Public Repository

Last pushed: 18 days ago
Short Description
plaso (Plaso Langar Að Safna Öllu) is a Python-based backend engine for the tool log2timeline.
Full Description

log2timeline is a tool designed to extract timestamps from various files found on a typical computer system(s) and aggregate them.

The initial purpose of plaso was to collect all timestamped events of interest on a computer system and have them aggregated in a single place for computer forensic analysis (aka Super Timeline).

However plaso has become a framework that supports:

adding new parsers or parsing plug-ins;
adding new analysis plug-ins;
writing one-off scripts to automate repetitive tasks in computer forensic analysis or equivalent.

Docker Pull Command
Owner
log2timeline