+
+The diagnostics pack is only used to debug the issues you are facing with
+THOR and will be deleted from our systems once the root cause of your issue
+was found.

usage/templates.rst

@@ -1,6 +1,3 @@
-.. role:: raw-html-m2r(raw)
-   :format: html
-
 Templates
 ===========================