mirror of
https://github.com/overcuriousity/autopsy-flatpak.git
synced 2025-07-06 21:00:22 +00:00
plaso (Plaso Langar Að Safna Öllu) - super timeline all the things In short, plaso is a Python-based backend engine for the tool log2timeline. A longer version: log2timeline is a tool designed to extract timestamps from various files found on a typical computer system(s) and aggregate them. The initial purpose of plaso was to collect all timestamped events of interest on a computer system and have them aggregated in a single place for computer forensic analysis (aka Super Timeline). However plaso has become a framework that supports: * adding new parsers or parsing plug-ins; * adding new analysis plug-ins; * writing one-off scripts to automate repetitive tasks in computer forensic analysis or equivalent. And is moving to support: * adding new general purpose parses/plugins that may not have timestamps associated to them; * adding more analysis context; * tagging events; * allowing more targeted approach to the collection/parsing. Also see: * Homepage: https://github.com/log2timeline/plaso * Downloads: https://github.com/log2timeline/plaso/releases * Documentation: https://github.com/log2timeline/plaso/wiki