plaso
plaso copied to clipboard
log2timeline
Super timeline all the things
**Description of problem:** In the hash_plugins analyzer, threads are not instantiated in the same process as the one in which they are executed. This pattern causes an undefined behavior of...
Move output mediator out of output module constructor and pass as argument instead
Clean up usage of processing configuration, knowledge base and session * session to contain basic information about invocation of tools * processing / session configuration to contain tool provided options...
**IIS parser failing to parse log entries** IIS is failing to parse millions of log entries in 50gb data set **Command line and arguments:** execution chain thru dftimewolf for log...
Ref: https://github.com/vim/vim/blob/master/src/viminfo.c
Apple uses .ips files to store files related to application crashes and other types of events. The format is a blend of a JSON object and a YAML object. I...
**Description of problem:** Since MacOS Big Sur (and later), the known wifi network information has moved from `/Library/Preferences/SystemConfiguration/com.apple.airport.preferences.plist` to `/Library/Preferences/com.apple.wifi.known-networks.plist`. The plugin could be updated to support this: https://github.com/log2timeline/plaso/blob/main/plaso/parsers/plist_plugins/airport.py **Plaso...
* [ ] add unit tests for jsonl_parser and jsonl_plugins/interface * https://github.com/log2timeline/plaso/pull/4725 * [ ] handle corrupt log lines like text parser
**Description of problem:** We have two images (from different aquisition tools, differents systems, different examiner) which fail to be parsed with log2timeline.py. Shortly after starting the process, the following error...
