In Digital Forensics, as a best practice, an investigator should collect data from the most volatile source to the least volatile source. Usually, when talking about live/Dynamic Acquisition, most textbooks starts with the RAM as the most volatile data source even though CPU registers are more volatile. However, I can't seem to find a source describing data acquisition from a suspected device's CPU. Since running any program will change at least one register (EIP/RIP). So my questions are, Is neglecting the data within the registers is because there is no investigative value for them? or because it is not possible?
And -depending on the answer for the above question- Is there a way to do so?