GitHub - aarontp/plaso: Super timeline all the things

plaso (Plaso Langar Að Safna Öllu)

super timeline all the things

In short, plaso is a Python-based backend engine for the tool log2timeline.

A longer version

log2timeline is a tool designed to extract timestamps from various files found on a typical computer system(s) and aggregate them.

The initial purpose of plaso was to collect all timestamped events of interest on a computer system and have them aggregated in a single place for computer forensic analysis (aka Super Timeline).

However plaso has become a framework that supports:

adding new parsers or parsing plug-ins;
adding new analysis plug-ins;
writing one-off scripts to automate repetitive tasks in computer forensic analysis or equivalent.

And is moving to support:

adding new general purpose parses/plugins that may not have timestamps associated to them;
adding more analysis context;
tagging events;
allowing more targeted approach to the collection/parsing.

Project status

Travis-CI	AppVeyor	Coveralls

Name	Name	Last commit message	Last commit date
Latest commit joachimmetz Code review: 309960043: Updated review script. Oct 11, 2016 0ee446e · Oct 11, 2016 History 1,466 Commits
.github	.github	Code review: 289540043: Add github issue and pull request templates.	Mar 18, 2016
config	config	Code review: 309960043: Updated review script.	Oct 11, 2016
data	data	Code review: 306720043: Create analyzers subsystem, add Yara support.…	Jul 20, 2016
docs	docs	Code review: 307190043: Added dpkg.log parser log2timeline#665	Sep 21, 2016
plaso	plaso	Code review: 312740043: Changes for running tests with tox log2timeli…	Oct 11, 2016
test_data	test_data	Code review: 311730043: Improved winevtx parser log2timeline#995 .	Sep 22, 2016
tests	tests	Code review: 312740043: Changes for running tests with tox log2timeli…	Oct 11, 2016
tools	tools	Code review: 312740043: Changes for running tests with tox log2timeli…	Oct 11, 2016
utils	utils	Code review: 309960043: Updated review script.	Oct 11, 2016
.gitignore	.gitignore	Code review: 308850043: Fixes for psort failing on for end-to-end tests	Aug 1, 2016
.travis.yml	.travis.yml	Code review: 311910043: Changes to fix failing Mac OS X tests on Travis	Oct 8, 2016
ACKNOWLEDGEMENTS	ACKNOWLEDGEMENTS	Code review: 287490043: Small changes for deployment.	Mar 12, 2016
AUTHORS	AUTHORS	Code review: 303610043: Updated version and authors.	Sep 18, 2016
CONTRIBUTING.md	CONTRIBUTING.md	Code review: 285310043: Changed super class of XLSXOutputModule log2t…	Feb 3, 2016
LICENSE	LICENSE	Code review: 153320043: Changes for project move.	Dec 31, 2015
MANIFEST.in	MANIFEST.in	Code review: 298910043: Removed protobuf serialization log2timeline#681	May 11, 2016
README	README	Code review: 172650043: Minor changes to TravisCI configuration and m…	Dec 31, 2015
README.md	README.md	Code review: 222070043: Code clean up.	Dec 31, 2015
appveyor.yml	appveyor.yml	Code review: 302270043: Changes to AppVeyor configuration.	Jul 27, 2016
requirements.txt	requirements.txt	Code review: 311080043: Cleanup of pytsk3 in dependencies.py log2time…	Oct 6, 2016
run_tests.py	run_tests.py	Code review: 285950043: Fixes for flaky tests log2timeline#411	Jan 27, 2016
setup.cfg	setup.cfg	Code review: 311080043: Cleanup of pytsk3 in dependencies.py log2time…	Oct 6, 2016
setup.py	setup.py	Code review: 307900043: Added script to generate dependencies log2tim…	Jul 24, 2016
tox.ini	tox.ini	Code review: 309380043: Split tox and requirements and updated depend…	Sep 16, 2016

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

plaso (Plaso Langar Að Safna Öllu)

A longer version

Project status

Also see

About

Releases

Packages

Languages

License

aarontp/plaso

Folders and files

Latest commit

History

Repository files navigation

plaso (Plaso Langar Að Safna Öllu)

A longer version

Project status

Also see

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages